Skip to content

istommao/cryptokit

Repository files navigation

Build Status codecov PyPI PyPI

cryptokit

cryptokit is a cryptography kit base on Cryptography(https://github.com/pyca/cryptography)

Document

You can find more information in the cryptokit documentation.

Feature Support

  • AES Cryptography
  • RSA Cryptography
  • ED25519
  • x25519 key exchange
  • HKDF

Installation

pip install cryptokit

AES usage

>>> from cryptokit import AESCrypto
>>> message = "hello cryptokit"
>>> crypto = AESCrypto('WDMG1e38igW53YuxkE0SsKUDeLbULAtL', 'm2VYHdx41zRgvg6f')
>>> data = crypto.encrypt(message)
>>> b'\xaa<\x9d\xe9\xde\x0b\xd7\xe9\xfd\xac\xfc\xdd\x9f\xe2V\xd4'
>>> crypto.decrypt(data)
>>> 'hello cryptokit'

RSA usage

>>> from cryptokit import RSACrypto
>>> private_key = RSACrypto.generate_private_key(2048)
>>> public_key = private_key.public_key()
>>> message = 'Hello cryptokit'
>>> ciphertext = RSACrypto.encrypt(message, public_key, algorithm='sha256')
>>> plaintext = RSACrypto.decrypt(ciphertext, private_key, algorithm='sha256')
>>> plaintext == message
True

PFX usage

>>> from cryptokit import load_pfx, get_pubkey_from_pfx
>>> pkcs12 = load_pfx(pfx_file, password='password')
>>> cert = pkcs12.get_certificate()
>>> pubkey = get_pubkey_from_pfx(pfx_file, password='password')
# or use cert get pubkey
>>> pubkey = cert.get_pubkey().to_cryptography_key()

>>> from cryptokit import generate_pfx
>>> pfx_data = generate_pfx(cert, friendly_name, private_key)

Create csr

from cryptokit import generate_csr
from cryptokit.rsa import RSACrypto

private_key = RSACrypto.generate_private_key(2048)
payload = {
    'country_name': 'US',
    'state_or_province': 'California',
    'locality_name': 'San Francisco',
    'org_name': 'My Company',
    'common_name': 'mysite.com',
    'dns_list': ['mysite.com', 'www.mysite.com', 'subdomain.mysite.com']
}

csr_data = generate_csr(private_key, encoding='pem', algorithm='sha256', **payload)

with open('/path/to/csr.pem', 'wb') as f:
    f.write(csr_data)

ED25519

Generate key pair

from cryptokit import ed25519

# raw Cryptography object
private_key_obj, public_key_obj = ed25519.generate_ed25519_key_pair()

# hex
private_key_hex, public_key_hex = ed25519.generate_ed25519_key_pair("hex")

# base64 encode
private_key_b64, public_key_b64 = ed25519.generate_ed25519_key_pair("base64")

# bytes
private_key_bytes, public_key_bytes = ed25519.generate_ed25519_key_pair("bytes")

ED25519 key exchange

from cryptokit import ed25519

private_key_hex = "private_key_hex"

target_public_key_hex = "target_public_key_hex"


share_secret_hex = ed25519.get_share_secret_from_hex(private_key_hex, target_public_key_hex)

HKDF

from cryptokit import hkdf

device_key = hkdf.get_hkdf_device_key(bytes.fromhex("hex format string"))

ChangeLog

changelog

License

MIT. See LICENSE for more details.