Cryptography¶
The Delta Crypto package provides functionality for client-side cryptography.
-
covata.delta.crypto.
generate_private_key
()[source]¶ Generates a
RSAPrivateKey
object. The public key object can be extracted by calling public_key() method on the generated key object.Returns: the generated private key object Return type: RSAPrivateKey
-
covata.delta.crypto.
serialize_public_key
(public_key)[source]¶ Serializes the provided public key object as base-64-encoded DER format using X.509 SubjectPublicKeyInfo with PKCS1.
Parameters: public_key ( RSAPublicKey
) – the public key objectReturns: the key as base64 encoded unicode string Return type: str
-
covata.delta.crypto.
calculate_sha256hex
(payload)[source]¶ Calculates the SHA256 hex digest of the given payload.
Parameters: payload (str) – the payload to be calculated Returns: SHA256 hex digest Return type: bytes
-
covata.delta.crypto.
generate_secret_key
()[source]¶ Generates a 256 bits secret key.
Uses
/dev/urandom
on UNIX platforms, andCryptGenRandom
on Windows.Returns: the 256 bits secret key Return type: bytes
-
covata.delta.crypto.
generate_initialisation_vector
()[source]¶ Generates a 128 bits initialisation vector.
Uses
/dev/urandom
on UNIX platforms, andCryptGenRandom
on Windows.Returns: the 128 bits initialisation vector Return type: bytes
-
covata.delta.crypto.
encrypt
(data, secret_key, initialisation_vector)[source]¶ Encrypts data using the given secret key and initialisation vector.
Parameters: - data (bytes) – the plaintext bytes to be encrypted
- secret_key (bytes) – the key to be used for encryption
- initialisation_vector (bytes) – the initialisation vector
Returns: the cipher text and GCM authentication tag tuple
Return type: (bytes, bytes)
-
covata.delta.crypto.
decrypt
(ciphertext, tag, secret_key, initialisation_vector)[source]¶ Decrypts a cipher text using the given GCM authentication tag, secret key and initialisation vector.
Parameters: - ciphertext (bytes) – the cipher text to be decrypted
- tag (bytes) – the GCM authentication tag
- secret_key (bytes) – the key to be used for encryption
- initialisation_vector (bytes) – the initialisation vector
Returns: the decrypted plaintext
Return type: bytes
-
covata.delta.crypto.
encrypt_key_with_public_key
(secret_key, public_encryption_key)[source]¶ Encrypts the given secret key with the public key.
Parameters: - secret_key (bytes) – the key to encrypt
- public_encryption_key (
RSAPublicKey
) – the public encryption key
Returns: the encrypted key
Return type: bytes
-
covata.delta.crypto.
decrypt_with_private_key
(secret_key, private_encryption_key)[source]¶ Decrypts the given secret key with the private key.
Parameters: - secret_key (bytes) – the secret key to decrypt
- private_encryption_key (
RSAPrivateKey
) – the private encryption key
Returns: the decrypted key
Return type: bytes