[Python-modules-commits] [python-secretstorage] 01/04: Import python-secretstorage_2.3.0.orig.tar.gz
Dmitry Shachnev
mitya57 at moszumanska.debian.org
Tue Aug 23 18:54:23 UTC 2016
This is an automated email from the git hooks/post-receive script.
mitya57 pushed a commit to branch master
in repository python-secretstorage.
commit b10b7887b77d171d6cad19287b84f540b09fe9f1
Author: Dmitry Shachnev <mitya57 at gmail.com>
Date: Tue Aug 23 21:41:15 2016 +0300
Import python-secretstorage_2.3.0.orig.tar.gz
---
.travis.yml | 3 +--
PKG-INFO | 15 ++++++---------
README.rst | 11 +++++------
SecretStorage.egg-info/PKG-INFO | 15 ++++++---------
SecretStorage.egg-info/requires.txt | 4 +++-
changelog | 12 ++++++++++++
docs/conf.py | 4 ++--
secretstorage/__init__.py | 2 +-
secretstorage/dhcrypto.py | 20 +++++++-------------
secretstorage/item.py | 15 +++++++++------
secretstorage/util.py | 22 +++++++++++++---------
setup.py | 9 +++++----
tests/test_dhcrypto.py | 19 +++++--------------
tests/test_item.py | 1 +
14 files changed, 76 insertions(+), 76 deletions(-)
diff --git a/.travis.yml b/.travis.yml
index 2c3f341..5cf7a7f 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -3,14 +3,13 @@ dist: trusty
language: python
python:
- "2.7"
- - "3.2"
- "3.3"
- "3.4"
- "3.5"
before_install:
- sudo apt-get update
- sudo apt-get install -y libdbus-glib-1-dev
-install: pip install dbus-python pycrypto
+install: pip install dbus-python cryptography
before_script:
- git clone git://git.gnome.org/libsecret.git
script:
diff --git a/PKG-INFO b/PKG-INFO
index 8cc73f4..b3e2e24 100644
--- a/PKG-INFO
+++ b/PKG-INFO
@@ -1,6 +1,6 @@
Metadata-Version: 1.1
Name: SecretStorage
-Version: 2.2.0
+Version: 2.3.0
Summary: Python bindings to FreeDesktop.org Secret Service API
Home-page: https://github.com/mitya57/secretstorage
Author: Dmitry Shachnev
@@ -36,13 +36,13 @@ Description:
===================
.. note::
- SecretStorage supports all versions of Python since 2.7. Here we assume
- that your Python version is 3.x.
+ SecretStorage supports Python 2.7 and all versions of Python since 3.3.
+ Here we assume that your Python version is 3.x.
SecretStorage requires these packages to work:
- * `dbus-python`_;
- * PyCrypto_ (also `available on PyPI`_).
+ * `dbus-python`_
+ * `python-cryptography`_
To build SecretStorage, use this command::
@@ -53,8 +53,7 @@ Description:
python3 setup.py build_sphinx
.. _`dbus-python`: https://www.freedesktop.org/wiki/Software/DBusBindings/#dbus-python
- .. _PyCrypto: https://www.dlitz.net/software/pycrypto/
- .. _`available on PyPI`: https://pypi.python.org/pypi/pycrypto
+ .. _`python-cryptography`: https://pypi.python.org/pypi/cryptography
.. _Sphinx: http://sphinx-doc.org/
Testing the module
@@ -96,8 +95,6 @@ Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 2
Classifier: Programming Language :: Python :: 2.7
Classifier: Programming Language :: Python :: 3
-Classifier: Programming Language :: Python :: 3.1
-Classifier: Programming Language :: Python :: 3.2
Classifier: Programming Language :: Python :: 3.3
Classifier: Programming Language :: Python :: 3.4
Classifier: Programming Language :: Python :: 3.5
diff --git a/README.rst b/README.rst
index 41d265d..fc80743 100644
--- a/README.rst
+++ b/README.rst
@@ -27,13 +27,13 @@ Building the module
===================
.. note::
- SecretStorage supports all versions of Python since 2.7. Here we assume
- that your Python version is 3.x.
