Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Newer
Older
100644 840 lines (685 sloc) 29.512 kb
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
1 """Wrapper functions for libfko.
2
3 The fko module provides a class that implements the functions for
4 managing fwknop Single Packet Authorization (SPA) via the fwknop
5 library (libfko).
6
7 You can find more detailed information in the libfko documention
8 (try "info libfko" if you have the standard GNU texinfo tools).
9
10 Example simple minimal fknop client:
11
12 import socket
225e364 Additional docs and classes added to the fko python module. Minor tw…
Damien Stuart authored
13 from fko import *
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
14
15 fko_port = 62201
16 fko_host = "192.168.7.67"
17
225e364 Additional docs and classes added to the fko python module. Minor tw…
Damien Stuart authored
18 # Create the Fko object which will initialize the FKO
19 # context and populate some of its fields with default
20 # data.
21 #
22 f = Fko()
23
24 # Set the SPA message (access request)
25 #
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
26 f.spa_message('192.168.7.5,tcp/22')
225e364 Additional docs and classes added to the fko python module. Minor tw…
Damien Stuart authored
27
28 # Alternate way to set SPA message using the FkoAccess class.
29 #
30 # ar = FkoAccess("192.168.7.5", "tcp", 22)
31 # f.spa_message(ar.str())
32
33 # Generate the final SPA data string.
34 #
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
35 f.spa_data_final('put_pw_here')
36
225e364 Additional docs and classes added to the fko python module. Minor tw…
Damien Stuart authored
37 # Display the final SPA data string.
38 #
39 print "SPA Data:", f.spa_data()
40
41 # Send the SPA request.
42 #
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
43 s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
44 s.sendto(f.spa_data(), (fko_host, fko_port))
45 s.close()
46 """
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
47 import _fko
225e364 Additional docs and classes added to the fko python module. Minor tw…
Damien Stuart authored
48 from string import join
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
49
50 # FKO Constants definitions
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
51
52 """Message type constants
53 """
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
54 FKO_COMMAND_MSG = 0
55 FKO_ACCESS_MSG = 1
56 FKO_NAT_ACCESS_MSG = 2
57 FKO_CLIENT_TIMEOUT_ACCESS_MSG = 3
58 FKO_CLIENT_TIMEOUT_NAT_ACCESS_MSG = 4
59 FKO_LOCAL_NAT_ACCESS_MSG = 5
60 FKO_CLIENT_TIMEOUT_LOCAL_NAT_ACCESS_MSG = 6
61
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
62 """Digest type constants
63 """
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
64 FKO_DIGEST_MD5 = 1
65 FKO_DIGEST_SHA1 = 2
66 FKO_DIGEST_SHA256 = 3
67 FKO_DIGEST_SHA384 = 4
68 FKO_DIGEST_SHA512 = 5
69
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
70 """Encryption type constants
71 """
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
72 FKO_ENCRYPTION_RIJNDAEL = 1
73 FKO_ENCRYPTION_GPG = 2
74
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
75 """FKO error codes
76 """
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
77 FKO_SUCCESS = 0
78 FKO_ERROR_CTX_NOT_INITIALIZED = 1
79 FKO_ERROR_MEMORY_ALLOCATION = 2
80 FKO_ERROR_FILESYSTEM_OPERATION = 3
81 FKO_ERROR_INVALID_DATA = 4
82 FKO_ERROR_DATA_TOO_LARGE = 5
83 FKO_ERROR_USERNAME_UNKNOWN = 6
84 FKO_ERROR_INCOMPLETE_SPA_DATA = 7
85 FKO_ERROR_MISSING_ENCODED_DATA = 8
86 FKO_ERROR_INVALID_DIGEST_TYPE = 9
87 FKO_ERROR_INVALID_ALLOW_IP = 10
