Bases: CipherSuiteBase
Skeleton suite for CNSA 2.0 policy.
suite_id
Source code in swarmauri_cipher_suite_cnsa20/Cnsa20CipherSuite.py
| def suite_id(self) -> str:
return "cnsa-2.0"
|
supports
Source code in swarmauri_cipher_suite_cnsa20/Cnsa20CipherSuite.py
| def supports(self) -> Mapping[CipherOp, Iterable[Alg]]:
return {
"sign": _SIGN,
"verify": _SIGN,
"encrypt": _ENC,
"decrypt": _ENC,
}
|
default_alg
default_alg(op, *, for_key=None)
Source code in swarmauri_cipher_suite_cnsa20/Cnsa20CipherSuite.py
| def default_alg(self, op: CipherOp, *, for_key: Optional[KeyRef] = None) -> Alg:
return {"sign": "ES384", "encrypt": "A256GCM"}.get(op, "A256GCM")
|
features
Source code in swarmauri_cipher_suite_cnsa20/Cnsa20CipherSuite.py
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54 | def features(self) -> Features:
return {
"suite": "cnsa-2.0",
"version": 1,
"dialects": {"jwa": list({*_SIGN, *_ENC})},
"constraints": {
"min_rsa_bits": 3072,
"allowed_curves": ["P-384"],
"hash": "SHA384",
"aead": {"tagBits": 128, "nonceLen": 12},
},
"compliance": {"cnsa": True},
"ops": {
"sign": {"default": "ES384", "allowed": list(_SIGN)},
"encrypt": {"default": "A256GCM", "allowed": list(_ENC)},
},
}
|
normalize
normalize(
*, op, alg=None, key=None, params=None, dialect=None
)
Source code in swarmauri_cipher_suite_cnsa20/Cnsa20CipherSuite.py
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83 | def normalize(
self,
*,
op: CipherOp,
alg: Optional[Alg] = None,
key: Optional[KeyRef] = None,
params: Optional[ParamMapping] = None,
dialect: Optional[str] = None,
) -> NormalizedDescriptor:
allowed = set(self.supports().get(op, ()))
chosen = alg or self.default_alg(op)
if chosen not in allowed:
raise ValueError(f"{chosen=} not supported for {op=}")
resolved = dict(params or {})
if chosen.endswith("GCM"):
resolved.setdefault("tagBits", 128)
resolved.setdefault("nonceLen", 12)
return {
"op": op,
"alg": chosen,
"dialect": "jwa" if dialect is None else dialect,
"mapped": {"jwa": chosen, "provider": chosen},
"params": resolved,
"constraints": {"minKeyBits": 3072},
"policy": self.policy(),
}
|