python-pyhsm 1.0.4f-1 / usr / share / pyshared / pyhsm / defines.py

This file is indexed.

/usr/share/pyshared/pyhsm/defines.py is in python-pyhsm 1.0.4f-1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
"""
Various defines from pyhsm_if.h.
"""

# Copyright (c) 2011 Yubico AB
# See the file COPYING for licence statement.

__all__ = [
    # constants
    'YSM_PUBLIC_ID_SIZE',
    'YSM_OTP_SIZE',
    'YSM_BLOCK_SIZE',
    'YSM_MAX_KEY_SIZE',
    'YSM_DATA_BUF_SIZE',
    'YSM_AEAD_NONCE_SIZE',
    'YSM_AEAD_MAC_SIZE',
    'YSM_CCM_CTR_SIZE',
    'YSM_AEAD_MAX_SIZE',
    'YSM_SHA1_HASH_SIZE',
    'YSM_CTR_DRBG_SEED_SIZE',
    'YSM_MAX_PKT_SIZE',
    'YSM_PROTOCOL_VERSION',
    'YSM_TEMP_KEY_HANDLE',
    'UID_SIZE',
    'KEY_SIZE',
    ## statuses
    'YSM_STATUS_OK',
    'YSM_KEY_HANDLE_INVALID',
    'YSM_AEAD_INVALID',
    'YSM_OTP_INVALID',
    'YSM_OTP_REPLAY',
    'YSM_ID_DUPLICATE',
    'YSM_ID_NOT_FOUND',
    'YSM_DB_FULL',
    'YSM_MEMORY_ERROR',
    'YSM_FUNCTION_DISABLED',
    'YSM_KEY_STORAGE_LOCKED',
    'YSM_MISMATCH',
    'YSM_INVALID_PARAMETER',
    ## commands
    'YSM_NULL',
    'YSM_AEAD_GENERATE',
    'YSM_BUFFER_AEAD_GENERATE',
    'YSM_RANDOM_AEAD_GENERATE',
    'YSM_AEAD_DECRYPT_CMP',
    'YSM_DB_YUBIKEY_AEAD_STORE',
    'YSM_DB_YUBIKEY_AEAD_STORE2',
    'YSM_AEAD_YUBIKEY_OTP_DECODE',
    'YSM_DB_OTP_VALIDATE',
    'YSM_AES_ECB_BLOCK_ENCRYPT',
    'YSM_AES_ECB_BLOCK_DECRYPT',
    'YSM_AES_ECB_BLOCK_DECRYPT_CMP',
    'YSM_HMAC_SHA1_GENERATE',
    'YSM_TEMP_KEY_LOAD',
    'YSM_BUFFER_LOAD',
    'YSM_BUFFER_RANDOM_LOAD',
    'YSM_NONCE_GET',
    'YSM_ECHO',
    'YSM_RANDOM_GENERATE',
    'YSM_RANDOM_RESEED',
    'YSM_SYSTEM_INFO_QUERY',
    'YSM_MONITOR_EXIT',
    ##
    # functions
    'cmd2str',
    'status2str'
    # classes
]

YSM_PUBLIC_ID_SIZE	= 6	# Size of public id for std OTP validation
YSM_OTP_SIZE		= 16	# Size of OTP
YSM_BLOCK_SIZE		= 16	# Size of block operations
YSM_MAX_KEY_SIZE	= 32	# Max size of CCMkey
YSM_DATA_BUF_SIZE	= 64	# Size of internal data buffer
YSM_AEAD_NONCE_SIZE	= 6	# Size of AEAD nonce (excluding size of key handle)
YSM_AEAD_MAC_SIZE	= 8	# Size of AEAD MAC field
YSM_CCM_CTR_SIZE	= 2	# Sizeof of AES CCM counter field
YSM_AEAD_MAX_SIZE	= (YSM_DATA_BUF_SIZE + YSM_AEAD_MAC_SIZE) # Max size of an AEAD block
YSM_SHA1_HASH_SIZE	= 20	# 160-bit SHA1 hash size
YSM_CTR_DRBG_SEED_SIZE	= 32	# Size of CTR-DRBG entropy
YSM_MAX_PKT_SIZE	= 0x60  # Max size of a packet (excluding command byte)
YSM_PROTOCOL_VERSION	= 1	# Protocol version for this file


YSM_TEMP_KEY_HANDLE	= 0xffffffff # Phantom temporary key handle

# these two are in ykdef.h
UID_SIZE	= 6
KEY_SIZE	= 16

YSM_RESPONSE		= 0x80    # Response bit
YSM_YUBIKEY_AEAD_SIZE	= (KEY_SIZE + UID_SIZE + YSM_AEAD_MAC_SIZE)

# Response codes
YSM_STATUS_OK           = 0x80    # Executed successfully
YSM_KEY_HANDLE_INVALID  = 0x81    # Key handle is invalid
YSM_AEAD_INVALID        = 0x82    # Supplied AEAD block is invalid
YSM_OTP_INVALID         = 0x83    # Supplied OTP is invalid (CRC or UID)
YSM_OTP_REPLAY          = 0x84    # Supplied OTP is replayed
YSM_ID_DUPLICATE        = 0x85    # The supplied public ID is already in the database
YSM_ID_NOT_FOUND        = 0x86    # The supplied public ID was not found in the database
YSM_DB_FULL             = 0x87    # The database storage is full
YSM_MEMORY_ERROR        = 0x88    # Memory read/write error
YSM_FUNCTION_DISABLED   = 0x89    # Funciton disabled via attribute(s)
YSM_KEY_STORAGE_LOCKED  = 0x8a    # Key storage locked
YSM_MISMATCH            = 0x8b    # Verification mismatch
YSM_INVALID_PARAMETER   = 0x8c    # Invalid parameter

def status2str(num):
    """ Return YubiHSM response status code as string. """
    known = {0x80: 'YSM_STATUS_OK',
             0x81: 'YSM_KEY_HANDLE_INVALID',
             0x82: 'YSM_AEAD_INVALID',
             0x83: 'YSM_OTP_INVALID',
             0x84: 'YSM_OTP_REPLAY',
             0x85: 'YSM_ID_DUPLICATE',
             0x86: 'YSM_ID_NOT_FOUND',
             0x87: 'YSM_DB_FULL',
             0x88: 'YSM_MEMORY_ERROR',
             0x89: 'YSM_FUNCTION_DISABLED',
             0x8a: 'YSM_KEY_STORAGE_LOCKED',
             0x8b: 'YSM_MISMATCH',
             0x8c: 'YSM_INVALID_PARAMETER',
             }

    if num in known:
        return known[num]
    return "0x%02x" % (num)

# HMAC flags
YSM_HMAC_SHA1_RESET		= 0x01     # Flag to indicate reset at first packet
YSM_HMAC_SHA1_FINAL		= 0x02     # Flag to indicate that the hash shall be calculated
YSM_HMAC_SHA1_TO_BUFFER	= 0x04     # Flag to transfer HMAC to buffer

# Commands
YSM_NULL			= 0x00
YSM_AEAD_GENERATE		= 0x01
YSM_BUFFER_AEAD_GENERATE	= 0x02
YSM_RANDOM_AEAD_GENERATE	= 0x03
YSM_AEAD_DECRYPT_CMP		= 0x04
YSM_DB_YUBIKEY_AEAD_STORE	= 0x05
YSM_AEAD_YUBIKEY_OTP_DECODE	= 0x06
YSM_DB_OTP_VALIDATE		= 0x07
YSM_DB_YUBIKEY_AEAD_STORE2	= 0x08
YSM_AES_ECB_BLOCK_ENCRYPT	= 0x0d
YSM_AES_ECB_BLOCK_DECRYPT	= 0x0e
YSM_AES_ECB_BLOCK_DECRYPT_CMP	= 0x0f
YSM_HMAC_SHA1_GENERATE		= 0x10
YSM_TEMP_KEY_LOAD		= 0x11
YSM_BUFFER_LOAD			= 0x20
YSM_BUFFER_RANDOM_LOAD		= 0x21
YSM_NONCE_GET			= 0x22
YSM_ECHO			= 0x23
YSM_RANDOM_GENERATE		= 0x24
YSM_RANDOM_RESEED		= 0x25
YSM_SYSTEM_INFO_QUERY		= 0x26
YSM_KEY_STORAGE_UNLOCK		= 0x27	# Deprecated in 1.0
YSM_HSM_UNLOCK			= 0x28
YSM_KEY_STORE_DECRYPT		= 0x29
YSM_MONITOR_EXIT		= 0x7f

def cmd2str(cmd):
    """ Return command as string. """
    known = {0x00: 'YSM_NULL',
             0x01: 'YSM_AEAD_GENERATE',
             0x02: 'YSM_BUFFER_AEAD_GENERATE',
             0x03: 'YSM_RANDOM_AEAD_GENERATE',
             0x04: 'YSM_AEAD_DECRYPT_CMP',
             0x05: 'YSM_DB_YUBIKEY_AEAD_STORE',
             0x06: 'YSM_AEAD_YUBIKEY_OTP_DECODE',
             0x07: 'YSM_DB_OTP_VALIDATE',
             0x08: 'YSM_DB_YUBIKEY_AEAD_STORE2',
             0x0d: 'YSM_AES_ECB_BLOCK_ENCRYPT',
             0x0e: 'YSM_AES_ECB_BLOCK_DECRYPT',
             0x0f: 'YSM_AES_ECB_BLOCK_DECRYPT_CMP',
             0x10: 'YSM_HMAC_SHA1_GENERATE',
             0x11: 'YSM_TEMP_KEY_LOAD',
             0x20: 'YSM_BUFFER_LOAD',
             0x21: 'YSM_BUFFER_RANDOM_LOAD',
             0x22: 'YSM_NONCE_GET',
             0x23: 'YSM_ECHO',
             0x24: 'YSM_RANDOM_GENERATE',
             0x25: 'YSM_RANDOM_RESEED',
             0x26: 'YSM_SYSTEM_INFO_QUERY',
             0x27: 'YSM_KEY_STORAGE_UNLOCK',
             0x28: 'YSM_HSM_UNLOCK',
             0x29: 'YSM_KEY_STORE_DECRYPT',
             0x7f: 'YSM_MONITOR_EXIT',
             }
    if cmd in known:
        return known[cmd]
    return "0x%02x" % (cmd)

APT Browse - Built by Thomas Orozco.