Commit bb4669fc authored by Arthur de Jong's avatar Arthur de Jong

New upstream version 1.1

parent 5227f23c
2019-02-10 Arthur de Jong <arthur@arthurdejong.org>
* [21323a0] .travis.yml, setup.py: Add Python 3.7 in Travis and
reduce build matrix
This runs the signxml flavour on all Python versions and only
runs all other flavours on Python 2.6 and 3.6.
2019-02-10 Arthur de Jong <arthur@arthurdejong.org>
* [c2abbec] setup.cfg: Make the multi-line operator place explicit
Recent versions of flake8 changed the defaults of the errors
to ignore.
2018-07-30 Arthur de Jong <arthur@arthurdejong.org>
* [5e93d32] pskc/crypto/aeskw.py: Ignore more flake8 messages
2018-05-21 Arthur de Jong <arthur@arthurdejong.org>
* [f4b2559] docs/index.rst, docs/scripts.rst: Add links to script
documentation
2018-04-21 Arthur de Jong <arthur@arthurdejong.org>
* [610f7cd] : Implement csv2pcks script
2018-04-19 Arthur de Jong <arthur@arthurdejong.org>
* [7bbaac3] docs/csv2pskc.rst, pskc/scripts/csv2pskc.py,
tests/test_csv2pskc.doctest: Add --skip-columns option
This option can be used to skip a number of rows in the CSV file
before the key data is read. If the number of rows to skip is 0,
the column interpretation should be provided using the --columns
option.
2018-04-05 Arthur de Jong <arthur@arthurdejong.org>
* [88002fc] docs/csv2pskc.rst, pskc/scripts/csv2pskc.py,
tests/test_csv2pskc.doctest: Add --set option
This option can be used to set key properties for all keys in
the PSKC file.
2018-04-05 Arthur de Jong <arthur@arthurdejong.org>
* [e91e498] docs/csv2pskc.rst, pskc/scripts/csv2pskc.py,
tests/test_csv2pskc.doctest: Add --columns option
This option can be used to override the list of columns as found
in the first line of the CSV file or provide a mapping for values
found in the first line to PSKC properties.
2018-03-31 Arthur de Jong <arthur@arthurdejong.org>
* [c652eee] csv2pskc.py, docs/conf.py, docs/csv2pskc.rst,
pskc/scripts/csv2pskc.py, setup.py, tests/test_csv2pskc.doctest:
Add a csv2pskc script for CSV to PSKC conversion
This script reads a CSV file and writes out a PSKC file with the
key information from the CSV file. The CSV file is expected to
have one row for each key and key property values in columns.
2018-04-02 Arthur de Jong <arthur@arthurdejong.org>
* [ce96e69] pskc/scripts/__init__.py, pskc/scripts/pskc2csv.py,
pskc/scripts/pskc2pskc.py, pskc/scripts/util.py, pskc2csv.py,
pskc2pskc.py, setup.cfg, setup.py, tests/test_pskc2csv.doctest,
tests/test_pskc2pskc.doctest, tox.ini: Ship the script as part
of the pskc package
This also installs pskc2csv and pskc2pskc console script entry
points as part of the package installation.
2018-03-03 Arthur de Jong <arthur@arthurdejong.org>
* [7a56eac] pskc/__init__.py, pskc/device.py,
tests/test_misc.doctest: Support setting key sub-properties
via add_key()
2018-03-11 Arthur de Jong <arthur@arthurdejong.org>
* [e6f2dd4] pskc/encryption.py, tests/test_encryption.doctest,
tests/test_pskc2pskc.doctest, tests/test_write.doctest: Increase
default PBKDF2 iterations to 100000
2018-02-21 Arthur de Jong <arthur@arthurdejong.org>
* [9026e1c] setup.cfg: Support building a universal wheel
2018-02-15 Arthur de Jong <arthur@arthurdejong.org>
* [b3e7fe7] pskc/__init__.py, pskc/crypto/aeskw.py,
pskc/device.py, pskc/encryption.py, pskc/key.py, pskc/parser.py,
pskc/serialiser.py, pskc/signature.py, setup.cfg: Add and
cleanup docstrings
This adds docstrings to public methods and cleans up a few other
docstrings to pass most flake8 docstring related tests.
