Cryptography¶
The Delta Crypto package provides functionality for client-side cryptography.
-
covata.delta.crypto.generate_private_key()[source]¶ Generates a
RSAPrivateKeyobject. The public key object can be extracted by calling public_key() method on the generated key object.Returns: the generated private key object Return type: RSAPrivateKey
-
covata.delta.crypto.serialize_public_key(public_key)[source]¶ Serializes the provided public key object as base-64-encoded DER format using X.509 SubjectPublicKeyInfo with PKCS1.
Parameters: public_key ( RSAPublicKey) – the public key objectReturns: the key as base64 encoded unicode string Return type: str
-
covata.delta.crypto.calculate_sha256hex(payload)[source]¶ Calculates the SHA256 hex digest of the given payload.
Parameters: payload (str) – the payload to be calculated Returns: SHA256 hex digest Return type: bytes
-
covata.delta.crypto.generate_secret_key()[source]¶ Generates a 256 bits secret key.
Uses
/dev/urandomon UNIX platforms, andCryptGenRandomon Windows.Returns: the 256 bits secret key Return type: bytes
-
covata.delta.crypto.generate_initialisation_vector()[source]¶ Generates a 128 bits initialisation vector.
Uses
/dev/urandomon UNIX platforms, andCryptGenRandomon Windows.Returns: the 128 bits initialisation vector Return type: bytes
-
covata.delta.crypto.encrypt(data, secret_key, initialisation_vector)[source]¶ Encrypts data using the given secret key and initialisation vector.
Parameters: - data (bytes) – the plaintext bytes to be encrypted
- secret_key (bytes) – the key to be used for encryption
- initialisation_vector (bytes) – the initialisation vector
Returns: the cipher text and GCM authentication tag tuple
Return type: (bytes, bytes)
-
covata.delta.crypto.decrypt(ciphertext, tag, secret_key, initialisation_vector)[source]¶ Decrypts a cipher text using the given GCM authentication tag, secret key and initialisation vector.
Parameters: - ciphertext (bytes) – the cipher text to be decrypted
- tag (bytes) – the GCM authentication tag
- secret_key (bytes) – the key to be used for encryption
- initialisation_vector (bytes) – the initialisation vector
Returns: the decrypted plaintext
Return type: bytes
-
covata.delta.crypto.encrypt_key_with_public_key(secret_key, public_encryption_key)[source]¶ Encrypts the given secret key with the public key.
Parameters: - secret_key (bytes) – the key to encrypt
- public_encryption_key (
RSAPublicKey) – the public encryption key
Returns: the encrypted key
Return type: bytes
-
covata.delta.crypto.decrypt_with_private_key(secret_key, private_encryption_key)[source]¶ Decrypts the given secret key with the private key.
Parameters: - secret_key (bytes) – the secret key to decrypt
- private_encryption_key (
RSAPrivateKey) – the private encryption key
Returns: the decrypted key
Return type: bytes