+ SecretStorage supports Python 2.7 and all versions of Python since 3.3.
+ Here we assume that your Python version is 3.x.
SecretStorage requires these packages to work:
-* `dbus-python`_;
-* PyCrypto_ (also `available on PyPI`_).
+* `dbus-python`_
+* `python-cryptography`_
To build SecretStorage, use this command::
@@ -44,8 +44,7 @@ If you have Sphinx_ installed, you can also build the documentation::
python3 setup.py build_sphinx
.. _`dbus-python`: https://www.freedesktop.org/wiki/Software/DBusBindings/#dbus-python
-.. _PyCrypto: https://www.dlitz.net/software/pycrypto/
-.. _`available on PyPI`: https://pypi.python.org/pypi/pycrypto
+.. _`python-cryptography`: https://pypi.python.org/pypi/cryptography
.. _Sphinx: http://sphinx-doc.org/
Testing the module
diff --git a/SecretStorage.egg-info/PKG-INFO b/SecretStorage.egg-info/PKG-INFO
index 8cc73f4..b3e2e24 100644
--- a/SecretStorage.egg-info/PKG-INFO
+++ b/SecretStorage.egg-info/PKG-INFO
@@ -1,6 +1,6 @@
Metadata-Version: 1.1
Name: SecretStorage
-Version: 2.2.0
+Version: 2.3.0
Summary: Python bindings to FreeDesktop.org Secret Service API
Home-page: https://github.com/mitya57/secretstorage
Author: Dmitry Shachnev
@@ -36,13 +36,13 @@ Description:
===================
.. note::
- SecretStorage supports all versions of Python since 2.7. Here we assume
- that your Python version is 3.x.
+ SecretStorage supports Python 2.7 and all versions of Python since 3.3.
+ Here we assume that your Python version is 3.x.
SecretStorage requires these packages to work:
- * `dbus-python`_;
- * PyCrypto_ (also `available on PyPI`_).
+ * `dbus-python`_
+ * `python-cryptography`_
To build SecretStorage, use this command::
@@ -53,8 +53,7 @@ Description:
python3 setup.py build_sphinx
.. _`dbus-python`: https://www.freedesktop.org/wiki/Software/DBusBindings/#dbus-python
- .. _PyCrypto: https://www.dlitz.net/software/pycrypto/
- .. _`available on PyPI`: https://pypi.python.org/pypi/pycrypto
+ .. _`python-cryptography`: https://pypi.python.org/pypi/cryptography
.. _Sphinx: http://sphinx-doc.org/
Testing the module
@@ -96,8 +95,6 @@ Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 2
Classifier: Programming Language :: Python :: 2.7
Classifier: Programming Language :: Python :: 3
-Classifier: Programming Language :: Python :: 3.1
-Classifier: Programming Language :: Python :: 3.2
Classifier: Programming Language :: Python :: 3.3
Classifier: Programming Language :: Python :: 3.4
Classifier: Programming Language :: Python :: 3.5
diff --git a/SecretStorage.egg-info/requires.txt b/SecretStorage.egg-info/requires.txt
index f239437..46170f6 100644
--- a/SecretStorage.egg-info/requires.txt
+++ b/SecretStorage.egg-info/requires.txt
@@ -1,2 +1,4 @@
+cryptography
+
+[dbus-python]
dbus-python
-pycrypto
diff --git a/changelog b/changelog
index 1b9c357..d56a7f4 100644
--- a/changelog
+++ b/changelog
@@ -1,3 +1,15 @@
+SecretStorage 2.3.0, 2016-08-17
+===============================
+
+* Ported from PyCrypto to cryptography module [#6].
+* Item.get_secret() now returns a bytes object rather than a bytearray.