88 FKO_ERROR_INVALID_SPA_COMMAND_MSG = 11
89 FKO_ERROR_INVALID_SPA_ACCESS_MSG = 12
90 FKO_ERROR_INVALID_SPA_NAT_ACCESS_MSG = 13
91 FKO_ERROR_INVALID_ENCRYPTION_TYPE = 14
92 FKO_ERROR_WRONG_ENCRYPTION_TYPE = 15
93 FKO_ERROR_DECRYPTION_SIZE = 16
94 FKO_ERROR_DECRYPTION_FAILURE = 17
95 FKO_ERROR_DIGEST_VERIFICATION_FAILED = 18
96 FKO_ERROR_UNSUPPORTED_FEATURE = 19
97 FKO_ERROR_UNKNOWN = 20
98 # Start GPGME-related errors
99 GPGME_ERR_START = 21
100 FKO_ERROR_MISSING_GPG_KEY_DATA = 22
101 FKO_ERROR_GPGME_NO_OPENPGP = 23
102 FKO_ERROR_GPGME_CONTEXT = 24
103 FKO_ERROR_GPGME_PLAINTEXT_DATA_OBJ = 25
104 FKO_ERROR_GPGME_SET_PROTOCOL = 26
105 FKO_ERROR_GPGME_CIPHER_DATA_OBJ = 27
106 FKO_ERROR_GPGME_BAD_PASSPHRASE = 28
107 FKO_ERROR_GPGME_ENCRYPT_SIGN = 29
108 FKO_ERROR_GPGME_CONTEXT_SIGNER_KEY = 30
109 FKO_ERROR_GPGME_SIGNER_KEYLIST_START = 31
110 FKO_ERROR_GPGME_SIGNER_KEY_NOT_FOUND = 32
111 FKO_ERROR_GPGME_SIGNER_KEY_AMBIGUOUS = 33
112 FKO_ERROR_GPGME_ADD_SIGNER = 34
113 FKO_ERROR_GPGME_CONTEXT_RECIPIENT_KEY = 35
114 FKO_ERROR_GPGME_RECIPIENT_KEYLIST_START = 36
115 FKO_ERROR_GPGME_RECIPIENT_KEY_NOT_FOUND = 37
116 FKO_ERROR_GPGME_RECIPIENT_KEY_AMBIGUOUS = 38
117 FKO_ERROR_GPGME_DECRYPT_FAILED = 39
118 FKO_ERROR_GPGME_DECRYPT_UNSUPPORTED_ALGORITHM = 40
119 FKO_ERROR_GPGME_BAD_GPG_EXE = 41
120 FKO_ERROR_GPGME_BAD_HOME_DIR = 42
121 FKO_ERROR_GPGME_SET_HOME_DIR = 43
122 FKO_ERROR_GPGME_NO_SIGNATURE = 44
123 FKO_ERROR_GPGME_BAD_SIGNATURE = 45
124 FKO_ERROR_GPGME_SIGNATURE_VERIFY_DISABLED = 46
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
125
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
126 ### End FKO Constants ###
127
225e364 Additional docs and classes added to the fko python module. Minor tw…
Damien Stuart authored
128 class FkoException(Exception):
129 """General exception class for fko.
130 """
131 pass
132
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
133 class Fko:
966b9bd Do not need parens around expression in if statements in python (stil…
Damien Stuart authored
134 """This class wraps the Firewall KNock OPerator (fwknop) library, libfko.
135
136 It provides the functionality to manage and process
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
137 Single Packet Authorization (SPA) data.
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
138 """
139
140 def __init__(self, spa_data=None, key=None):
141 """Constructor for the Fko class.
142
143 Creates and intitializes the fko context.
144
145 If no arguments are given, and empty context is create with
146 some default values. See the libfko documentation for details
147 on these defaults.
148
149 If spa_data and key is supplied, the context is created, then
150 the SPA data is decrypted using the key. If successful, the SPA
151 data is parsed into the context's data structure.
152
153 If spa_data is supplied without the key, then the encrypted data
154 is stored in the context and can be decoded later (see libfko docs).
155 """
156
157 # If there is SPA data, attempt to process it. Otherwise, create
158 # an empty context.
159 #
966b9bd Do not need parens around expression in if statements in python (stil…
Damien Stuart authored
160 if spa_data != None:
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
161 self.ctx = _fko.init_ctx_with_data(spa_data, key)
162 else:
163 self.ctx = _fko.init_ctx()
164
165 def __del__(self):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
166 """Destructor for Fko.
167
168 Destroys the FKO context to clear the (possible sensitive) data
169 and releases the resource allocated to the context.
