Cryptography primitives¶
mom.security¶
module: | mom.security |
---|---|
synopsis: | Cryptography primitives. |
module: | mom.security.hash |
---|---|
synopsis: | Convenient hashing functions. |
SHA-1 digests¶
-
mom.security.hash.
sha1_base64_digest
(*inputs)¶ Calculates Base-64-encoded SHA-1 digest of a variable number of inputs.
Parameters: inputs – A variable number of inputs for which the digest will be calculated. Returns: Base-64-encoded SHA-1 digest.
-
mom.security.hash.
sha1_digest
(*inputs)¶ Calculates a SHA-1 digest of a variable number of inputs.
Parameters: inputs – A variable number of inputs for which the digest will be calculated. Returns: A byte string containing the SHA-1 message digest.
-
mom.security.hash.
sha1_hex_digest
(*inputs)¶ Calculates hexadecimal representation of the SHA-1 digest of a variable number of inputs.
Parameters: inputs – A variable number of inputs for which the digest will be calculated. Returns: Hexadecimal representation of the SHA-1 digest.
MD5 digests¶
-
mom.security.hash.
md5_base64_digest
(*inputs)¶ Calculates Base-64-encoded MD5 digest of a variable number of inputs.
Parameters: inputs – A variable number of inputs for which the digest will be calculated. Returns: Base-64-encoded MD5 digest.
-
mom.security.hash.
md5_digest
(*inputs)¶ Calculates a MD5 digest of a variable number of inputs.
Parameters: inputs – A variable number of inputs for which the digest will be calculated. Returns: A byte string containing the MD5 message digest.
-
mom.security.hash.
md5_hex_digest
(*inputs)¶ Calculates hexadecimal representation of the MD5 digest of a variable number of inputs.
Parameters: inputs – A variable number of inputs for which the digest will be calculated. Returns: Hexadecimal representation of the MD5 digest.
HMAC-SHA-1 digests¶
-
mom.security.hash.
hmac_sha1_base64_digest
(key, data)¶ Calculates a base64-encoded HMAC SHA-1 signature.
Parameters: - key – The key for the signature.
- data – The data to be signed.
Returns: Base64-encoded HMAC SHA-1 signature.
-
mom.security.hash.
hmac_sha1_digest
(key, data)¶ Calculates a HMAC SHA-1 digest.
Parameters: - key – The key for the digest.
- data – The raw bytes data for which the digest will be calculated.
Returns: HMAC SHA-1 Digest.
module: | mom.security.random |
---|---|
synopsis: | Random number, bits, bytes, string, sequence, & password generation. |
Bits and bytes¶
-
mom.security.random.
generate_random_bits
(n_bits, rand_func=<function generate_random_bytes>)¶ Generates the specified number of random bits as a byte string. For example:
f(x) -> y such that f(16) -> 1111 1111 1111 1111; bytes_to_integer(y) => 65535L f(17) -> 0000 0001 1111 1111 1111 1111; bytes_to_integer(y) => 131071L
Parameters: - n_bits –
Number of random bits.
if n is divisible by 8, (n / 8) bytes will be returned. if n is not divisible by 8, ((n / 8) + 1) bytes will be returned and the prefixed offset-byte will have (n % 8) number of random bits, (that is, 8 - (n % 8) high bits will be cleared).
The range of the numbers is 0 to (2**n)-1 inclusive.
- rand_func – Random bytes generator function.
Returns: Bytes.
- n_bits –
-
mom.security.random.
generate_random_bytes
(count)¶ Generates a random byte string with
count
bytes.Parameters: count – Number of bytes. Returns: Random byte string.
Numbers¶
-
mom.security.random.
generate_random_uint_atmost
(n_bits, rand_func=<function generate_random_bytes>)¶ Generates a random unsigned integer with n_bits random bits.
Parameters: - n_bits – Number of random bits to be generated at most.
- rand_func – Random bytes generator function.
Returns: Returns an unsigned long integer with at most n_bits random bits. The generated unsigned long integer will be between 0 and (2**n_bits)-1 both inclusive.
-
mom.security.random.
generate_random_uint_exactly
(n_bits, rand_func=<function generate_random_bytes>)¶ Generates a random unsigned long with
n_bits
random bits.Parameters: - n_bits – Number of random bits.
- rand_func – Random bytes generator function.
Returns: Returns an unsigned long integer with
n_bits
random bits. The generated unsigned long integer will be between 2**(n_bits-1) and (2**n_bits)-1 both inclusive.
-
mom.security.random.
generate_random_uint_between
(low, high, rand_func=<function generate_random_bytes>)¶ Generates a random long integer between low and high, not including high.