This also adds noqa statements in a few places so we can remove
most entries from the global flake8 ignore list.
2018-02-10 Arthur de Jong <arthur@arthurdejong.org>
* [03ee35d] docs/conf.py, docs/pskc2pskc.rst, pskc2pskc.py,
setup.cfg, tests/test_pskc2pskc.doctest: Add a pskc2pskc script
for converting PSKC files
This script reads a PSKC file in any supported format and writes
out a RFC 6030 compliant version of the file, optionally with
the encryption removed or (re-)encrypting the file with a new key.
2018-02-08 Arthur de Jong <arthur@arthurdejong.org>
* [924e1f3] pskc/serialiser.py, tests/test_write.doctest: Correctly
write a PSKC file without a MAC key
In some cases a PSKC file can be written with a MAC algorithm
but without a MAC key. This is possible when the MAC key is not
supplied (allowed in older PSKC versions) and a fallback to the
encryption key is done. If we have not yet decrypted the file
the MAC key is not yet available and so can't be included in
the written file.
2018-02-04 Arthur de Jong <arthur@arthurdejong.org>
* [be2b49f] pskc/encryption.py, pskc/serialiser.py,
tests/test_write.doctest: Correctly write a PSKC file with a
global IV
This ensures that the encryption IV, which should be per encrypted
value is written out per encrypted value instead of globally. This
is mostly useful for when reading an old format PSKC file and
writing out a RFC 6030 compliant one.
2018-02-07 Arthur de Jong <arthur@arthurdejong.org>
* [e60d7f3] pskc/mac.py, pskc/parser.py, pskc/serialiser.py:
Also use EncryptedValue for MAC key
This ensures that an encrypted MAC key is hanled in the same
way as normal encrypted data values.
This also ensures consistent fallback to the globally
configured encryption algorithm if no value has been set in
the EncryptedValue.
2018-01-31 Arthur de Jong <arthur@arthurdejong.org>
* [8054c6e] pskc/serialiser.py: Always output a PSKC 1.0 format file
This ignores the value of the version attribute in the PSKC
object and always writes a PSKC 1.0 (RFC 6030) format file.
2018-01-31 Arthur de Jong <arthur@arthurdejong.org>
* [97faa13] docs/encryption.rst, pskc/encryption.py,
tests/test_encryption.doctest, tests/test_write.doctest: Implement
removing encryption
This adds a function to decrypt all values and remove the
encryption of an encrypted PSKC file.
2018-02-08 Arthur de Jong <arthur@arthurdejong.org>
* [2698657] .travis.yml: Add a Travis configuration file
2018-02-04 Arthur de Jong <arthur@arthurdejong.org>
* [82fa3bd] pskc/encryption.py, pskc/serialiser.py, pskc2csv.py:
Fix code style issues
Fixes 1ff3237f, 84bfb8a6 and 20bf9c5
2017-12-29 Arthur de Jong <arthur@arthurdejong.org>
* [2693495] tests/test_misc.doctest, tests/test_pskc2csv.doctest,
tox.ini: Fixes to test suite
This ensures that the tests also work without a TTY and work
regardless of the PYTHONWARNINGS and TZ environment variables
Fixes cd33833
2017-12-29 Arthur de Jong <arthur@arthurdejong.org>
* [fe63c42] ChangeLog, MANIFEST.in, NEWS, pskc/__init__.py,
setup.py: Get files ready for 1.0 release
2017-12-29 Arthur de Jong <arthur@arthurdejong.org>
* [2651e80] tests/test_write.doctest: Not all XML serialisers
......
changes from 1.0 to 1.1
-----------------------
* portability fixes for test suite
* add a remove_encryption() function
* always write a 1.0 PSKC version, even when another version was read
* correctly write a PSKC file with a global IV
* correctly write a PSKC file without a MAC key
* add a pskc2pskc script for converting a legacy PSKC file to a RFC 6030
compliant version and for adding or removing encryption
* add a csv2pskc script for generating a PSKC file from a CSV file
* make all the scripts (pskc2csv, pskc2pskc and csv2pskc) entry points so
they are available on package installation
changes from 0.5 to 1.0
-----------------------
......