170 """
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
171 _fko.destroy_ctx(self.ctx)
172
173 ### FKO data functions and operations. ###
174
175 def version(self):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
176 """Returns the fwknop version string.
177
178 This version represents the supported fwknop SPA message format and
179 features. This has nothing to do with the version of this module.
180 """
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
181 return _fko.get_version(self.ctx)
182
183 def rand_value(self, val=None):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
184 """Get or set the random value string of the SPA data.
185
186 If setting the random value string, you must pass either a
187 16-character decimal number (to set it to the given string), or
188 an empty string ("")to have a new random value string generated
189 by libfko.
190
191 If a provided value is not a valid 16-character decimal string, the
192 function will throw an fko.error exception.
193 """
966b9bd Do not need parens around expression in if statements in python (stil…
Damien Stuart authored
194 if val != None:
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
195 _fko.set_rand_value(self.ctx, val)
196 else:
197 return _fko.get_rand_value(self.ctx)
198
199 def username(self, val=None):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
200 """Set or get the username field of the SPA data.
201
202 If no argument is given, given, this function will return the
203 current value. Otherwise, the username value will be set to the
204 name provided.
205
206 If an empty string is given, libfko will attempt to determine and
207 set the username by first looking for the environment variable
208 "SPOOF_USER" and use its value if found. Otherwise, it will try to
209 determine the username itself using various system methods, then
210 fallback to the environment variables "LOGNAME" or "USER". If none
211 of those work, the function will throw an fko.error exception.
212
213 Upon creation of a new Fko object, this value is automatically
214 generated based on the libfko method described above.
215 """
966b9bd Do not need parens around expression in if statements in python (stil…
Damien Stuart authored
216 if val != None:
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
217 _fko.set_username(self.ctx, val)
218 else:
219 return _fko.get_username(self.ctx)
220
221 def timestamp(self, val=None):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
222 """Gets or sets the timestamp value of the SPA data.
223
224 If no argument is given, the current value is returned.
225
226 If an argument is provided, it will represent an offset to be
227 applied to the current timestamp value at the time this function
228 was called.
229
230 Upon creation of a new FKO object, this value is automatically
231 generated based on the time of object creation.
232 """
966b9bd Do not need parens around expression in if statements in python (stil…
Damien Stuart authored
233 if val != None:
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
234 _fko.set_timestamp(self.ctx, val)
235 else:
236 return _fko.get_timestamp(self.ctx)
237
238 def digest_type(self, val=None):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
239 """Gets or sets the digest type.
240
241 If no argument is given, the current value is returned. Otherwise,
242 digest type will be set to the given value.
243
244 The digest type parameter is an integer value. Constants have been
245 defined to represent these values. Currently, the supported digest
246 types are:
247
248 FKO_DIGEST_MD5 - The MD5 message digest.
249 FKO_DIGEST_SHA1 - The SHA1 message digest.
250 FKO_DIGEST_SHA256 - The SHA256 message digest (default).
251 FKO_DIGEST_SHA384 - The SHA384 message digest.
252 FKO_DIGEST_SHA512 - The SHA512 message digest.
253 """
966b9bd Do not need parens around expression in if statements in python (stil…
Damien Stuart authored
254 if val != None:
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
255 _fko.set_spa_digest_type(self.ctx, val)
256 else:
257 return _fko.get_spa_digest_type(self.ctx)
258
259 def encryption_type(self, val=None):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
260 """Get or set the encryption type.
261 If no argument is given, the current value is returned. Otherwise,
262 encryption type will be set to the given value.
263
264 The encryption type parameter is an integer value. Constants have
265 been defined to represent these values. Currently, the only
266 supported encryption types are:
267
268 FKO_ENCRYPTION_RIJNDAEL
269 AES - the default libfko encryption algorithm.
270 FKO_ENCRYPTION_GPG
271 GnuPG encryption (if supported by the underlying libfko
272 implementation).
273 """
966b9bd Do not need parens around expression in if statements in python (stil…
Damien Stuart authored
274 if val != None:
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
275 _fko.set_spa_encryption_type(self.ctx, val)
276 else:
277 return _fko.get_spa_encryption_type(self.ctx)
278
279 def message_type(self, val=None):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
280 """Get or set the SPA message type.
