entrouvert
/
debian-http-ece
17
0
Fork 0
Code Issues Pull Requests Releases Activity

tarball import for version 1.1.0

This commit is contained in:
Benjamin Dauvergne 2023-12-07 11:05:33 +01:00
parent 9ec41f766c
commit 95418f2fc0
13 changed files with 32 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
MANIFEST.in Executable file → Normal file
View File

3
PKG-INFO Executable file → Normal file
View File

@ -1,12 +1,11 @@
Metadata-Version: 1.1 Metadata-Version: 1.1
Name: http_ece Name: http_ece
Version: 1.0.5 Version: 1.1.0
Summary: Encrypted Content Encoding for HTTP Summary: Encrypted Content Encoding for HTTP
Home-page: https://github.com/martinthomson/encrypted-content-encoding Home-page: https://github.com/martinthomson/encrypted-content-encoding
Author: Martin Thomson Author: Martin Thomson
Author-email: martin.thomson@gmail.com Author-email: martin.thomson@gmail.com
License: MIT License: MIT
Description-Content-Type: UNKNOWN
Description: Encipher HTTP Messages Description: Encipher HTTP Messages
Keywords: crypto http Keywords: crypto http
Platform: UNKNOWN Platform: UNKNOWN

2
README.rst Executable file → Normal file
View File

@ -2,7 +2,7 @@ encrypted-content-encoding
========================== ==========================
A simple implementation of the `HTTP encrypted A simple implementation of the `HTTP encrypted
content-encoding <https://tools.ietf.org/html/draft-nottingham-http-encryption-encoding>`_ content-encoding <https://tools.ietf.org/html/rfc8188>`_
Use Use
--- ---

6
debian/changelog vendored
View File

@ -1,3 +1,9 @@
http-ece (1.1.0-1) UNRELEASED; urgency=medium
* import tarball for version 1.1.0
-- Benjamin Dauvergne <bdauvergne@entrouvert.com> Thu, 07 Dec 2023 11:05:09 +0100
http-ece (1.0.5-1) unstable; urgency=low http-ece (1.0.5-1) unstable; urgency=low
* source package automatically created by stdeb 0.8.5 * source package automatically created by stdeb 0.8.5

2
debian/control vendored
View File

@ -7,7 +7,7 @@ Build-Depends: debhelper-compat (= 12),
flake8, flake8,
python3-all, python3-all,
python3-coverage, python3-coverage,
python3-cryptography, python3-cryptography (>= 2.5),
python3-flake8, python3-flake8,
python3-mock, python3-mock,
python3-nose, python3-nose,

3
http_ece.egg-info/PKG-INFO Executable file → Normal file
View File

@ -1,12 +1,11 @@
Metadata-Version: 1.1 Metadata-Version: 1.1
Name: http-ece Name: http-ece
Version: 1.0.5 Version: 1.1.0
Summary: Encrypted Content Encoding for HTTP Summary: Encrypted Content Encoding for HTTP
Home-page: https://github.com/martinthomson/encrypted-content-encoding Home-page: https://github.com/martinthomson/encrypted-content-encoding
Author: Martin Thomson Author: Martin Thomson
Author-email: martin.thomson@gmail.com Author-email: martin.thomson@gmail.com
License: MIT License: MIT
Description-Content-Type: UNKNOWN
Description: Encipher HTTP Messages Description: Encipher HTTP Messages
Keywords: crypto http Keywords: crypto http
Platform: UNKNOWN Platform: UNKNOWN