+
+SecretStorage 2.2.1, 2016-06-27
+===============================
+
+* Made dbus-python dependency optional because compiling it from sources
+ is not an option for many users. See issues #4 and #5 for details.
+
SecretStorage 2.2.0, 2016-06-18
===============================
diff --git a/docs/conf.py b/docs/conf.py
index c5a7a08..09063e3 100644
--- a/docs/conf.py
+++ b/docs/conf.py
@@ -31,9 +31,9 @@ copyright = '2016, Dmitry Shachnev'
# built documents.
#
# The short X.Y version.
-version = '2.2'
+version = '2.3'
# The full version, including alpha/beta/rc tags.
-release = '2.2.0'
+release = '2.3.0'
# The name of the Pygments (syntax highlighting) style to use.
pygments_style = 'sphinx'
diff --git a/secretstorage/__init__.py b/secretstorage/__init__.py
index cddfbf6..6ddc4f1 100644
--- a/secretstorage/__init__.py
+++ b/secretstorage/__init__.py
@@ -21,7 +21,7 @@ from secretstorage.exceptions import SecretStorageException, \
SecretServiceNotAvailableException, LockedException, \
ItemNotFoundException
-__version_tuple__ = (2, 2, 0)
+__version_tuple__ = (2, 3, 0)
__version__ = '.'.join(map(str, __version_tuple__))
def dbus_init(main_loop=True, use_qt_loop=False):
diff --git a/secretstorage/dhcrypto.py b/secretstorage/dhcrypto.py
index ad89019..90de2d8 100644
--- a/secretstorage/dhcrypto.py
+++ b/secretstorage/dhcrypto.py
@@ -9,9 +9,10 @@ algorithm.'''
import hmac
import math
+import os
from hashlib import sha256
-from Crypto.Random.random import getrandbits
+from cryptography.utils import int_from_bytes
# A standard 1024 bits (128 bytes) prime number for use in Diffie-Hellman exchange
DH_PRIME_1024_BYTES = (
@@ -25,21 +26,14 @@ DH_PRIME_1024_BYTES = (
0x49, 0x28, 0x66, 0x51, 0xEC, 0xE6, 0x53, 0x81, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
)
-if hasattr(int, 'from_bytes'):
- bytes_to_long = lambda bytes_array: int.from_bytes(bytes_array, 'big')
-else:
- from Crypto.Util.number import bytes_to_long as _to_long
- # We need to support both list and bytes input
- bytes_to_long = lambda b: _to_long(bytes(bytearray(b)))
-
if hasattr(int, 'to_bytes'):
- def long_to_bytes(number):
+ def int_to_bytes(number):
return int.to_bytes(number,
math.ceil(number.bit_length() / 8), 'big')
else:
- from Crypto.Util.number import long_to_bytes
+ from cryptography.utils import int_to_bytes
-DH_PRIME_1024 = bytes_to_long(DH_PRIME_1024_BYTES)
+DH_PRIME_1024 = int_from_bytes(bytearray(DH_PRIME_1024_BYTES), 'big')
class Session(object):
def __init__(self):
@@ -48,13 +42,13 @@ class Session(object):
self.aes_key = None
self.encrypted = True
# 128-bytes-long strong random number
- self.my_private_key = getrandbits(0x400)
+ self.my_private_key = int_from_bytes(os.urandom(0x80), 'big')
self.my_public_key = pow(2, self.my_private_key, DH_PRIME_1024)
def set_server_public_key(self, server_public_key):
common_secret = pow(server_public_key, self.my_private_key,
DH_PRIME_1024)
- common_secret = long_to_bytes(common_secret)
+ common_secret = int_to_bytes(common_secret)
# Prepend NULL bytes if needed
common_secret = b'\x00' * (0x80 - len(common_secret)) + common_secret
# HKDF with null salt, empty info and SHA-256 hash
diff --git a/secretstorage/item.py b/secretstorage/item.py