281
282 If no argument is given, the current value is returned. Otherwise,
283 message type will be set to the given value.
284
285 The message type parameter is an integer value. Constants have
286 been defined to represent this values. Currently, the supported
287 digest types are:
288
289 FKO_COMMAND_MSG
290 A request to have the fwknop server execute the given command.
291 The format for this type is: "<ip of requestor>:<command text>"
292
293 For example: "192.168.1.2:uname -a"
294
295 FKO_ACCESS_MSG
296 A basic access request. This is the most common type in use.
297 The format for this type is: "<ip of
298 requestor>:<protocol>/<port>".
299
300 For example: "192.168.1.2:tcp/22"
301
302 FKO_NAT_ACCESS_MSG
303 An access request that also provide information for the fwknop
304 server to create a Network Address Translation (NAT to an
305 internal address. The format for this string is: "<internal
306 ip>,<ext nat port>".
307
308 For example: "10.10.1.2,9922"
309
310 FKO_CLIENT_TIMEOUT_ACCESS_MSG
311 This is an "FKO_ACCESS_REQUEST" with a timeout parameter for
312 the fwknop server. The timeout value is provided via the
313 "client_timeout" data field.
314
315 FKO_CLIENT_TIMEOUT_NAT_ACCESS_MSG
316 This is an "FKO_NAT_ACCESS_REQUEST" with a timeout parameter
317 for the fwknop server. The timeout value is provided via the
318 "client_timeout" data field.
319
320 FKO_LOCAL_NAT_ACCESS_MSG
321 This is similar to the "FKO_NAT_ACCESS" request exept the NAT
322 is to the local to the server (i.e. a service listening on
323 127.0.0.1).
324
325 FKO_CLIENT_TIMEOUT_LOCAL_NAT_ACCES_MSG
326 This is an "FKO_LOCAL_NAT_ACCESS_REQUEST" with a timeout
327 parameter for the fwknop server. The timeout value is provided
328 via the "client_timeout" data field.
329 """
966b9bd Do not need parens around expression in if statements in python (stil…
Damien Stuart authored
330 if val != None:
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
331 _fko.set_spa_message_type(self.ctx, val)
332 else:
333 return _fko.get_spa_message_type(self.ctx)
334
335 def spa_message(self, val=None):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
336 """Get or set the SPA message string.
337
338 If no argument is given, the current value is returned. Otherwise,
339 SPA message string will be set to the given value.
340
341 This is the string that represents the data for the message type
342 as described in the spa_message_type section above.
343 """
966b9bd Do not need parens around expression in if statements in python (stil…
Damien Stuart authored
344 if val != None:
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
345 _fko.set_spa_message(self.ctx, val)
346 else:
347 return _fko.get_spa_message(self.ctx)
348
349 def spa_nat_access(self, val=None):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
350 """Get or set the SPA nat access string.
351
352 If no argument is given, the current value is returned. Otherwise,
353 SPA nat access string will be set to the given value.
354 """
966b9bd Do not need parens around expression in if statements in python (stil…
Damien Stuart authored
355 if val != None:
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
356 _fko.set_spa_nat_access(self.ctx, val)
357 else:
358 return _fko.get_spa_nat_access(self.ctx)
359
360 def spa_server_auth(self, val=None):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
361 """Get or set the SPA server auth string.
362
363 If no argument is given, the current value is returned. Otherwise,
364 the SPA server auth string will be set to the given value.
365 """
966b9bd Do not need parens around expression in if statements in python (stil…
Damien Stuart authored
366 if val != None:
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
367 _fko.set_spa_server_auth(self.ctx, val)
368 else:
369 return _fko.get_spa_server_auth(self.ctx)
370
371 def spa_client_timeout(self, val=None):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
372 """Get or set the SPA message client timeout value.
373
374 This is an integer value. If no argument is given, the current value
375 is returned. Otherwise, the SPA message client timeout value will
376 be set to the given value.
