PyKMIP icon indicating copy to clipboard operation
PyKMIP copied to clipboard
verified publisher icon OpenKMIP

cannot Create TWOFISH key

Open KBassford opened this issue 6 years ago • 1 comments

This is what I get when I try to create a symmetric 256 bit TWOFISH key.

kmip.pie.exceptions.KmipOperationFailure: OPERATION_FAILED: INVALID_FIELD - The cryptographic algorithm CryptographicAlgorithm.TWOFISH is not a supported symmetric key algorithm.

I don't know if anyone cares (due to it being insecure), but DES also produces the same result. TRIPLE_DES does work, in addition to AES, BLOWFISH, CAMELLIA, and IDEA. Too bad Serpent is not in the spec.

KBassford avatar Jul 12 '19 16:07 KBassford

Yep, that's expected (see our FAQ). We leverage pyca/cryptography (which underneath uses OpenSSL) for all of our cryptographic operations. If pyca/cryptography doesn't support it, neither does the PyKMIP server.

Right now we only support the following symmetric key algorithms:

  • TripleDES
  • AES
  • Blowfish
  • Camellia
  • CAST5
  • IDEA
  • RC4

You can see all of the algorithms in the cryptography engine.

Now that I'm looking, it looks like pyca/cryptography added support for SEED and ChaCha20 recently. I should add those in at some point...

PeterHamilton avatar Jul 12 '19 18:07 PeterHamilton