Metadata-Version: 1.1
Metadata-Version: 2.1
Name: python-pskc
Version: 1.0
Version: 1.1
Summary: Python module for handling PSKC files
Home-page: https://arthurdejong.org/python-pskc/
Author: Arthur de Jong
Author-email: arthur@arthurdejong.org
License: LGPL
Description-Content-Type: UNKNOWN
Description: Python module for handling PSKC files
=====================================
......@@ -64,7 +63,7 @@ Description: Python module for handling PSKC files
Copyright
---------
Copyright (C) 2014-2017 Arthur de Jong
Copyright (C) 2014-2019 Arthur de Jong
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
......@@ -83,7 +82,7 @@ Description: Python module for handling PSKC files
Keywords: PSKC,RFC 6030,key container
Platform: UNKNOWN
Classifier: Development Status :: 4 - Production/Stable
Classifier: Development Status :: 5 - Production/Stable
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: Information Technology
Classifier: Intended Audience :: System Administrators
......@@ -97,7 +96,11 @@ Classifier: Programming Language :: Python :: 3.4
Classifier: Programming Language :: Python :: 3.5
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: Implementation :: PyPy
Classifier: Topic :: Security :: Cryptography
Classifier: Topic :: Software Development :: Libraries :: Python Modules
Classifier: Topic :: System :: Systems Administration :: Authentication/Directory
Classifier: Topic :: Text Processing :: Markup :: XML
Provides-Extra: defuse
Provides-Extra: lxml
Provides-Extra: signature
......@@ -55,7 +55,7 @@ private key material.
Copyright
---------
Copyright (C) 2014-2017 Arthur de Jong
Copyright (C) 2014-2019 Arthur de Jong
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
......
#!/usr/bin/env python
# coding: utf-8
# csv2pskc.py - script to convert a CSV file to PSKC
#
# Copyright (C) 2018 Arthur de Jong
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this library; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
# 02110-1301 USA
from pskc.scripts import csv2pskc
if __name__ == '__main__': # pragma: no cover
csv2pskc.main()
# -*- coding: utf-8 -*-
#
# python-pksc documentation build configuration file, created by
# python-pskc documentation build configuration file, created by
# sphinx-quickstart
#
# This file is execfile()d with the current directory set to its containing dir.
......@@ -46,7 +46,7 @@ master_doc = 'index'
# General information about the project.
project = u'python-pskc'
copyright = u'2014-2017 Arthur de Jong'
copyright = u'2014-2019 Arthur de Jong'
# The version info for the project you're documenting, acts as replacement for
# |version| and |release|, also used in various other places throughout the
......@@ -172,7 +172,7 @@ html_show_sourcelink = False
#html_file_suffix = None
# Suffix for generated links to HTML files.
html_link_suffix = ''
#html_link_suffix = ''
# Output file base name for HTML help builder.
htmlhelp_basename = 'python-pskcdoc'
......@@ -184,10 +184,14 @@ htmlhelp_basename = 'python-pskcdoc'
# (source start file, name, description, authors, manual section).
man_pages = [
('pskc2csv', 'pskc2csv', u'Convert a PSKC file to CSV',
[u'Arthur de Jong'], 1)
[u'Arthur de Jong'], 1),
('pskc2pskc', 'pskc2pskc', u'Convert a PSKC file to standard format',
[u'Arthur de Jong'], 1),
('csv2pskc', 'csv2pskc', u'Convert a CSV file to PSKC',
[u'Arthur de Jong'], 1),
]
# If true, show URL addresses after external links.
man_show_urls = True
intersphinx_mapping = {'python': ('https://docs.python.org/3', None)}
#intersphinx_mapping = {'python': ('https://docs.python.org/3', None)}
:orphan:
csv2pskc
========
Synopsis
--------
**csv2pskc** [*options*] [<*FILE*>]
Description
-----------
:program:`csv2pskc` reads a CSV file where the first line contains column
labels and following lines contain key information for one key per line.
Options
-------
.. program:: csv2pskc
.. option:: -h, --help
Display usage summary.
.. option:: -V, --version
Display version information.