377 """
966b9bd Do not need parens around expression in if statements in python (stil…
Damien Stuart authored
378 if val != None:
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
379 _fko.set_spa_client_timeout(self.ctx, val)
380 else:
381 return _fko.get_spa_client_timeout(self.ctx)
382
383 def spa_digest(self):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
384 """Returns the digest associated with the current data (if available
385 and set). This function is normally not called directly as it is
386 called by other libfko functions during normal processing.
387 """
388 return _fko.get_spa_digest(self.ctx)
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
389
390 def gen_spa_digest(self):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
391 """Recalculate the SPA data digest based on the current context's
392 data. This function is normally not called directly as it is called
393 by other libfko functions during normal processing.
394 """
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
395 _fko.set_spa_digest(self.ctx)
396
397 def spa_data(self, val=None):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
398 """Get or set the SPA data string.
399
400 If no argument is given, the current value is returned. This would
401 be the final encrypted and encoded string of data that is suitable
402 for sending to an fwkno server.
403
404 If an argument is given, it is expected to be an existing encrypted
405 and encoded SPA data string (perhaps data received by an fwknop
406 server). The provided data is stored in the object (the current
407 context).
408
409 Note: When data is provided via this function, it is not
410 automatically decoded. You would need to call the
411 "decrypt_spa_data(key)" method to complete the
412 decryption, decoding, and parsing process.
413 """
966b9bd Do not need parens around expression in if statements in python (stil…
Damien Stuart authored
414 if val != None:
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
415 _fko.set_spa_data(self.ctx, val)
416 else:
417 return _fko.get_spa_data(self.ctx)
418
419 def encoded_data(self):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
420 """Returns the encoded SPA data as it would be just before the
421 encryption step. This is not generally useful unless you are
422 debugging a data issue.
423 """
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
424 return _fko.get_encoded_data(self.ctx)
425
426 def spa_data_final(self, key):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
427 """Perform final processing and generation of the SPA message data.
428
429 This function is the final step in creating a complete encrypted
430 SPA data string suitable for transmission to an fwknop server. It
431 does require all of the requisite SPA data fields be set. Otherwise,
432 it will fail and throw an fko.error exception.
433 """
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
434 _fko.spa_data_final(self.ctx, key)
435
436 def gen_spa_data(self, key):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
437 """Alias for "spa_data_final()".
438 """
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
439 _fko.spa_data_final(self.ctx, key)
440
441 def encode_spa_data(self):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
442 """Encode the raw SPA data.
443
444 Instructs libfko to perform the base64 encoding of those SPA data
445 fields that need to be encoded, perform some data validation,
446 compute and store the message digest hash for the SPA data.
447
448 This function is normally not called directly as it is called by
449 other libfko functions during normal processing (i.e during encypt
450 and/or final functions.
451 """
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
452 _fko.encode_spa_data(self.ctx)
453
454 def decode_spa_data(self):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
455 """Decode decrypted SPA data.
456
457 This method hands of the data to the libfko decoding routines
458 which performs the decoding, parsing, and validation of the SPA data
459 that was just decrypted.
460
461 This function is normally not called directly as it is called by
462 other libfko functions during normal processing.
463 """
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
464 _fko.decode_spa_data(self.ctx)
465
466 def encrypt_spa_data(self, key):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
467 """Encrypts the intermediate encoded SPA data stored in the context.
468
469 The internal libfko encryption function will call the internal
470 "encode_spa_data" if necessary.
471
472 This function is normally not called directly as it is
473 automatically called from the internal "fko_spa_data_final"
474 function (which is wrapped by this module's "spa_data_final"
475 function).
476 """
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
477 _fko.encrypt_spa_data(self.ctx, key)
478
479 def decrypt_spa_data(self, key):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
480 """Decrypt, decode, and parse SPA message data.
481
482 When given the correct key (passsword), this methoe decrypts,
483 decodes, and parses the encrypted SPA data contained in the current
484 context. Once the data is decrypted, the libfko internal function
485 will also call the libfko decode function to decode, parse,
486 validate, and store the data fields in the context for later
487 retrieval.
488
489 Note: This function does not need to be called directly if
490 encrypted SPA data and the key was passed to this module's
491 constructor when the object was created, the constructor will
492 decrypt and decode the data at that time.
