tarball import for version 1.1.0
This commit is contained in:
parent
9ec41f766c
commit
95418f2fc0
|
@ -1,12 +1,11 @@
|
||||||
Metadata-Version: 1.1
|
Metadata-Version: 1.1
|
||||||
Name: http_ece
|
Name: http_ece
|
||||||
Version: 1.0.5
|
Version: 1.1.0
|
||||||
Summary: Encrypted Content Encoding for HTTP
|
Summary: Encrypted Content Encoding for HTTP
|
||||||
Home-page: https://github.com/martinthomson/encrypted-content-encoding
|
Home-page: https://github.com/martinthomson/encrypted-content-encoding
|
||||||
Author: Martin Thomson
|
Author: Martin Thomson
|
||||||
Author-email: martin.thomson@gmail.com
|
Author-email: martin.thomson@gmail.com
|
||||||
License: MIT
|
License: MIT
|
||||||
Description-Content-Type: UNKNOWN
|
|
||||||
Description: Encipher HTTP Messages
|
Description: Encipher HTTP Messages
|
||||||
Keywords: crypto http
|
Keywords: crypto http
|
||||||
Platform: UNKNOWN
|
Platform: UNKNOWN
|
||||||
|
|
|
@ -2,7 +2,7 @@ encrypted-content-encoding
|
||||||
==========================
|
==========================
|
||||||
|
|
||||||
A simple implementation of the `HTTP encrypted
|
A simple implementation of the `HTTP encrypted
|
||||||
content-encoding <https://tools.ietf.org/html/draft-nottingham-http-encryption-encoding>`_
|
content-encoding <https://tools.ietf.org/html/rfc8188>`_
|
||||||
|
|
||||||
Use
|
Use
|
||||||
---
|
---
|
||||||
|
|
|
@ -1,3 +1,9 @@
|
||||||
|
http-ece (1.1.0-1) UNRELEASED; urgency=medium
|
||||||
|
|
||||||
|
* import tarball for version 1.1.0
|
||||||
|
|
||||||
|
-- Benjamin Dauvergne <bdauvergne@entrouvert.com> Thu, 07 Dec 2023 11:05:09 +0100
|
||||||
|
|
||||||
http-ece (1.0.5-1) unstable; urgency=low
|
http-ece (1.0.5-1) unstable; urgency=low
|
||||||
|
|
||||||
* source package automatically created by stdeb 0.8.5
|
* source package automatically created by stdeb 0.8.5
|
||||||
|
|
|
@ -7,7 +7,7 @@ Build-Depends: debhelper-compat (= 12),
|
||||||
flake8,
|
flake8,
|
||||||
python3-all,
|
python3-all,
|
||||||
python3-coverage,
|
python3-coverage,
|
||||||
python3-cryptography,
|
python3-cryptography (>= 2.5),
|
||||||
python3-flake8,
|
python3-flake8,
|
||||||
python3-mock,
|
python3-mock,
|
||||||
python3-nose,
|
python3-nose,
|
||||||
|
|
|
@ -1,12 +1,11 @@
|
||||||
Metadata-Version: 1.1
|
Metadata-Version: 1.1
|
||||||
Name: http-ece
|
Name: http-ece
|
||||||
Version: 1.0.5
|
Version: 1.1.0
|
||||||
Summary: Encrypted Content Encoding for HTTP
|
Summary: Encrypted Content Encoding for HTTP
|
||||||
Home-page: https://github.com/martinthomson/encrypted-content-encoding
|
Home-page: https://github.com/martinthomson/encrypted-content-encoding
|
||||||
Author: Martin Thomson
|
Author: Martin Thomson
|
||||||
Author-email: martin.thomson@gmail.com
|
Author-email: martin.thomson@gmail.com
|
||||||
License: MIT
|
License: MIT
|
||||||
Description-Content-Type: UNKNOWN
|
|
||||||
Description: Encipher HTTP Messages
|
Description: Encipher HTTP Messages
|
||||||
Keywords: crypto http
|
Keywords: crypto http
|
||||||
Platform: UNKNOWN
|
Platform: UNKNOWN
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
cryptography>=1.9
|
cryptography>=2.5
|
||||||
|
|
|
@ -9,6 +9,9 @@ from cryptography.hazmat.primitives.kdf.hkdf import HKDF
|
||||||
from cryptography.hazmat.primitives.ciphers import (
|
from cryptography.hazmat.primitives.ciphers import (
|
||||||
Cipher, algorithms, modes
|
Cipher, algorithms, modes
|
||||||
)
|
)
|
||||||
|
from cryptography.hazmat.primitives.serialization import (
|
||||||
|
Encoding, PublicFormat
|
||||||
|
)
|
||||||
from cryptography.hazmat.primitives.asymmetric import ec
|
from cryptography.hazmat.primitives.asymmetric import ec
|
||||||
|
|
||||||
MAX_RECORD_SIZE = pow(2, 31) - 1
|
MAX_RECORD_SIZE = pow(2, 31) - 1
|
||||||
|
@ -24,11 +27,13 @@ versions = {
|
||||||
"aesgcm128": {"pad": 1},
|
"aesgcm128": {"pad": 1},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