.. option:: -o FILE, --output FILE
By default :program:`csv2pskc` writes a PSKC file to stdout. This option
can be used to save to a file instead.
.. option:: -c COL,COL,.., --columns COL,COL,..
Specify the meaning of the columns in the CSV file. By default the first
row of the CSV file is expected to list the names of the columns.
Any property of :class:`~pskc.key.Key` instances can be used as well as
:class:`~pskc.policy.Policy` properties via ``policy``. For example:
``serial``, ``secret``, ``counter``, ``time_offset``, ``time_interval``,
``interval``, ``time_drift``, ``issuer``, ``manufacturer``,
``response_length``, ``policy.pin_min_length``.
This option can either specify a list of columns or a COL:KEY mapping
where COL refers to the value found in the first line of the CSV file and
KEY refers to a property as described above.
It is possible to map a single column in the CSV file to multiple PSKC
properties (e.g. use of ``id+serial`` sets both the ID and device serial
number to the value found in that column).
.. option:: --skip-rows N
By default the first row is treated as a header which contains labels.
This option can be used to either skip more row (the first row of the CSV file will
still be treated as a header) or to indicate that there is no header row.
In the latter case the :option:`--columns` option is required.
.. option:: -x COL=VALUE, --set COL=VALUE
Specify properties that are added to all keys in the generated PSKC file.
Accepted labels are the same as for the :option:`--columns` option.
This can be useful for setting the ``issuer``, ``manufacturer`` or
oter common properties globally.
.. option:: -p PASS/FILE, --password PASS/FILE, --passwd PASS/FILE
Encrypt the PSKC file with the specified password. If the argument refers
to a file the password is read from the file instead.
.. option:: -s KEY/FILE, --secret KEY/FILE
A hex encoded encryption key or a file containing the binary key (raw
data, not encoded).
.. option:: -e ENCODING, --secret-encoding ENCODING
Specify the encoding to use for reading key material from the CSV file. By
default HEX encoding is used. Valid encodings are: ``base32``, ``base64``
or ``hex``.
......@@ -149,6 +149,13 @@ The Encryption class
By default 12000 iterations will be used and a random salt with the
length of the to-be-generated encryption key will be used.
.. function:: remove_encryption()
Decrypt all data stored in the PSKC file and remove the encryption
configuration. This can be used to read and encrypted PSKC file,
decrypt the file, remove the encryption and output an unencrypted PSKC
file or to replace the encryption algorithm.
.. _encryption-algorithms:
......
......@@ -14,6 +14,7 @@ Contents
signatures
policy
exceptions
scripts
changes
......
:orphan:
pskc2pskc
=========
Synopsis
--------
**pskc2pskc** [*options*] <*FILE*>
Description
-----------
:program:`pskc2pskc` reads a PSKC file in any of the supported formats,
optionally decrypts any encrypted information and outputs a PSKC file in the
RFC6030 format, optionally encrypting the file.
Options
-------
.. program:: pskc2pskc
.. option:: -h, --help
Display usage summary.
.. option:: -V, --version
Display version information.
.. option:: -o FILE, --output FILE
By default :program:`pskc2pskc` writes a PSKC file to stdout. This option
can be used to save to a file instead.
.. option:: -p PASS/FILE, --password PASS/FILE, --passwd PASS/FILE
The password to use for decryption. If the argument refers to a file the
password is read from the file instead.
.. option:: -s KEY/FILE, --secret KEY/FILE
A hex encoded encryption key or a file containing the binary (raw data,
not encoded) key used for decryption.
.. option:: --new-password PASS/FILE, --new-passwd PASS/FILE
Output an encrypted PSKC file that is protected with the specified
password (or read the password from the file if a file argument was
specified).
.. option:: --new-secret KEY/FILE
Ensure that the output PSKC file is encrypted with the specified key
value. The key can be probded as a hex-encoded value or point to a file
that contains the binary value of the key.
