CryptoDataHub 0.11.1__py3-none-any.whl → 0.12.1__py3-none-any.whl

cryptodatahub/common/utils.py

@@ -1,8 +1,13 @@
 # -*- coding: utf-8 -*-
 
 import binascii
+import hashlib
 
+import attr
 import six
+import urllib3
+
+from cryptodatahub.common.algorithm import Hash
 
 
 def bytes_to_hex_string(byte_array, separator='', lowercase=False):
@@ -35,3 +40,71 @@ def name_to_enum_item_name(name):
             converted_name += '_'
 
     return converted_name.rstrip('_').upper()
+
+
+_HASHLIB_FUNCS = {
+    Hash.MD5: hashlib.md5,
+    Hash.SHA1: hashlib.sha1,
+    Hash.SHA2_224: hashlib.sha224,
+    Hash.SHA2_256: hashlib.sha256,
+    Hash.SHA2_384: hashlib.sha384,
+    Hash.SHA2_512: hashlib.sha512,
+}
+
+
+def hash_bytes(hash_algorithm, hashable_value):
+    try:
+        hashlib_funcs = _HASHLIB_FUNCS[hash_algorithm]
+    except KeyError as e:
+        six.raise_from(NotImplementedError(hash_algorithm), e)
+
+    return hashlib_funcs(hashable_value).digest()
+
+
+@attr.s
+class HttpFetcher(object):
+    connect_timeout = attr.ib(default=2, validator=attr.validators.instance_of((int, float)))
+    read_timeout = attr.ib(default=1, validator=attr.validators.instance_of((int, float)))
+    retry = attr.ib(default=1, validator=attr.validators.instance_of(int))
+    _request_params = attr.ib(default=None, init=False)
+    _response = attr.ib(default=None, init=False)
+
+    def __attrs_post_init__(self):
+        request_params = {
+            'preload_content': False,
+            'timeout': urllib3.Timeout(connect=self.connect_timeout, read=self.read_timeout),
+            'retries': urllib3.Retry(
+                self.retry, status_forcelist=urllib3.Retry.RETRY_AFTER_STATUS_CODES | frozenset([502])
+            ),
+        }
+
+        object.__setattr__(self, '_request_params', request_params)
+
+    def get_response_header(self, header_name):
+        if self._response is None:
+            raise AttributeError()
+
+        return self._response.headers.get(header_name, None)
+
+    @property
+    def response_data(self):
+        if self._response is None:
+            raise AttributeError()
+
+        return self._response.data
+
+    def fetch(self, url):
+        pool_manager = urllib3.PoolManager()
+
+        try:
+            self._response = pool_manager.request('GET', str(url), **self._request_params)
+        except BaseException as e:  # pylint: disable=broad-except
+            if e.__class__.__name__ != 'TimeoutError' and not isinstance(e, urllib3.exceptions.HTTPError):
+                raise e
+
+        pool_manager.clear()
+
+    def __call__(self, url):
+        self.fetch(url)
+
+        return self.response_data

cryptodatahub/ssh/algorithm.py

@@ -27,7 +27,7 @@ from cryptodatahub.common.types import (
 )
 
 
-@attr.s
+@attr.s(frozen=True)
 class SshAlgorithmParams(CryptoDataParamsEnumString, GradeableComplex):
     @property
     @abc.abstractmethod
@@ -52,15 +52,15 @@ class SshAlgorithmParams(CryptoDataParamsEnumString, GradeableComplex):
         attr.validate(self)
 
 
-@attr.s
+@attr.s(frozen=True)
 class EncryptionAlgorithmParams(SshAlgorithmParams):
     cipher = attr.ib(
         converter=convert_enum(BlockCipher),
-        validator=attr.validators.optional(attr.validators.instance_of((BlockCipher, six.string_types)))
+        validator=attr.validators.optional(attr.validators.instance_of(BlockCipher))
     )
     mode = attr.ib(
         converter=convert_enum(BlockCipherMode),
-        validator=attr.validators.optional(attr.validators.instance_of((BlockCipherMode, six.string_types)))
+        validator=attr.validators.optional(attr.validators.instance_of(BlockCipherMode))
     )
 
