Coverage for src/kdbxtool/security/__init_

1"""Security-critical components for kdbxtool.

3This module contains all security-sensitive code including:

4- Secure memory handling (SecureBytes)

5- Cryptographic operations

6- Key derivation functions

7- YubiKey challenge-response support

9All code in this module should be audited carefully.

10"""

12from .crypto import (

13 Cipher,

14 CipherContext,

15 compute_hmac_sha256,

16 constant_time_compare,

17 secure_random_bytes,

18 verify_hmac_sha256,

19)

20from .kdf import (

21 ARGON2_MIN_ITERATIONS,

22 ARGON2_MIN_MEMORY_KIB,

23 ARGON2_MIN_PARALLELISM,

24 AesKdfConfig,

25 Argon2Config,

26 KdfType,

27 derive_composite_key,

28 derive_key_aes_kdf,

29 derive_key_argon2,

30)

31from .keyfile import (

32 KeyFileVersion,

33 create_keyfile,

34 create_keyfile_bytes,

35 parse_keyfile,

36)

37from .memory import SecureBytes

38from .yubikey import (

39 HMAC_SHA1_RESPONSE_SIZE,

40 YUBIKEY_AVAILABLE,

41 YubiKeyConfig,

42 check_slot_configured,

43 compute_challenge_response,

44 list_yubikeys,

45)

47__all__ = [

48 # Memory

49 "SecureBytes",

50 # Crypto

51 "Cipher",

52 "CipherContext",

53 "compute_hmac_sha256",

54 "constant_time_compare",

55 "secure_random_bytes",

56 "verify_hmac_sha256",

57 # KDF

58 "ARGON2_MIN_ITERATIONS",

59 "ARGON2_MIN_MEMORY_KIB",

60 "ARGON2_MIN_PARALLELISM",

61 "AesKdfConfig",

62 "Argon2Config",

63 "KdfType",

64 "derive_composite_key",

65 "derive_key_aes_kdf",

66 "derive_key_argon2",

67 # Keyfile

68 "KeyFileVersion",

69 "create_keyfile",

70 "create_keyfile_bytes",

71 "parse_keyfile",

72 # YubiKey

73 "HMAC_SHA1_RESPONSE_SIZE",

74 "YUBIKEY_AVAILABLE",

75 "YubiKeyConfig",

76 "check_slot_configured",

77 "compute_challenge_response",

78 "list_yubikeys",

79]

Coverage for src / kdbxtool / security / init.py: 100%

6 statements