opcua.hmac_sha1() - Code Metrics - Inspection of "Merge pull request #98 from alkor/fixes" - FreeOpcUa/python-opcua - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 4f41b4...fd0feb )

by Olivier

created 2016-01-03 09:16 UTC

opcua.hmac_sha1() A

↳ Parent: Project

Complexity

Conditions

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	0
CRAP Score	2

Metric	Value
dl	0
loc	4
ccs	0
cts	4
cp	0
rs	10
cc	1
crap	2

import os

from cryptography import x509
from cryptography.exceptions import InvalidSignature
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives import hmac
from cryptography.hazmat.primitives.asymmetric import padding
from cryptography.hazmat.primitives.ciphers import Cipher
from cryptography.hazmat.primitives.ciphers import algorithms
from cryptography.hazmat.primitives.ciphers import modes


def load_certificate(path):
    _, ext = os.path.splitext(path)
    with open(path, "br") as f:
        if ext == ".pem":
            return x509.load_pem_x509_certificate(f.read(), default_backend())
        else:
            return x509.load_der_x509_certificate(f.read(), default_backend())


def x509_from_der(data):
    if not data:
        return None
    return x509.load_der_x509_certificate(data, default_backend())


def x509_to_der(cert):
    if not cert:
        return b''
    return cert.public_bytes(serialization.Encoding.DER)


def load_private_key(path):
    _, ext = os.path.splitext(path)
    with open(path, "br") as f:
        if ext == ".pem":
            return serialization.load_pem_private_key(f.read(), password=None, backend=default_backend())
        else:
            return serialization.load_der_private_key(f.read(), password=None, backend=default_backend())


def der_from_x509(certificate):
    if certificate is None:
        return b""
    return certificate.public_bytes(serialization.Encoding.DER)


def sign_sha1(private_key, data):
    signer = private_key.signer(
        padding.PKCS1v15(),
        hashes.SHA1()
    )
    signer.update(data)
    return signer.finalize()


def verify_sha1(certificate, data, signature):
    verifier = certificate.public_key().verifier(
        signature,
        padding.PKCS1v15(),
        hashes.SHA1())
    verifier.update(data)
    verifier.verify()


def encrypt_basic256(public_key, data):
    ciphertext = public_key.encrypt(
        data,
        padding.OAEP(
            mgf=padding.MGF1(algorithm=hashes.SHA256()),
            algorithm=hashes.SHA256(),
            label=None)
    )
    return ciphertext


def encrypt_rsa_oaep(public_key, data):
    ciphertext = public_key.encrypt(
        data,
        padding.OAEP(
            mgf=padding.MGF1(algorithm=hashes.SHA1()),
            algorithm=hashes.SHA1(),
            label=None)
    )
    return ciphertext


def encrypt_rsa15(public_key, data):
    ciphertext = public_key.encrypt(
        data,
        padding.PKCS1v15()
    )
    return ciphertext


def decrypt_rsa_oaep(private_key, data):
    text = private_key.decrypt(
        data,
        padding.OAEP(
            mgf=padding.MGF1(algorithm=hashes.SHA1()),
            algorithm=hashes.SHA1(),
            label=None)
    )
    return text


def decrypt_rsa15(private_key, data):
    text = private_key.decrypt(
        data,
        padding.PKCS1v15()
    )
    return text


def cipher_aes_cbc(key, init_vec):
    return Cipher(algorithms.AES(key), modes.CBC(init_vec), default_backend())


def cipher_encrypt(cipher, data):
    encryptor = cipher.encryptor()
    return encryptor.update(data) + encryptor.finalize()


def cipher_decrypt(cipher, data):
    decryptor = cipher.decryptor()
    return decryptor.update(data) + decryptor.finalize()


def hmac_sha1(key, message):
    hasher = hmac.HMAC(key, hashes.SHA1(), backend=default_backend())
    hasher.update(message)
    return hasher.finalize()


def sha1_size():
    return hashes.SHA1.digest_size


def p_sha1(secret, seed, sizes=()):
    """
    Derive one or more keys from secret and seed.
    (See specs part 6, 6.7.5 and RFC 2246 - TLS v1.0)
    Lengths of keys will match sizes argument
    """
    full_size = 0
    for size in sizes:
        full_size += size

    result = b''
    accum = seed
    while len(result) < full_size:
        accum = hmac_sha1(secret, accum)
        result += hmac_sha1(secret, accum + seed)

    parts = []
    for size in sizes:
        parts.append(result[:size])
        result = result[size:]
    return tuple(parts)


if __name__ == "__main__":
    # Convert from PEM to DER
    cert = load_certificate("../examples/server_cert.pem")
    #rsa_pubkey = pubkey_from_dercert(der)
    rsa_privkey = load_private_key("../examples/mykey.pem")
    
    from IPython import embed
    embed()