     @property
@@ -68,16 +68,16 @@ class EncryptionAlgorithmParams(SshAlgorithmParams):
         return ('cipher', 'mode')
 
 
-@attr.s
+@attr.s(frozen=True)
 class MacAlgorithmParams(SshAlgorithmParams):
     truncated_size = attr.ib(validator=attr.validators.optional(attr.validators.instance_of(int)))
     mac = attr.ib(
         converter=convert_enum(MAC),
-        validator=attr.validators.optional(attr.validators.instance_of((MAC, six.string_types)))
+        validator=attr.validators.optional(attr.validators.instance_of(MAC))
     )
     mode = attr.ib(
         converter=convert_enum(MACMode),
-        validator=attr.validators.optional(attr.validators.instance_of((MACMode, six.string_types)))
+        validator=attr.validators.optional(attr.validators.instance_of(MACMode))
     )
 
     @property
@@ -92,11 +92,11 @@ class MacAlgorithmParams(SshAlgorithmParams):
         return ('mac', 'mode')
 
 
-@attr.s
+@attr.s(frozen=True)
 class KexAlgorithmParams(SshAlgorithmParams):
     kex = attr.ib(
         converter=convert_enum(KeyExchange),
-        validator=attr.validators.optional(attr.validators.instance_of((KeyExchange, six.string_types)))
+        validator=attr.validators.optional(attr.validators.instance_of(KeyExchange))
     )
     key_parameter = attr.ib(
         converter=convert_variadic((convert_enum(NamedGroup), convert_enum(DHParamWellKnown))),
@@ -106,7 +106,7 @@ class KexAlgorithmParams(SshAlgorithmParams):
     )
     exchange_hash = attr.ib(
         converter=convert_enum(Hash),
-        validator=attr.validators.optional(attr.validators.instance_of((Hash, six.string_types)))
+        validator=attr.validators.optional(attr.validators.instance_of(Hash))
     )
     key_size = attr.ib(validator=attr.validators.optional(attr.validators.instance_of(int)))
 
@@ -136,20 +136,22 @@ class SshHostKeyType(enum.Enum):
     HOST_KEY = 'host key'
     HOST_CERTIFICATE = 'host certificate'
     PGP_KEY = 'PGP key'
+    SECURE_KEY = 'secure key'
+    SECURE_CERTIFICATE = 'secure certificate'
     SPKI_KEY = 'SPKI key'
     X509_CERTIFICATE = 'X.509 certificate'
     X509_CERTIFICATE_CHAIN = 'X.509 certificate chain'
 
 
-@attr.s
+@attr.s(frozen=True)
 class HostKeyAlgorithmParams(SshAlgorithmParams):
     key_type = attr.ib(
         converter=convert_enum(SshHostKeyType),
-        validator=attr.validators.instance_of((SshHostKeyType, six.string_types))
+        validator=attr.validators.instance_of(SshHostKeyType)
     )
     signature = attr.ib(
         converter=convert_enum(Signature),
-        validator=attr.validators.optional(attr.validators.instance_of((Signature, six.string_types)))
+        validator=attr.validators.optional(attr.validators.instance_of(Signature))
     )
 
     @property
@@ -157,14 +159,14 @@ class HostKeyAlgorithmParams(SshAlgorithmParams):
         return ('signature',)
 
 
-@attr.s
+@attr.s(frozen=True)
 class CompressionAlgorithmParams(CryptoDataParamsEnumString, GradeableVulnerabilities):
     @classmethod
     def get_gradeable_name(cls):
         return 'compression'
 