493 """
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
494 _fko.decrypt_spa_data(self.ctx, key)
495
496 # GPG-related functions.
497
498 def gpg_recipient(self, val=None):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
499 """Get or set the gpg_recipient.
500
501 This is the ID or email of the public GPG key of the intended
502 recipient. In order for this function to work, the following
503 conditions must be met:
504
505 - The underlying libfko implementation must have GPG support.
506 - The encryption_type must be set to "FKO_ENCRYPTION_GPG".
507 - The specified GPG key must exist and be valid.
508
509 If no argument is given, the current value is returned. Otherwise,
510 gpg_recipient will be set to the given value.
511 """
966b9bd Do not need parens around expression in if statements in python (stil…
Damien Stuart authored
512 if val != None:
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
513 _fko.set_gpg_recipient(self.ctx, val)
514 else:
515 return _fko.get_gpg_recipient(self.ctx)
516
517 def gpg_signer(self, val=None):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
518 """Get or set the gpg_signer.
519
520 This is the ID or email for the secret GPG key to be used to
521 sign the encryped data. In order for this function to work, the
522 following conditions must be met:
523
524 - The underlying libfko implementation must have GPG support.
525 - The encryption_type must be set to "FKO_ENCRYPTION_GPG".
526 - The specified GPG key must exist and be valid.
527
528 If no argument is given, the current value is returned. Otherwise,
529 gpg_signer will be set to the given value.
530 """
966b9bd Do not need parens around expression in if statements in python (stil…
Damien Stuart authored
531 if val != None:
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
532 _fko.set_gpg_signer(self.ctx, val)
533 else:
534 return _fko.get_gpg_signer(self.ctx)
535
536 def gpg_home_dir(self, val=None):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
537 """Get or set the GPG home directory.
538
539 This is the directory that holds the GPG keyrings, etc. In order
540 for this function to work, the following conditions must be met:
541
542 - The underlying libfko implementation must have GPG support.
543 - The encryption_type must be set to "FKO_ENCRYPTION_GPG".
544 - The specified GPG home directory must exist.
545
546 If no argument is given, the current value is returned. Otherwise,
547 gpg_home_dir will be set to the given value.
548 """
966b9bd Do not need parens around expression in if statements in python (stil…
Damien Stuart authored
549 if val != None:
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
550 _fko.set_gpg_home_dir(self.ctx, val)
551 else:
552 return _fko.get_gpg_home_dir(self.ctx)
553
554 def gpg_signature_verify(self, val=None):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
555 """Get or set the GPG signature verification flag.
556
557 If true (1), then GPG signatures are processed by libfko. This is
558 the default behavior. If set to false (0), then libfko will not
559 even look for or at any GPG signatures and will proceed with a
560 decoding the SPA data.
561
562 If no argument is given, the current value is returned. Otherwise,
563 the gpg_signature_verify flag will be set to the given value.
564 """
966b9bd Do not need parens around expression in if statements in python (stil…
Damien Stuart authored
565 if val != None:
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
566 _fko.set_gpg_signature_verify(self.ctx, val)
567 else:
568 return _fko.get_gpg_signature_verify(self.ctx)
569
570 def gpg_ignore_verify_error(self, val=None):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
571 """Get or set the GPG signature ignore verification error flag.
572
573 If true (1), then GPG signatures are processed and retained by
574 libfko, but a bad signature will not prevent the decoding phase.
575 The default is to not ignore errors.
576
577 If no argument is given, the current value is returned. Otherwise,
578 the gpg_ignore_verify_error flag will be set to the given value.
579 """
966b9bd Do not need parens around expression in if statements in python (stil…
Damien Stuart authored
580 if val != None:
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
581 _fko.set_gpg_ignore_verify_error(self.ctx, val)
582 else:
583 return _fko.get_gpg_ignore_verify_error(self.ctx)
584
585 def gpg_exe(self, val=None):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
586 """Get or set the path the the GPG executable libfko should use.
587
588 If no argument is given, the current value is returned. Otherwise,
589 gpg_exe will be set to the given value.