index 506f46c..4ce2221 100644
--- a/secretstorage/item.py
+++ b/secretstorage/item.py
@@ -14,7 +14,8 @@ from secretstorage.defines import SS_PREFIX
from secretstorage.exceptions import LockedException
from secretstorage.util import InterfaceWrapper, bus_get_object, \
open_session, format_secret, to_unicode, unlock_objects
-from Crypto.Cipher.AES import AESCipher, MODE_CBC
+from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
+from cryptography.hazmat.backends import default_backend
ITEM_IFACE = SS_PREFIX + 'Item'
@@ -96,11 +97,13 @@ class Item(object):
signature='o')
if not self.session.encrypted:
return bytes(bytearray(secret[2]))
- aes_cipher = AESCipher(self.session.aes_key, mode=MODE_CBC,
- IV=bytes(bytearray(secret[1])))
- padded_secret = bytearray(aes_cipher.decrypt(
- bytes(bytearray(secret[2]))))
- return padded_secret[:-padded_secret[-1]]
+ aes = algorithms.AES(self.session.aes_key)
+ aes_iv = bytes(bytearray(secret[1]))
+ decryptor = Cipher(aes, modes.CBC(aes_iv), default_backend()).decryptor()
+ encrypted_secret = bytes(bytearray(secret[2]))
+ padded_secret = decryptor.update(encrypted_secret) + decryptor.finalize()
+ padded_secret = bytearray(padded_secret)
+ return bytes(padded_secret[:-padded_secret[-1]])
def get_secret_content_type(self):
"""Returns content type of item secret (string)."""
diff --git a/secretstorage/util.py b/secretstorage/util.py
index f39d890..44db909 100644
--- a/secretstorage/util.py
+++ b/secretstorage/util.py
@@ -7,15 +7,16 @@
normally be used by external applications."""
import dbus
+import os
from secretstorage.defines import DBUS_UNKNOWN_METHOD, DBUS_NO_SUCH_OBJECT, \
DBUS_SERVICE_UNKNOWN, DBUS_NO_REPLY, DBUS_NOT_SUPPORTED, DBUS_EXEC_FAILED, \
SS_PATH, SS_PREFIX, ALGORITHM_DH, ALGORITHM_PLAIN
-from secretstorage.dhcrypto import Session
+from secretstorage.dhcrypto import Session, int_to_bytes
from secretstorage.exceptions import ItemNotFoundException, \
SecretServiceNotAvailableException
-from Crypto.Random import get_random_bytes
-from Crypto.Cipher.AES import AESCipher, MODE_CBC, block_size
-from secretstorage.dhcrypto import long_to_bytes, bytes_to_long
+from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
+from cryptography.hazmat.backends import default_backend
+from cryptography.utils import int_from_bytes
BUS_NAME = 'org.freedesktop.secrets'
SERVICE_IFACE = SS_PREFIX + 'Service'
@@ -66,7 +67,7 @@ def open_session(bus):
try:
output, result = service_iface.OpenSession(
ALGORITHM_DH,
- dbus.ByteArray(long_to_bytes(session.my_public_key)),
+ dbus.ByteArray(int_to_bytes(session.my_public_key)),
signature='sv'
)
except dbus.exceptions.DBusException as e:
@@ -79,7 +80,8 @@ def open_session(bus):
)
session.encrypted = False
else:
- session.set_server_public_key(bytes_to_long(output))
+ output = int_from_bytes(bytearray(output), 'big')
+ session.set_server_public_key(output)
session.object_path = result
return session
@@ -94,12 +96,14 @@ def format_secret(session, secret, content_type):
# PKCS-7 style padding
padding = 0x10 - (len(secret) & 0xf)
secret += bytes(bytearray((padding,)) * padding)
- aes_iv = get_random_bytes(block_size)
- aes_cipher = AESCipher(session.aes_key, mode=MODE_CBC, IV=aes_iv)