 
-@attr.s
+@attr.s(frozen=True)
 class EllipticCurveIdentifierParams(CryptoDataParamsEnumString):
     named_group = attr.ib(
         converter=convert_enum(NamedGroup),

cryptodatahub/ssh/compression-algorithm.json

@@ -13,6 +13,10 @@
             }
         ]
     },
+    "LZ4_SENSORSDATA_CN": {
+        "code": "lz4@sensorsdata.cn",
+        "vulnerabilities": []
+    },
     "NONE": {
         "code": "none",
         "vulnerabilities": []

cryptodatahub/ssh/encryption-algorithm.json

@@ -14,6 +14,11 @@
         "cipher": "AES_128",
         "mode": "CBC"
     },
+    "AES128_CFB": {
+        "code": "aes128-cfb",
+        "cipher": "AES_128",
+        "mode": "CFB"
+    },
     "AES128_CTR": {
         "code": "aes128-ctr",
         "cipher": "AES_128",
@@ -39,16 +44,36 @@
         "cipher": "AES_192",
         "mode": "CTR"
     },
+    "AES192_GCM": {
+        "code": "aes192-gcm",
+        "cipher": "AES_192",
+        "mode": "GCM"
+    },
+    "AES192_GCM_OPENSSH_COM": {
+        "code": "aes192-gcm@openssh.com",
+        "cipher": "AES_192",
+        "mode": "GCM"
+    },
     "AES256_CBC": {
         "code": "aes256-cbc",
         "cipher": "AES_256",
         "mode": "CBC"
     },
+    "AES256_CFB": {
+        "code": "aes256-cfb",
+        "cipher": "AES_256",
+        "mode": "CFB"
+    },
     "AES256_CTR": {
         "code": "aes256-ctr",
         "cipher": "AES_256",
         "mode": "CTR"
     },
+    "AES256_GCM": {
+        "code": "aes256-gcm",
+        "cipher": "AES_256",
+        "mode": "GCM"
+    },
     "AES256_GCM_OPENSSH_COM": {
         "code": "aes256-gcm@openssh.com",
         "cipher": "AES_256",
@@ -69,6 +94,11 @@
         "cipher": "RC4_256",
         "mode": null
     },
+    "BLOWFISH": {
+        "code": "blowfish",
+        "cipher": "BLOWFISH",
+        "mode": "CBC"
+    },
     "BLOWFISH_CBC": {
         "code": "blowfish-cbc",
         "cipher": "BLOWFISH",
@@ -94,6 +124,66 @@
         "cipher": "BLOWFISH",
         "mode": "OFB"
     },
+    "CAMELLIA128_CBC_OPENSSH_ORG": {
+        "code": "camellia128-cbc@openssh.org",
+        "cipher": "CAMELLIA_128",
+        "mode": "CBC"
+    },
+    "CAMELLIA128_CBC": {
+        "code": "camellia128-cbc",
+        "cipher": "CAMELLIA_128",
+        "mode": "CBC"
+    },
+    "CAMELLIA128_CTR": {
+        "code": "camellia128-ctr",
+        "cipher": "CAMELLIA_128",
+        "mode": "CTR"
+    },
+    "CAMELLIA128_CTR_OPENSSH_ORG": {
+        "code": "camellia128-ctr@openssh.org",
+        "cipher": "CAMELLIA_128",
+        "mode": "CTR"
+    },
+    "CAMELLIA192_CBC_OPENSSH_ORG": {
+        "code": "camellia192-cbc@openssh.org",
+        "cipher": "CAMELLIA_192",
+        "mode": "CBC"
+    },
+    "CAMELLIA192_CBC": {
+        "code": "camellia192-cbc",
+        "cipher": "CAMELLIA_192",
+        "mode": "CBC"
+    },
+    "CAMELLIA192_CTR": {
+        "code": "camellia192-ctr",
+        "cipher": "CAMELLIA_192",
+        "mode": "CTR"
+    },
+    "CAMELLIA192_CTR_OPENSSH_ORG": {
+        "code": "camellia192-ctr@openssh.org",
+        "cipher": "CAMELLIA_192",
