Package nss :: Module nss :: Class PK11SymKey
[hide private]
[frames] | no frames]

type PK11SymKey

object --+
         |
        PK11SymKey

Holds a hash, encryption or signing context for multi-part operations.
Instance Methods [hide private]
 
__init__(...)
x.__init__(...) initializes x; see help(type(x)) for signature
 
__str__(x)
str(x)
PK11SymKey
derive(mechanism, sec_param, target, operation, key_size)
Derive a new key from this key.
string)
format(level=0, indent=' ')
This is equivalent to: indented_format(obj.format_lines()) on an object providing a format_lines() method.
[(level, string),...]
format_lines(level=0)
Formats the object into a sequence of lines with indent level information.
PK11SymKey
unwrap_sym_key(mechanism, sec_param, wrapped_key, target, operation, key_size)
Unwrap (decrypt) the supplied wrapped key.
SecItem
wrap_sym_key(mechanism, sec_param, sym_key)
Wrap (encrypt) the supplied sym_key using the mechanism and parameter.
Properties [hide private]
  key_data
key data
  key_length
key length
  mechanism
CK_MECHANISM_TYPE mechanism
  slot
slot
Method Details [hide private]

__init__(...)
(Constructor)

 
x.__init__(...) initializes x; see help(type(x)) for signature
Overrides: object.__init__

__str__(x)
(Informal representation operator)

 
str(x)
Overrides: object.__str__

derive(mechanism, sec_param, target, operation, key_size)

 
Derive a new key from this key. Return a key which can do exactly one operation, it is ephemeral (session key).
Parameters:
  • mechanism (int) - key mechanism enumeration constant (CKM_*)
  • sec_param (SecItem object or None) - mechanism parameters or None.
  • target (int) - key mechanism enumeration constant (CKM_*)
  • operation (int) - type of operation. A (CKA_*) constant (e.g. CKA_ENCRYPT, CKA_DECRYPT, CKA_SIGN, CKA_VERIFY, CKA_DIGEST)
  • key_size (int) - key size.
Returns: PK11SymKey

format(level=0, indent=' ')

 
This is equivalent to: indented_format(obj.format_lines()) on an object providing a format_lines() method.
Parameters:
  • level (integer) - Initial indentation level, all subsequent indents are relative to this starting level.
  • indent (string) - string replicated once for each indent level then prepended to output line
Returns: string)

format_lines(level=0)

 

Formats the object into a sequence of lines with indent level information. The return value is a list where each list item is a tuple. The first item in the tuple is an integer representing the indentation level for that line. Any remaining items in the tuple are strings to be output on that line.

The output of this function can be formatted into a single string by calling nss.nss.indented\_format(), e.g.:

print indented_format(obj.format_lines())

The reason this function returns a tuple as opposed to an single indented string is to support other text formatting systems such as GUI's with indentation controls. See nss.nss.indented\_format() for a complete explanation.

Parameters:
  • level (integer) - Initial indentation level, all subsequent indents are relative to this starting level.
Returns: [(level, string),...]

unwrap_sym_key(mechanism, sec_param, wrapped_key, target, operation, key_size)

 
Unwrap (decrypt) the supplied wrapped key. Return the unwrapped key as a PK11SymKey.
Parameters:
  • mechanism (int) - key mechanism enumeration constant (CKM_*)
  • sec_param (SecItem object or None) - mechanism parameters or None.
  • wrapped_key (SecItem object) - the symmetric key to unwrap
  • target (int) - key mechanism enumeration constant (CKM_*)
  • operation (int) - type of operation. A (CKA_*) constant (e.g. CKA_ENCRYPT, CKA_DECRYPT, CKA_SIGN, CKA_VERIFY, CKA_DIGEST)
  • key_size (int) - key size.
Returns: PK11SymKey

wrap_sym_key(mechanism, sec_param, sym_key)

 
Wrap (encrypt) the supplied sym_key using the mechanism and parameter. Return the wrapped key as a SecItem.
Parameters:
  • mechanism (int) - key mechanism enumeration constant (CKM_*)
  • sec_param (SecItem object or None) - mechanism parameters or None.
  • sym_key (PK11SymKey object) - the symmetric key to wrap
Returns: SecItem