Command-line scripts
====================
This `python-pskc <https://arthurdejong.org/python-pskc/>`__ module includes
a number of scripts that can be used to handle PSKC files:
Scripts
-------
.. toctree::
:maxdepth: 1
pskc2csv: Convert a PSKC file to CSV <pskc2csv>
pskc2pskc: Reformat or change encryption of a PSKC file <pskc2pskc>
csv2pskc: Convert a CSV file to PSKC <csv2pskc>
# __init__.py - main module
# coding: utf-8
#
# Copyright (C) 2014-2017 Arthur de Jong
# Copyright (C) 2014-2019 Arthur de Jong
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
......@@ -18,7 +18,7 @@
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
# 02110-1301 USA
"""Python module for handling PSKC files
"""Python module for handling PSKC files.
This Python library handles Portable Symmetric Key Container (PSKC) files as
defined in RFC 6030. PSKC files are used to transport and provision symmetric
......@@ -54,7 +54,7 @@ __all__ = ['PSKC', '__version__']
# the version number of the library
__version__ = '1.0'
__version__ = '1.1'
class PSKC(object):
......@@ -95,29 +95,24 @@ class PSKC(object):
"""Create a new device instance for the PSKC file.
The device is initialised with properties from the provided keyword
arguments if any."""
from pskc.device import Device
arguments if any.
"""
from pskc.device import Device, update_attributes
device = Device(self)
self.devices.append(device)
# assign the kwargs as key properties
for k, v in kwargs.items():
if not hasattr(device, k):
raise AttributeError()
setattr(device, k, v)
update_attributes(device, **kwargs)
return device
def add_key(self, **kwargs):
"""Create a new key instance for the PSKC file.
The new key is initialised with properties from the provided keyword
arguments if any."""
arguments if any.
"""
from pskc.device import update_attributes
device = self.add_device()
key = device.add_key()
# assign the kwargs as key properties
for k, v in kwargs.items():
if not hasattr(key, k):
raise AttributeError()
setattr(key, k, v)
update_attributes(key, **kwargs)
return key
def write(self, filename):
......
......@@ -54,8 +54,8 @@ def wrap(plaintext, key, iv=None, pad=None, algorithm=algorithms.AES):
If pad is True, padding as described in RFC 5649 will always be used. If
pad is False, padding is disabled. Other values automatically enable RFC
5649 padding when needed."""
5649 padding when needed.
"""
if iv is not None:
pad = False
......@@ -80,13 +80,13 @@ def wrap(plaintext, key, iv=None, pad=None, algorithm=algorithms.AES):
# RFC 5649 shortcut
return encryptor.update(iv + plaintext)
A = iv
R = [plaintext[i * 8:i * 8 + 8]
A = iv # noqa: N806
R = [plaintext[i * 8:i * 8 + 8] # noqa: N806
for i in range(n)]
for j in range(6):
for i in range(n):
A, R[i] = _split(encryptor.update(A + R[i]))
A = _strxor(A, struct.pack('>Q', n * j + i + 1))
A, R[i] = _split(encryptor.update(A + R[i])) # noqa: N806
A = _strxor(A, struct.pack('>Q', n * j + i + 1)) # noqa: N806
return A + b''.join(R)
......@@ -97,8 +97,8 @@ def unwrap(ciphertext, key, iv=None, pad=None, algorithm=algorithms.AES):
RFC 5649 will be used, depending on the value of pad.
If pad is False, unpadding as described in RFC 5649 will be disabled,
otherwise checking and removing the padding is automatically done."""
otherwise checking and removing the padding is automatically done.
"""
if iv is not None:
pad = False
......@@ -110,15 +110,15 @@ def unwrap(ciphertext, key, iv=None, pad=None, algorithm=algorithms.AES):
n = len(ciphertext) // 8 - 1
if n == 1:
A, plaintext = _split(decryptor.update(ciphertext))
A, plaintext = _split(decryptor.update(ciphertext)) # noqa: N806
else:
A = ciphertext[:8]
R = [ciphertext[(i + 1) * 8:(i + 2) * 8]
A = ciphertext[:8] # noqa: N806
R = [ciphertext[(i + 1) * 8:(i + 2) * 8] # noqa: N806
for i in range(n)]
for j in reversed(range(6)):
for i in reversed(range(n)):
A = _strxor(A, struct.pack('>Q', n * j + i + 1))
A, R[i] = _split(decryptor.update(A + R[i]))
A = _strxor(A, struct.pack('>Q', n * j + i + 1)) # noqa: N806
A, R[i] = _split(decryptor.update(A + R[i])) # noqa: N806
plaintext = b''.join(R)
if iv is None:
......