590 """
966b9bd Do not need parens around expression in if statements in python (stil…
Damien Stuart authored
591 if val != None:
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
592 _fko.set_gpg_exe(self.ctx, val)
593 else:
594 return _fko.get_gpg_exe(self.ctx)
595
596 def gpg_signature_id(self):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
597 """Get ID of the GPG signature from the last decryption operation.
598 """
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
599 return _fko.get_gpg_signature_id(self.ctx)
600
601 def gpg_signature_fpr(self):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
602 """Get Fingerprint of the GPG signature from the last decryption
603 operation.
604 """
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
605 return _fko.get_gpg_signature_fpr(self.ctx)
606
607 def gpg_signature_summary(self):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
608 """Get GPGME signature summary value of the GPG signature from the
609 last decryption operation. This value is a bitmask that hold
610 additional information on the signature (see GPGME docs for more
611 information).
612 """
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
613 return _fko.get_gpg_signature_summary(self.ctx)
614
615 def gpg_signature_status(self):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
616 """Get error status of the GPG signature from the last decryption
617 operation. This value is a GPGME error code (see GPGME docs for
618 more information).
619 """
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
620 return _fko.get_gpg_signature_status(self.ctx)
621
622 def gpg_signature_id_match(self, val):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
623 """Compare the given ID with the id of the GPG signature of the
624 last decryption operation. If the ID's match, then a true value
625 is returned. Otherwise false is returned.
626 """
966b9bd Do not need parens around expression in if statements in python (stil…
Damien Stuart authored
627 if _fko.gpg_signature_id_match(self.ctx) > 0:
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
628 return True
629 return False
630
631 def gpg_signature_fpr_match(self, val):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
632 """Compare the given fingerprint value with the fingerprint of the
633 GPG signature of the last decryption operation. If the ID's match,
634 then a true value is returned. Otherwise false is returned.
635 """
966b9bd Do not need parens around expression in if statements in python (stil…
Damien Stuart authored
636 if _fko.gpg_signature_fpr_match(self.ctx) > 0:
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
637 return True
638 return False
639
640 # Error message string function.
641
642 def errstr(self, val):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
643 """Returns the descriptive error message string for the
644 given error code value.
645 """
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
646 return _fko.errstr(code)
647
648 # FKO type lookup functions.
649
650 def message_type_str(self, val=None):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
651 """Returns the message type string for the given value.
652 """
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
653 if val == None:
654 val = _fko.get_spa_message_type(self.ctx)
655
656 if val == FKO_COMMAND_MSG:
657 mts = "Command Message"
658 elif val == FKO_ACCESS_MSG:
659 mts = "Access Message"
660 elif val == FKO_NAT_ACCESS_MSG:
661 mts = "NAT Access Message"
662 elif val == FKO_CLIENT_TIMEOUT_ACCESS_MSG:
663 mts = "Access Message with timeout"
664 elif val == FKO_CLIENT_TIMEOUT_NAT_ACCESS_MSG:
665 mts = "NAT access Message with timeout"
666 elif val == FKO_LOCAL_NAT_ACCESS_MSG:
667 mts = "Local NAT Access Message"
668 elif val == FKO_CLIENT_TIMEOUT_LOCAL_NAT_ACCESS_MSG:
669 mts = "Local NAT Access Message with timeout"
670 else:
671 mts = "Unknown message type"
672 return mts
673
674 def digest_type_str(self, val=None):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
675 """Returns the digest type string for the given value.
676 """
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
677 if val == None:
678 val = _fko.get_spa_digest_type(self.ctx)
679
680 if val == FKO_DIGEST_MD5:
681 dts = "MD5"
682 elif val == FKO_DIGEST_SHA1:
683 dts = "SHA1"
684 elif val == FKO_DIGEST_SHA256:
685 dts = "SHA256"
686 elif val == FKO_DIGEST_SHA384:
687 dts = "SHA384"
688 elif val == FKO_DIGEST_SHA512:
689 dts = "SHA512"
690 else:
691 dts = "Unknown digest type"
692 return dts
693
694 def encryption_type_str(self, val=None):
4e53266 Added pydoc text to the fko python module. Minot tweak to setup.py.
Damien Stuart authored
695 """Returns the encryption type string for the given value.