class ECEException(Exception):
|
class ECEException(Exception):
|
||||||
"""Exception for ECE encryption functions"""
|
"""Exception for ECE encryption functions"""
|
||||||
def __init__(self, message):
|
def __init__(self, message):
|
||||||
self.message = message
|
self.message = message
|
||||||
|
|
||||||
|
|
||||||
def derive_key(mode, version, salt, key,
|
def derive_key(mode, version, salt, key,
|
||||||
private_key, dh, auth_secret,
|
private_key, dh, auth_secret,
|
||||||
keyid, keylabel="P-256"):
|
keyid, keylabel="P-256"):
|
||||||
|
@ -64,15 +69,20 @@ def derive_key(mode, version, salt, key,
|
||||||
def derive_dh(mode, version, private_key, dh, keylabel):
|
def derive_dh(mode, version, private_key, dh, keylabel):
|
||||||
def length_prefix(key):
|
def length_prefix(key):
|
||||||
return struct.pack("!H", len(key)) + key
|
return struct.pack("!H", len(key)) + key
|
||||||
|
|
||||||
if isinstance(dh, ec.EllipticCurvePublicKey):
|
if isinstance(dh, ec.EllipticCurvePublicKey):
|
||||||
pubkey = dh
|
pubkey = dh
|
||||||
dh = dh.public_numbers().encode_point()
|
dh = dh.public_bytes(
|
||||||
|
Encoding.X962,
|
||||||
|
PublicFormat.UncompressedPoint)
|
||||||
else:
|
else:
|
||||||
numbers = ec.EllipticCurvePublicNumbers.from_encoded_point(ec.SECP256R1(), dh)
|
pubkey = ec.EllipticCurvePublicKey.from_encoded_point(
|
||||||
pubkey = numbers.public_key(default_backend())
|
ec.SECP256R1(),
|
||||||
|
dh
|
||||||
|
)
|
||||||
|
|
||||||
encoded = private_key.public_key().public_numbers().encode_point()
|
encoded = private_key.public_key().public_bytes(
|
||||||
|
Encoding.X962,
|
||||||
|
PublicFormat.UncompressedPoint)
|
||||||
if mode == "encrypt":
|
if mode == "encrypt":
|
||||||
sender_pub_key = encoded
|
sender_pub_key = encoded
|
||||||
receiver_pub_key = dh
|
receiver_pub_key = dh
|
||||||
|
@ -243,7 +253,7 @@ def decrypt(content, salt=None, key=None,
|
||||||
if version == "aes128gcm":
|
if version == "aes128gcm":
|
||||||
try:
|
try:
|
||||||
content_header = parse_content_header(content)
|
content_header = parse_content_header(content)
|
||||||
except:
|
except Exception:
|
||||||
raise ECEException("Could not parse the content header")
|
raise ECEException("Could not parse the content header")
|
||||||
salt = content_header['salt']
|
salt = content_header['salt']
|
||||||
rs = content_header['rs']
|
rs = content_header['rs']
|
||||||
|
@ -386,7 +396,9 @@ def encrypt(content, salt=None, key=None,
|
||||||
counter += 1
|
counter += 1
|
||||||
if version == "aes128gcm":
|
if version == "aes128gcm":
|
||||||
if keyid is None and private_key is not None:
|
if keyid is None and private_key is not None:
|
||||||
kid = private_key.public_key().public_numbers().encode_point()
|
kid = private_key.public_key().public_bytes(
|
||||||
|
Encoding.X962,
|
||||||
|
PublicFormat.UncompressedPoint)
|
||||||
else:
|
else:
|
||||||
kid = (keyid or '').encode('utf-8')
|
kid = (keyid or '').encode('utf-8')
|
||||||
return compose_aes128gcm(salt, result, rs, keyid=kid)
|
return compose_aes128gcm(salt, result, rs, keyid=kid)
|
||||||
|
|
4
setup.py
4
setup.py
|
@ -10,7 +10,7 @@ with io.open(os.path.join(here, 'README.rst'), encoding='utf8') as f:
|
||||||
|
|
||||||
setup(
|
setup(
|
||||||
name='http_ece',
|
name='http_ece',
|
||||||
version='1.0.5',
|
version='1.1.0',
|
||||||
author='Martin Thomson',
|
author='Martin Thomson',
|
||||||
author_email='martin.thomson@gmail.com',
|
author_email='martin.thomson@gmail.com',
|
||||||
scripts=[],
|
scripts=[],
|
||||||
|
@ -27,7 +27,7 @@ setup(
|
||||||
],
|
],
|
||||||
keywords='crypto http',
|
keywords='crypto http',
|
||||||
install_requires=[
|
install_requires=[
|
||||||
'cryptography>=1.9',
|
'cryptography>=2.5',
|
||||||
],
|
],
|
||||||
tests_require=[
|
tests_require=[
|
||||||
'nose',
|
'nose',
|
||||||
|
|
Loading…
Reference in New Issue