+ aes_iv = os.urandom(0x10)
+ aes = algorithms.AES(session.aes_key)
+ encryptor = Cipher(aes, modes.CBC(aes_iv), default_backend()).encryptor()
+ encrypted_secret = encryptor.update(secret) + encryptor.finalize()
return dbus.Struct((
session.object_path,
dbus.Array(aes_iv),
- dbus.Array(bytearray(aes_cipher.encrypt(secret))),
+ dbus.Array(bytearray(encrypted_secret)),
content_type
))
diff --git a/setup.py b/setup.py
index 0759880..71142ee 100755
--- a/setup.py
+++ b/setup.py
@@ -6,7 +6,7 @@ try:
except ImportError:
from distutils.core import setup
-version = '2.2.0'
+version = '2.3.0'
readme_file = open(os.path.join(os.path.dirname(__file__), 'README.rst'))
long_description = '\n' + readme_file.read()
@@ -20,8 +20,6 @@ classifiers = [
'Programming Language :: Python :: 2',
'Programming Language :: Python :: 2.7',
'Programming Language :: Python :: 3',
- 'Programming Language :: Python :: 3.1',
- 'Programming Language :: Python :: 3.2',
'Programming Language :: Python :: 3.3',
'Programming Language :: Python :: 3.4',
'Programming Language :: Python :: 3.5',
@@ -40,6 +38,9 @@ setup(name='SecretStorage',
platforms='Linux',
license='BSD',
classifiers=classifiers,
- install_requires=['dbus-python', 'pycrypto'],
+ install_requires=['cryptography'],
+ extras_require={
+ 'dbus-python': ['dbus-python'],
+ },
requires=['dbus', 'Crypto']
)
diff --git a/tests/test_dhcrypto.py b/tests/test_dhcrypto.py
index e7b74e7..e217d62 100644
--- a/tests/test_dhcrypto.py
+++ b/tests/test_dhcrypto.py
@@ -5,25 +5,16 @@
# This file tests the dhcrypto module.
import unittest
-from secretstorage.dhcrypto import long_to_bytes, bytes_to_long
+from secretstorage.dhcrypto import int_to_bytes
class ConversionTest(unittest.TestCase):
"""A test case that tests conversion functions
between bytes and long."""
- def test_long_to_bytes(self):
- self.assertEqual(long_to_bytes(1), b'\x01')
- self.assertEqual(long_to_bytes(258), b'\x01\x02')
- self.assertEqual(long_to_bytes(1 << 64), b'\x01' + b'\x00' * 8)
-
- def test_bytes_to_long(self):
- self.assertEqual(bytes_to_long(b'\x01'), 1)
- self.assertEqual(bytes_to_long(b'\x01\x02'), 258)
- self.assertEqual(bytes_to_long(b'\x01' + b'\x00' * 8), 1 << 64)
-
- def test_array_to_long(self):
- self.assertEqual(bytes_to_long([1] + [0] * 8), 1 << 64)
- self.assertEqual(bytes_to_long(bytearray([1] + [0] * 8)), 1 << 64)
+ def test_int_to_bytes(self):
+ self.assertEqual(int_to_bytes(1), b'\x01')
+ self.assertEqual(int_to_bytes(258), b'\x01\x02')
+ self.assertEqual(int_to_bytes(1 << 64), b'\x01' + b'\x00' * 8)
if __name__ == '__main__':
unittest.main()
diff --git a/tests/test_item.py b/tests/test_item.py
index 4f4d138..e751d02 100644
--- a/tests/test_item.py
+++ b/tests/test_item.py
@@ -59,6 +59,7 @@ class ItemTest(unittest.TestCase):
def test_secret(self):
self.assertEqual(self.item.get_secret(), b'pa$$word')
self.item.set_secret(b'newpa$$word')
+ self.assertIsInstance(self.item.get_secret(), bytes)
self.assertEqual(self.item.get_secret(), b'newpa$$word')
self.assertEqual(self.other_item.get_secret(), b'')
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/python-modules/packages/python-secretstorage.git
More information about the Python-modules-commits
mailing list