Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Reduce deprecation warnings from cryptography module #445

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
54 changes: 33 additions & 21 deletions pgpy/constants.py
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@
from cryptography.hazmat.backends import openssl
from cryptography.hazmat.primitives.asymmetric import ec
from cryptography.hazmat.primitives.ciphers import algorithms
from cryptography.hazmat.primitives._cipheralgorithm import CipherAlgorithm

from .types import FlagEnum
from .decorators import classproperty
Expand Down Expand Up @@ -187,37 +188,48 @@ class SymmetricKeyAlgorithm(IntEnum):
#: Camellia with 256-bit key
Camellia256 = 0x0D

@property
def cipher(self):
bs = {SymmetricKeyAlgorithm.IDEA: algorithms.IDEA,
SymmetricKeyAlgorithm.TripleDES: algorithms.TripleDES,
SymmetricKeyAlgorithm.CAST5: algorithms.CAST5,
SymmetricKeyAlgorithm.Blowfish: algorithms.Blowfish,
SymmetricKeyAlgorithm.AES128: algorithms.AES,
SymmetricKeyAlgorithm.AES192: algorithms.AES,
SymmetricKeyAlgorithm.AES256: algorithms.AES,
SymmetricKeyAlgorithm.Twofish256: namedtuple('Twofish256', ['block_size'])(block_size=128),
SymmetricKeyAlgorithm.Camellia128: algorithms.Camellia,
SymmetricKeyAlgorithm.Camellia192: algorithms.Camellia,
SymmetricKeyAlgorithm.Camellia256: algorithms.Camellia}

if self in bs:
return bs[self]

def cipher(self, key: bytes) -> CipherAlgorithm:
if self is SymmetricKeyAlgorithm.IDEA:
return algorithms.IDEA(key)
elif self is SymmetricKeyAlgorithm.TripleDES:
return algorithms.TripleDES(key)
elif self is SymmetricKeyAlgorithm.CAST5:
return algorithms.CAST5(key)
elif self is SymmetricKeyAlgorithm.Blowfish:
return algorithms.Blowfish(key)
elif self in {SymmetricKeyAlgorithm.AES128, SymmetricKeyAlgorithm.AES192, SymmetricKeyAlgorithm.AES256}:
return algorithms.AES(key)
elif self in {SymmetricKeyAlgorithm.Camellia128, SymmetricKeyAlgorithm.Camellia192, SymmetricKeyAlgorithm.Camellia256}:
return algorithms.Camellia(key)
raise NotImplementedError(repr(self))

@property
def is_supported(self):
return callable(self.cipher)
def is_supported(self) -> bool:
return self in {SymmetricKeyAlgorithm.IDEA,
SymmetricKeyAlgorithm.TripleDES,
SymmetricKeyAlgorithm.CAST5,
SymmetricKeyAlgorithm.Blowfish,
SymmetricKeyAlgorithm.AES128,
SymmetricKeyAlgorithm.AES192,
SymmetricKeyAlgorithm.AES256,
SymmetricKeyAlgorithm.Camellia128,
SymmetricKeyAlgorithm.Camellia192,
SymmetricKeyAlgorithm.Camellia256}

@property
def is_insecure(self):
insecure_ciphers = {SymmetricKeyAlgorithm.IDEA}
return self in insecure_ciphers

@property
def block_size(self):
return self.cipher.block_size
def block_size(self) -> int:
if self in {SymmetricKeyAlgorithm.IDEA,
SymmetricKeyAlgorithm.TripleDES,
SymmetricKeyAlgorithm.CAST5,
SymmetricKeyAlgorithm.Blowfish}:
return 64
else:
return 128

@property
def key_size(self):
Expand Down
8 changes: 4 additions & 4 deletions tests/test_10_exceptions.py
Original file line number Diff line number Diff line change
Expand Up @@ -172,10 +172,10 @@ def test_protect_pubkey(self, rsa_pub, recwarn):
def test_protect_protected_key(self, rsa_enc, recwarn):
rsa_enc.protect('QwertyUiop', SymmetricKeyAlgorithm.CAST5, HashAlgorithm.SHA1)

w = recwarn.pop(UserWarning)
assert str(w.message) == "This key is already protected with a passphrase - " \
"please unlock it before attempting to specify a new passphrase"
assert w.filename == __file__
warning = "This key is already protected with a passphrase - please unlock it before attempting to specify a new passphrase"
msgs = list(filter(lambda x: str(x.message) == warning, recwarn))
assert len(msgs) == 1
assert msgs[0].filename == __file__

def test_unlock_wrong_passphrase(self, rsa_enc):
with pytest.raises(PGPDecryptionError):
Expand Down