0
http_ece.egg-info/SOURCES.txt Executable file → Normal file
View File

0
http_ece.egg-info/dependency_links.txt Executable file → Normal file
View File

2
http_ece.egg-info/requires.txt Executable file → Normal file
View File

@ -1 +1 @@
cryptography>=1.9 cryptography>=2.5

0
http_ece.egg-info/top_level.txt Executable file → Normal file
View File

26
http_ece/__init__.py Executable file → Normal file
View File

@ -9,6 +9,9 @@ from cryptography.hazmat.primitives.kdf.hkdf import HKDF
from cryptography.hazmat.primitives.ciphers import ( from cryptography.hazmat.primitives.ciphers import (
Cipher, algorithms, modes Cipher, algorithms, modes
) )
from cryptography.hazmat.primitives.serialization import (
Encoding, PublicFormat
)
from cryptography.hazmat.primitives.asymmetric import ec from cryptography.hazmat.primitives.asymmetric import ec
MAX_RECORD_SIZE = pow(2, 31) - 1 MAX_RECORD_SIZE = pow(2, 31) - 1
@ -24,11 +27,13 @@ versions = {
"aesgcm128": {"pad": 1}, "aesgcm128": {"pad": 1},
} }
class ECEException(Exception): class ECEException(Exception):
"""Exception for ECE encryption functions""" """Exception for ECE encryption functions"""
def __init__(self, message): def __init__(self, message):
self.message = message self.message = message
def derive_key(mode, version, salt, key, def derive_key(mode, version, salt, key,
private_key, dh, auth_secret, private_key, dh, auth_secret,
keyid, keylabel="P-256"): keyid, keylabel="P-256"):
@ -64,15 +69,20 @@ def derive_key(mode, version, salt, key,
def derive_dh(mode, version, private_key, dh, keylabel): def derive_dh(mode, version, private_key, dh, keylabel):
def length_prefix(key): def length_prefix(key):
return struct.pack("!H", len(key)) + key return struct.pack("!H", len(key)) + key
if isinstance(dh, ec.EllipticCurvePublicKey): if isinstance(dh, ec.EllipticCurvePublicKey):
pubkey = dh pubkey = dh
dh = dh.public_numbers().encode_point() dh = dh.public_bytes(
Encoding.X962,
PublicFormat.UncompressedPoint)
else: else:
numbers = ec.EllipticCurvePublicNumbers.from_encoded_point(ec.SECP256R1(), dh) pubkey = ec.EllipticCurvePublicKey.from_encoded_point(
pubkey = numbers.public_key(default_backend()) ec.SECP256R1(),
dh
)
encoded = private_key.public_key().public_numbers().encode_point() encoded = private_key.public_key().public_bytes(
Encoding.X962,
PublicFormat.UncompressedPoint)
if mode == "encrypt": if mode == "encrypt":
sender_pub_key = encoded sender_pub_key = encoded
receiver_pub_key = dh receiver_pub_key = dh
@ -243,7 +253,7 @@ def decrypt(content, salt=None, key=None,
if version == "aes128gcm": if version == "aes128gcm":
try: try:
content_header = parse_content_header(content) content_header = parse_content_header(content)
except: except Exception:
raise ECEException("Could not parse the content header") raise ECEException("Could not parse the content header")
salt = content_header['salt'] salt = content_header['salt']
rs = content_header['rs'] rs = content_header['rs']
@ -386,7 +396,9 @@ def encrypt(content, salt=None, key=None,
counter += 1 counter += 1
if version == "aes128gcm": if version == "aes128gcm":
if keyid is None and private_key is not None: if keyid is None and private_key is not None:
kid = private_key.public_key().public_numbers().encode_point() kid = private_key.public_key().public_bytes(
Encoding.X962,
PublicFormat.UncompressedPoint)
else: else:
kid = (keyid or '').encode('utf-8') kid = (keyid or '').encode('utf-8')
return compose_aes128gcm(salt, result, rs, keyid=kid) return compose_aes128gcm(salt, result, rs, keyid=kid)

0
setup.cfg Executable file → Normal file
View File

4
setup.py
View File

@ -10,7 +10,7 @@ with io.open(os.path.join(here, 'README.rst'), encoding='utf8') as f:
setup( setup(
name='http_ece', name='http_ece',
version='1.0.5', version='1.1.0',
author='Martin Thomson', author='Martin Thomson',
author_email='martin.thomson@gmail.com', author_email='martin.thomson@gmail.com',
scripts=[], scripts=[],
@ -27,7 +27,7 @@ setup(
], ],
keywords='crypto http', keywords='crypto http',
install_requires=[ install_requires=[
'cryptography>=1.9', 'cryptography>=2.5',
], ],
tests_require=[ tests_require=[
'nose', 'nose',