+        "mode": "CTR"
+    },
+    "CAMELLIA256_CBC_OPENSSH_ORG": {
+        "code": "camellia256-cbc@openssh.org",
+        "cipher": "CAMELLIA_256",
+        "mode": "CBC"
+    },
+    "CAMELLIA256_CBC": {
+        "code": "camellia256-cbc",
+        "cipher": "CAMELLIA_256",
+        "mode": "CBC"
+    },
+    "CAMELLIA256_CTR": {
+        "code": "camellia256-ctr",
+        "cipher": "CAMELLIA_256",
+        "mode": "CTR"
+    },
+    "CAMELLIA256_CTR_OPENSSH_ORG": {
+        "code": "camellia256-ctr@openssh.org",
+        "cipher": "CAMELLIA_256",
+        "mode": "CTR"
+    },
     "CAST128_CBC": {
         "code": "cast128-cbc",
         "cipher": "CAST_128",
@@ -119,21 +209,41 @@
         "cipher": "CAST_128",
         "mode": "OFB"
     },
+    "CAST128_12_CBC": {
+        "code": "cast128-12-cbc",
+        "cipher": "CAST_128",
+        "mode": "CBC"
+    },
     "CAST128_12_CBC_SSH_COM": {
         "code": "cast128-12-cbc@ssh.com",
         "cipher": "CAST_128",
         "mode": "CBC"
     },
+    "CAST128_12_CFB": {
+        "code": "cast128-12-cfb",
+        "cipher": "CAST_128",
+        "mode": "CFB"
+    },
     "CAST128_12_CFB_SSH_COM": {
         "code": "cast128-12-cfb@ssh.com",
         "cipher": "CAST_128",
         "mode": "CFB"
     },
+    "CAST128_12_ECB": {
+        "code": "cast128-12-ecb",
+        "cipher": "CAST_128",
+        "mode": "ECB"
+    },
     "CAST128_12_ECB_SSH_COM": {
         "code": "cast128-12-ecb@ssh.com",
         "cipher": "CAST_128",
         "mode": "ECB"
     },
+    "CAST128_12_OFB": {
+        "code": "cast128-12-ofb",
+        "cipher": "CAST_128",
+        "mode": "OFB"
+    },
     "CAST128_12_OFB_SSH_COM": {
         "code": "cast128-12-ofb@ssh.com",
         "cipher": "CAST_128",
@@ -144,6 +254,11 @@
         "cipher": "CAST_256",
         "mode": "CBC"
     },
+    "CHACHA20_POLY1305": {
+        "code": "chacha20-poly1305",
+        "cipher": "CHACHA20",
+        "mode": null
+    },
     "CHACHA20_POLY1305_OPENSSH_COM": {
         "code": "chacha20-poly1305@openssh.com",
         "cipher": "CHACHA20",
@@ -154,6 +269,11 @@
         "cipher": "CRYPTICORE",
         "mode": null
     },
+    "DES": {
+        "code": "des",
+        "cipher": "DES",
+        "mode": "CBC"
+    },
     "DES_CBC": {
         "code": "des-cbc",
         "cipher": "DES",
@@ -194,6 +314,11 @@
         "cipher": "GOST_R3412_15_128",
         "mode": "CTR"
     },
+    "GRASSHOPPER_CTR128": {
+        "code": "grasshopper-ctr128",
+        "cipher": "GOST_R3412_15_128",
+        "mode": "CTR"
+    },
     "GOST89": {
         "code": "gost89",
         "cipher": "GOST2814789",
@@ -204,6 +329,11 @@
         "cipher": "GOST2814789",
         "mode": "CNT"
     },
+    "IDEA_CBC": {
+        "code": "idea-cbc",
+        "cipher": "IDEA",
+        "mode": "CBC"
+    },
     "IDEA_CFB": {
         "code": "idea-cfb",
         "cipher": "IDEA",
@@ -214,6 +344,21 @@
         "cipher": "IDEA",
         "mode": "CTR"
     },
+    "IDEA_ECB": {
+        "code": "idea-ecb",
+        "cipher": "IDEA",