Parameters: - low – Low
- high – High
- rand_func – Random bytes generator function.
Returns: Random unsigned long integer value.
Sequences and choices¶
-
mom.security.random.
random_choice
(sequence, rand_func=<function generate_random_bytes>)¶ Randomly chooses an element from the given non-empty sequence.
Parameters: sequence – Non-empty sequence to randomly choose an element from. Returns: Randomly chosen element.
-
mom.security.random.
random_shuffle
(sequence, rand_func=<function generate_random_bytes>)¶ Randomly shuffles the sequence in-place.
Parameters: sequence – Sequence to shuffle in-place. Returns: The shuffled sequence itself (for convenience).
-
mom.security.random.
generate_random_sequence
(length, pool, rand_func=<function generate_random_bytes>)¶ Generates a random sequence of given length using the sequence pool specified.
Parameters: - length – The length of the random sequence.
- pool – A sequence of elements to be used as the pool from which random elements will be chosen.
Returns: A list of elements randomly chosen from the pool.
-
mom.security.random.
generate_random_sequence_strong
(entropy, pool, rand_func=<function generate_random_bytes>)¶ Generates a random sequence based on entropy.
If you’re using this to generate passwords based on entropy: http://en.wikipedia.org/wiki/Password_strength
Parameters: - entropy – Desired entropy in bits.
- pool – The pool of unique elements from which to randomly choose.
Returns: Randomly generated sequence with specified entropy.
Strings¶
-
mom.security.random.
generate_random_string
(length, pool='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789', rand_func=<function generate_random_bytes>)¶ Generates a random string of given length using the sequence pool specified.
Don’t use this to generate passwords. Use generate_random_password instead.
Entropy:
H = log2(N**L)where:
- H is the entropy in bits.
- N is the possible symbol count
- L is length of string of symbols
Entropy chart:
----------------------------------------------------------------- Symbol set Symbol Count (N) Entropy per symbol (H) ----------------------------------------------------------------- HEXADECIMAL_DIGITS 16 4.0000 bits DIGITS 10 3.3219 bits LOWERCASE_ALPHA 26 4.7004 bits UPPERCASE_ALPHA 26 4.7004 bits PUNCTUATION 32 5.0000 bits LOWERCASE_ALPHANUMERIC 36 5.1699 bits UPPERCASE_ALPHANUMERIC 36 5.1699 bits ALPHA 52 5.7004 bits ALPHANUMERIC 62 5.9542 bits ASCII_PRINTABLE 94 6.5546 bits ALL_PRINTABLE 100 6.6438 bits
Parameters: - length – The length of the random sequence.
- pool – A sequence of characters to be used as the pool from which random characters will be chosen. Default case-sensitive alpha-numeric characters.
Returns: A string of elements randomly chosen from the pool.
-
mom.security.random.
generate_random_password
(entropy, pool='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!"#$%&\'()*+, -./:;<=>?@[\\]^_`{|}~', rand_func=<function generate_random_bytes>)¶ Generates a password based on entropy.
If you’re using this to generate passwords based on entropy: http://en.wikipedia.org/wiki/Password_strength
Parameters: - entropy – Desired entropy in bits. Choose at least 64 to have a decent password.
- pool – The pool of unique characters from which to randomly choose.
Returns: Randomly generated password with specified entropy.
-
mom.security.random.
generate_random_hex_string
(length=8, rand_func=<function generate_random_bytes>)¶ Generates a random ASCII-encoded hexadecimal string of an even length.
Parameters: - length – Length of the string to be returned. Default 32. The length MUST be a positive even number.
- rand_func – Random bytes generator function.
Returns: A string representation of a randomly-generated hexadecimal string.
Utility¶
-
mom.security.random.
calculate_entropy
(length, pool='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789')¶ Determines the entropy of the given sequence length and the pool.
Parameters: - length – The length of the generated random sequence.
- pool – The pool of unique elements used to generate the sequence.
Returns: The entropy (in bits) of the random sequence.
module: | mom.security.codec |
---|---|
synopsis: | Codecs to encode and decode keys and certificates in various formats. |
PEM key decoders¶
-
mom.security.codec.
public_key_pem_decode
(pem_key)¶ Decodes a PEM-encoded public key/X.509 certificate string into internal representation.
Parameters: pem_key – The PEM-encoded key. Must be one of: 1. RSA public key. 2. X.509 certificate. Returns: A dictionary of key information.
-
mom.security.codec.
private_key_pem_decode
(pem_key)¶ Decodes a PEM-encoded private key string into internal representation.
Parameters: pem_key – The PEM-encoded RSA private key. Returns: A dictionary of key information.