digi.ccble.security module

class digi.ccble.security.SrpPhase(value)[source]

Bases: Enum

Enumeration class listing all the SRP phases.

Values:
SrpPhase.PHASE_1 = (1, ‘Phase 1: Client presents A value’)
SrpPhase.PHASE_2 = (2, ‘Phase 2: Server presents B and salt’)
SrpPhase.PHASE_3 = (3, ‘Phase 3: Client presents M1 session key validation value’)
SrpPhase.PHASE_4 = (4, ‘Phase 4: Server presents M2 session key validation value and two 12-byte nonces’)
SrpPhase.UNKNOWN = (255, ‘Unknown’)

Class constructor. Instantiates a new SrpPhase entry with the provided parameters.

Parameters:

  • code (Integer) – SRP phase code.

  • description (String) – SRP phase description.

PHASE_1 = (1, 'Phase 1: Client presents A value')
PHASE_2 = (2, 'Phase 2: Server presents B and salt')
PHASE_3 = (3, 'Phase 3: Client presents M1 session key validation value')
PHASE_4 = (4, 'Phase 4: Server presents M2 session key validation value and two 12-byte nonces')
UNKNOWN = (255, 'Unknown')
property code

Returns the SRP phase code.

Returns:

SRP phase code.

Return type:

Integer

property description

Returns the SRP phase description.

Returns:

SRP phase description.

Return type:

String

classmethod get(code)[source]

Returns the SRP phase corresponding to the given code.

Parameters:

code (Integer) – SRP phase code.

Returns:

SRP phase corresponding to the given code.

Return type:

SrpPhase

class digi.ccble.security.SrpError(value)[source]

Bases: Enum

Enumeration class listing all the SRP errors.

Values:
SrpError.B_OFFERING_ERROR = (128, ‘Unable to offer B (cryptographic error with content, usually due to A mod N == 0’)
SrpError.INCORRECT_LENGTH = (129, ‘Incorrect payload length’)
SrpError.BAD_PROOF_OF_KEY = (130, ‘Bad proof of key’)
SrpError.ALLOCATION_ERROR = (131, ‘Resource allocation error’)
SrpError.WRONG_STEP_ERROR = (132, ‘Request contained a step not in the correct sequence’)

Class constructor. Instantiates a new SrpError entry with the provided parameters.

Parameters:

  • code (Integer) – SRP error code.

  • description (String) – SRP error description.

B_OFFERING_ERROR = (128, 'Unable to offer B (cryptographic error with content, usually due to A mod N == 0')
INCORRECT_LENGTH = (129, 'Incorrect payload length')
BAD_PROOF_OF_KEY = (130, 'Bad proof of key')
ALLOCATION_ERROR = (131, 'Resource allocation error')
WRONG_STEP_ERROR = (132, 'Request contained a step not in the correct sequence')
property code

Returns the SRP error code.

Returns:

SRP error code.

Return type:

Integer

property description

Returns the SRP error description.

Returns:

SRP error description.

Return type:

String

classmethod get(code)[source]

Returns the SRP error corresponding to the given code.

Parameters:

code (Integer) – SRP error code.

Returns:

SRP error corresponding to the given code, None if not found.

Return type:

SrpError

class digi.ccble.security.SRPSecurityManager[source]

Bases: object

Helper class used to handle SRP authentication protocol with a remote device in order to encrypt and decrypt data.

Class constructor. Instantiates a new SRPSecurityManager object.

is_authenticated()[source]

Returns whether the session is authenticated or not.

Returns:

True if the session is authenticated, False otherwise.

Return type:

Boolean

deauthenticate()[source]

Deauthenticate the security manager.

static new_cipher(session_key, nonce)[source]

Creates a new AES cipher with the given session key and nonce.

Parameters:

  • session_key (Bytearray) – Session key.

  • nonce (Bytearray) – Nonce.

Returns:

AES cipher.

Return type:

AES

encrypt_data(data)[source]

Encrypts the given data with the stored encrypt cipher.

Parameters:

data (Bytearray) – Data to be encrypt.

Returns:

Encrypted data.

Return type:

Bytearray

Raises:

NotAuthenticatedException – If the user is not authenticated.

decrypt_data(data)[source]

Decrypts the given data with the stored decrypt cipher.

Parameters:

data (Bytearray) – Data to be decrypt.

Returns:

Decrypted data.

Return type:

Bytearray

Raises:

NotAuthenticatedException – If the user is not authenticated.

generate_salted_verification_key(password)[source]

Generates and stores a salted verification key from the given password.

Parameters:

password (String) – Password to use to generate the salted verification key.

process_srp_request(frame_data)[source]

Processes the SRP request contained in the given data and returns an XBee packet with the answer.

Parameters:

frame_data (bytes) – Data containing the SRP request.

Returns:

XBee packet containing the SRP answer, None if the request is

not an SRP request.

Return type:

XBeeAPIPacket