+        "mode": "ECB"
+    },
+    "IDEA_OFB": {
+        "code": "idea-ofb",
+        "cipher": "IDEA",
+        "mode": "OFB"
+    },
+    "KUZNECHIK_OFB": {
+        "code": "kuznechik-ofb",
+        "cipher": "GOST_R3412_15_128",
+        "mode": "OFB"
+    },
     "RC2_CBC": {
         "code": "rc2-cbc",
         "cipher": "RC2",
@@ -229,6 +374,11 @@
         "cipher": "RC2",
         "mode": "CTR"
     },
+    "RIJNDAEL128": {
+        "code": "rijndael128",
+        "cipher": "RIJNDAEL_128",
+        "mode": "CBC"
+    },
     "RIJNDAEL128_CBC": {
         "code": "rijndael128-cbc",
         "cipher": "RIJNDAEL_128",
@@ -259,6 +409,11 @@
         "cipher": "SEED",
         "mode": "CBC"
     },
+    "SEED_CTR_SSH_COM": {
+        "code": "seed-ctr@ssh.com",
+        "cipher": "SEED",
+        "mode": "CTR"
+    },
     "SERPENT128_CBC": {
         "code": "serpent128-cbc",
         "cipher": "SERPENT_128",
@@ -269,6 +424,16 @@
         "cipher": "SERPENT_128",
         "mode": "CTR"
     },
+    "SERPENT128_GCM": {
+        "code": "serpent128-gcm",
+        "cipher": "SERPENT_128",
+        "mode": "GCM"
+    },
+    "SERPENT128_GCM_LIBASSH_ORG": {
+        "code": "serpent128-gcm@libassh.org",
+        "cipher": "SERPENT_128",
+        "mode": "GCM"
+    },
     "SERPENT192_CBC": {
         "code": "serpent192-cbc",
         "cipher": "SERPENT_192",
@@ -289,6 +454,36 @@
         "cipher": "SERPENT_256",
         "mode": "CTR"
     },
+    "SERPENT256_GCM": {
+        "code": "serpent256-gcm",
+        "cipher": "SERPENT_256",
+        "mode": "GCM"
+    },
+    "SERPENT256_GCM_LIBASSH_ORG": {
+        "code": "serpent256-gcm@libassh.org",
+        "cipher": "SERPENT_256",
+        "mode": "GCM"
+    },
+    "SM4": {
+        "code": "sm4",
+        "cipher": "SM4",
+        "mode": "CBC"
+    },
+    "SM4_CBC": {
+        "code": "sm4-cbc",
+        "cipher": "SM4",
+        "mode": "CBC"
+    },
+    "SM4_CTR": {
+        "code": "sm4-ctr",
+        "cipher": "SM4",
+        "mode": "CTR"
+    },
+    "SM4_CBC_HUAWEI": {
+        "code": "sm4-cbc@huawei",
+        "cipher": "SM4",
+        "mode": "CBC"
+    },
     "TRIPLE_DES_CBC": {
         "code": "3des-cbc",
         "cipher": "TRIPLE_DES",
@@ -349,6 +544,16 @@
         "cipher": "TWOFISH128",
         "mode": "CTR"
     },
+    "TWOFISH128_GCM": {
+        "code": "twofish128-gcm",
+        "cipher": "TWOFISH128",
+        "mode": "GCM"
+    },
+    "TWOFISH128_GCM_LIBASSH_ORG": {
+        "code": "twofish128-gcm@libassh.org",
+        "cipher": "TWOFISH128",
+        "mode": "GCM"
+    },
     "TWOFISH192_CBC": {
         "code": "twofish192-cbc",
         "cipher": "TWOFISH192",
@@ -368,5 +573,15 @@
         "code": "twofish256-ctr",
         "cipher": "TWOFISH256",
         "mode": "CTR"
+    },
+    "TWOFISH256_GCM": {
+        "code": "twofish256-gcm",
+        "cipher": "TWOFISH256",
+        "mode": "GCM"
+    },
+    "TWOFISH256_GCM_LIBASSH_ORG": {
+        "code": "twofish256-gcm@libassh.org",
+        "cipher": "TWOFISH256",
+        "mode": "GCM"
     }
 }