1	1	import os
2
3	1	from cryptography import x509
4		from cryptography.exceptions import InvalidSignature
5		from cryptography.hazmat.backends import default_backend
6		from cryptography.hazmat.primitives import serialization
7		from cryptography.hazmat.primitives import hashes
8		from cryptography.hazmat.primitives import hmac
9		from cryptography.hazmat.primitives.asymmetric import padding
10		from cryptography.hazmat.primitives.ciphers import Cipher
11		from cryptography.hazmat.primitives.ciphers import algorithms
12		from cryptography.hazmat.primitives.ciphers import modes
13
14
15		def load_certificate(path):
16		_, ext = os.path.splitext(path)
17		with open(path, "br") as f:
18		if ext == ".pem":
19		return x509.load_pem_x509_certificate(f.read(), default_backend())
20		else:
21		return x509.load_der_x509_certificate(f.read(), default_backend())
22
23
24		def x509_from_der(data):
25		if not data:
26		return None
27		return x509.load_der_x509_certificate(data, default_backend())
28
29
30		def x509_to_der(cert):
31		if not cert:
32		return b''
33		return cert.public_bytes(serialization.Encoding.DER)
34
35
36		def load_private_key(path):
37		_, ext = os.path.splitext(path)
38		with open(path, "br") as f:
39		if ext == ".pem":
40		return serialization.load_pem_private_key(f.read(), password=None, backend=default_backend())
41		else:
42		return serialization.load_der_private_key(f.read(), password=None, backend=default_backend())
43
44
45		def der_from_x509(certificate):
46		if certificate is None:
47		return b""
48		return certificate.public_bytes(serialization.Encoding.DER)
49
50
51		def sign_sha1(private_key, data):
52		signer = private_key.signer(
53		padding.PKCS1v15(),
54		hashes.SHA1()
55		)
56		signer.update(data)
57		return signer.finalize()
58
59
60		def verify_sha1(certificate, data, signature):
61		verifier = certificate.public_key().verifier(
62		signature,
63		padding.PKCS1v15(),
64		hashes.SHA1())
65		verifier.update(data)
66		verifier.verify()
67
68
69		def encrypt_basic256(public_key, data):
70		ciphertext = public_key.encrypt(
71		data,
72		padding.OAEP(
73		mgf=padding.MGF1(algorithm=hashes.SHA256()),
74		algorithm=hashes.SHA256(),
75		label=None)
76		)
77		return ciphertext
78
79
80		def encrypt_rsa_oaep(public_key, data):
81		ciphertext = public_key.encrypt(
82		data,
83		padding.OAEP(
84		mgf=padding.MGF1(algorithm=hashes.SHA1()),
85		algorithm=hashes.SHA1(),
86		label=None)
87		)
88		return ciphertext
89
90
91		def encrypt_rsa15(public_key, data):
92		ciphertext = public_key.encrypt(
93		data,
94		padding.PKCS1v15()
95		)
96		return ciphertext
97
98
99		def decrypt_rsa_oaep(private_key, data):
100		text = private_key.decrypt(
101		data,
102		padding.OAEP(
103		mgf=padding.MGF1(algorithm=hashes.SHA1()),
104		algorithm=hashes.SHA1(),
105		label=None)
106		)
107		return text
108
109
110		def decrypt_rsa15(private_key, data):
111		text = private_key.decrypt(
112		data,
113		padding.PKCS1v15()
114		)
115		return text
116
117
118		def cipher_aes_cbc(key, init_vec):
119		return Cipher(algorithms.AES(key), modes.CBC(init_vec), default_backend())
120
121
122		def cipher_encrypt(cipher, data):
123		encryptor = cipher.encryptor()
124		return encryptor.update(data) + encryptor.finalize()
125
126
127		def cipher_decrypt(cipher, data):
128		decryptor = cipher.decryptor()
129		return decryptor.update(data) + decryptor.finalize()
130
131
132		def hmac_sha1(key, message):
133		hasher = hmac.HMAC(key, hashes.SHA1(), backend=default_backend())
134		hasher.update(message)
135		return hasher.finalize()
136
137
138		def sha1_size():
139		return hashes.SHA1.digest_size
140
141
142		def p_sha1(secret, seed, sizes=()):
143		"""
144		Derive one or more keys from secret and seed.
145		(See specs part 6, 6.7.5 and RFC 2246 - TLS v1.0)
146		Lengths of keys will match sizes argument
147		"""
148		full_size = 0
149		for size in sizes:
150		full_size += size
151
152		result = b''
153		accum = seed
154		while len(result) < full_size:
155		accum = hmac_sha1(secret, accum)
156		result += hmac_sha1(secret, accum + seed)
157
158		parts = []
159		for size in sizes:
160		parts.append(result[:size])
161		result = result[size:]
162		return tuple(parts)
163
164
165		if __name__ == "__main__":
166		# Convert from PEM to DER
167		cert = load_certificate("../examples/server_cert.pem")
168		#rsa_pubkey = pubkey_from_dercert(der)
169		rsa_privkey = load_private_key("../examples/mykey.pem")
170
171		from IPython import embed
172		embed()
173

FreeOpcUa / python-opcua

Push — master ( 4f41b4...fd0feb )

opcua.hmac_sha1() A

Complexity

Size

Duplication

Code Coverage

Duplication Side-by-Side

Filter issues like