696 """
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
697 if val == None:
698 val = _fko.get_spa_encryption_type(self.ctx)
699
700 if val == FKO_ENCRYPTION_RIJNDAEL:
701 ets = "Rijndael (AES)"
702 elif val == FKO_ENCRYPTION_GPG:
703 ets = "GPG"
704 else:
705 ets = "Unknown encryption type"
706 return ets
707
225e364 Additional docs and classes added to the fko python module. Minor tw…
Damien Stuart authored
708 def __call__(self):
709 """Calls the spa_data() method.
710
711 If an Fko object is called directly, then it will return
712 the SPA data string for that object.
713 """
714 try:
715 return self.spa_data()
716 except:
717 return None
718
719
720 class FkoAccess():
721 """Class for creating SPA Access Request message strings.
722 """
723 def _check_port(self, port):
724 """Internal function that validates a port or list of ports.
725 """
726 plist = []
727 if type(port) is int:
728 plist.append(port)
729 elif type(port) is list:
730 plist += port
731 else:
732 raise FkoException("Invalid type: not an integer or a list")
733
734 for p in plist:
735 if type(p) is not int:
736 raise FkoException("Port value not an integer")
737 if p < 1 or p > 65535:
738 raise FkoException("Port value out of range: 1-65535")
739 return plist
740
741 def __init__(self, host="0.0.0.0", proto="tcp", port=None):
742 """Constructor for the FkoAccess class.
743
744 The three optional arguments are:
745 - host - hostname or IP address (default is 0.0.0.0).
746 - proto - protocol, which can be "tcp" (default) or "udp".
747 - port - integer or list of integers representing the
748 port(s) access beinbg requested.
749 """
750 self.host = host
751 self.proto = proto
752 if port is None:
753 self.port = []
754 else:
755 self.port = self._check_port(port)
756
757 def setport(self, port):
758 """Set the port(s) for the Access Request.
759
760 Takes either an integer or a list of integers and replaces the
761 FkoAccess object's requested ports.
762 """
763 self.port = self._check_port(port)
764
765 def addport(self, port):
766 """Add the port(s) to the Access Request.
767
768 Takes either an integer or a list of integers and adds them to
769 the the existing FkoAccess object's requested ports.
770 """
771 self.port += self._check_port(port)
772
773 def delport(self, port):
774 """Remove the port(s) from the Access Request.
775
776 Takes either an integer or a list of integers and removes any
777 matching ports from the FkoAccess object's requested ports list.
778 """
779 plist = self._check_port(port)
780 try:
781 for p in plist:
782 if p in self.port:
783 self.port.remove(p)
784 except:
785 pass
786
787 def str(self):
788 """Return the Access Request string.
789
790 Generates and returns the properly formatted Access Request
791 string based on the object's host, proto, and ports values.
792 """
793 if len(self.port) < 1:
794 raise FkoException("No port value in FkoAccess")
795 return self.host+','+self.proto+'/'+join(map(str,self.port),",")
796
797 def __call__(self):
798 """Calls the str() method.
799
800 If an FkoAccess object is called directly, then it will return
801 the Access Request string for that object.
802 """
803 return self.str()
804
805 class FkoNatAccess():
806 """Class for creating SPA NAT Access Request message strings.
807 """
808 def __init__(self, ip, port):
809 """Constructor for the FkoNatAccess class.
810
811 The two required arguments are:
812 - ip - IP address of the NAT destination.
813 - port - Port number of the NAT destination.
814 """
815 if type(port) is not int:
816 raise FkoException("Port value not an integer")
817 if port < 1 and port > 65535:
818 raise FkoException("Port value out of range 1-65535")
819 self.ip = ip
820 self.port = port
821
822 def str(self):
823 """Return the NAT Access Request string.
824
825 Generates and returns the properly formatted NAT Access Request
826 string based on the object's ip and port values.
827 """
828 return join([self.ip, str(self.port)], ",")
829
830 def __call__(self):
831 """Calls the str() method.
832
833 If an FkoNatAccess object is called directly, then it will return
834 the NAT Access Request string for that object.
835 """
836 return self.str()
837
838
b6bf1d2 Added the Fko class code to wrap the _fko wrapper around libfko.
Damien Stuart authored
839 ###EOF###
Something went wrong with that request. Please try again.