# device.py - module for handling device info from pskc files
# coding: utf-8
#
# Copyright (C) 2016 Arthur de Jong
# Copyright (C) 2016-2018 Arthur de Jong
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
......@@ -21,6 +21,17 @@
"""Module that handles device information stored in PSKC files."""
def update_attributes(obj, **kwargs):
"""Update object with provided properties."""
for k, v in kwargs.items():
k = k.split('.') if '.' in k else k.split('__')
o = obj
for name in k[:-1]:
o = getattr(o, name)
getattr(o, k[-1]) # raise exception for non-existing properties
setattr(o, k[-1], v)
class Device(object):
"""Representation of a single key from a PSKC file.
......@@ -57,13 +68,10 @@ class Device(object):
"""Create a new key instance for the device.
The new key is initialised with properties from the provided keyword
arguments if any."""
arguments if any.
"""
from pskc.key import Key
key = Key(self)
self.keys.append(key)
# assign the kwargs as key properties
for k, v in kwargs.items():
if not hasattr(key, k):
raise AttributeError()
setattr(key, k, v)
update_attributes(key, **kwargs)
return key
# encryption.py - module for handling encrypted values
# coding: utf-8
#
# Copyright (C) 2014-2017 Arthur de Jong
# Copyright (C) 2014-2018 Arthur de Jong
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
......@@ -211,6 +211,7 @@ class KeyDerivation(object):
self._pbkdf2_prf = normalise_algorithm(value)
def derive_pbkdf2(self, password):
"""Derive an encryption key from the provided password."""
from hashlib import pbkdf2_hmac
from pskc.exceptions import KeyDerivationError
prf = 'sha1'
......@@ -249,6 +250,7 @@ class KeyDerivation(object):
def setup_pbkdf2(self, password, salt=None, salt_length=16,
key_length=None, iterations=None, prf=None):
"""Configure PBKDF2 key derivation properties."""
self.algorithm = 'pbkdf2'
if salt is None:
salt = os.urandom(salt_length)
......@@ -256,7 +258,7 @@ class KeyDerivation(object):
if iterations:
self.pbkdf2_iterations = iterations
elif self.pbkdf2_iterations is None:
self.pbkdf2_iterations = 12 * 1000
self.pbkdf2_iterations = 100000
if key_length: # pragma: no branch (always specified)
self.pbkdf2_key_length = key_length
if prf:
......@@ -340,7 +342,7 @@ class Encryption(object):
self.algorithm = 'aes128-cbc'
# default to encrypting the secret only
if not self.fields:
self.fields = ['secret', ]
self.fields = ['secret']
# if we're using a CBC mode of encryption, add a MAC
if self.algorithm.endswith('-cbc'):
self.pskc.mac.setup()
......@@ -402,4 +404,33 @@ class Encryption(object):
def encrypt_value(self, plaintext):
"""Encrypt the provided value and return the cipher_value."""
return encrypt(self.algorithm, self.key, plaintext, self.iv)
cipher_value = encrypt(self.algorithm, self.key, plaintext, self.iv)
if self.iv:
cipher_value = cipher_value[len(self.iv):]
return cipher_value
def remove_encryption(self):
"""Decrypt all values and remove the encryption from the PSKC file."""
# decrypt all values and store decrypted values
for key in self.pskc.keys:
key.secret = key.secret
key.counter = key.counter
key.time_offset = key.time_offset
key.time_interval = key.time_interval
key.time_drift = key.time_drift
# remove MAC configuration
self.pskc.mac.algorithm = None
self.pskc.mac.key = None
# remove encryption configuration
self.id = None
self.algorithm = None
self.key_names = []
self.key = None
self.iv = None
self.fields = []
# remove key derivation configuration
self.derivation.algorithm = None
self.derivation.pbkdf2_salt = None
self.derivation.pbkdf2_iterations = None
self.derivation.pbkdf2_key_length = None
self.derivation.pbkdf2_prf = None
# key.py - module for handling keys from pskc files
# coding: utf-8
#