spresso.utils package¶
Submodules¶
spresso.utils.base module¶
-
create_nonce
(length)[source]¶ Generates random bytes of specified length. UNIX-like system will query /dev/urandom, Windows will use CryptGenRandom()
Parameters: length (int) – The length of the random sequence. Returns: The random sequence. Return type: bytes
-
create_random_characters
(length, chars='ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789')[source]¶ Generates a random string of a specified length. Per default the charset consists of uppercase ASCII letters and digits.
Parameters: Returns: The random string sequence.
Return type:
-
from_b64
(data_b64, return_bytes=False)[source]¶ Wrapper around
base64.b64decode()
to decode data using Base64.Parameters: - data_b64 (str,
bytes
) – The Base64-encoded data. - return_bytes (bool) – Flag to indicate if bytes or string should be returned.
Returns: The decoded data.
Return type: str,
bytes
- data_b64 (str,
-
get_file_content
(path, mode)[source]¶ Wrapper around
open()
.Parameters: Raises: ValueError
– The path or mode is invalid.FileNotFoundError
– The file could not found at the given path.
Returns: The file contents.
Return type:
-
get_resource
(resource_path, path)[source]¶ Method to retrieve resource files from the package installation directory.
Parameters: Returns: The file content of the resource.
Return type:
-
get_url
(scheme, netloc, path='', params='', query='', fragment='')[source]¶ Wrapper around
urllib.parse.ParseResult
andurllib.parse.urlunparse()
to retrieve an URL.Parameters: Returns: The URL.
Return type:
-
to_b64
(data)[source]¶ Wrapper around
base64.b64encode()
to encode data using Base64.Parameters: data (str, bytes
) – The data.Returns: The Base64-encoded data. Return type: str
spresso.utils.crypto module¶
This module provides the necessary cryptographic primitives for the system. It is based on the cryptography package.
-
create_signature
(private_key, data)[source]¶ Method to create a PKCS#1 signature using SHA256.
Load a RSA private key in PEM format using
load_pem_private_key
. Then configure a signer object and sign the passed in data.Parameters: - private_key (bytes) – The RSA private key used during signature creation.
- data (bytes) – The data to be signed.
Returns: The signature.
Return type: bytes
-
decrypt_aes_gcm
(key, iv, auth_tag, cipher_text, associated_data=b'')[source]¶ Method to decrypt AES in GCM mode.
Constructs a
Cipher
object from key, iv and authentication tag. The associated data is passed in during decryption.Parameters: - key (bytes) – The symmetric key used during decryption.
- iv (bytes) – The initialisation vector used during decryption.
- auth_tag (bytes) – The authentication tag used during decryption.
- cipher_text (bytes) – Cipher text to decrypt.
- associated_data (bytes) – Additional authentication data that was passed in during encryption.
Returns: The decrypted cipher text.
Return type: bytes
Raises: InvalidTag
– The authentication tag in combination with the given parameters is invalid.
-
encrypt_aes_gcm
(key, iv, plaintext, associated_data=b'')[source]¶ Method to encrypt AES in GCM mode.
Constructs a
Cipher
object from key, iv. The plain text is passed in during encryption.Parameters: - key (bytes) – The symmetric key used during encryption.
- iv (bytes) – The initialisation vector used during encryption.
- plaintext (bytes) – Plain text to encrypt.
- associated_data (bytes) – Additional data to authenticate.
Returns: - The encrypted plain text as bytes and the authentication tag
as bytes.
Return type: Raises: InvalidTag
– The authentication tag in combination with the given parameters is invalid.
-
verify_signature
(public_key, signature, data)[source]¶ Method to verify a PKCS#1 signature using SHA256.
Load a RSA public key in PEM format using
load_pem_public_key
. Then configure a verifier object and verify the passed in data.Parameters: - public_key (bytes) – The RSA public key used in verification.
- signature (bytes) – The signature to verify.
- data (bytes) – The expected signed data, which should be verified.
Raises: InvalidSignature
– The expected data was invalid in respect to the signature.
spresso.utils.error module¶
-
exception
InvalidSettings
[source]¶ Bases:
Exception
Raised by
spresso.grant.base.SettingsMixin
in case an invalid settings class was passed to the instance.
-
exception
InvalidSiteAdapter
[source]¶ Bases:
Exception
Raised by
spresso.grant.base.SiteAdapterMixin
in case an invalid site adapter was passed to the instance.
-
exception
SpressoBaseError
(error, uri=None, message=None)[source]¶ Bases:
Exception
Base class used by SPRESSO specific errors.
Parameters:
-
exception
SpressoInvalidError
(error, uri=None, message=None)[source]¶ Bases:
spresso.utils.error.SpressoBaseError
Indicates an error during validation of a request.
-
exception
UnsupportedAdditionalData
[source]¶ Bases:
Exception
Indicates incorrectly formatted additional data.
spresso.utils.log module¶
There is one logger available to log uncaught exceptions in <spresso.controller.application>. If logging has not been configured, you will likely see this error:
Make sure that logging is configured to avoid this: