Skip to content

Latest commit

 

History

History
96 lines (79 loc) · 2.85 KB

README.md

File metadata and controls

96 lines (79 loc) · 2.85 KB

PyEasyCrypto

A python library to easily and safely transfer information over unsafe channels and sign and verify data using ECDSA. Everything is working with safe-curve 25519 and AES.

PyEasyCrypto Provides simple wrappers around Python cryptography module.


First Install Required Libraries :

pip install cryptography

Download PyEasyCrypto In Your Project Folder

git clone https://github.com/sudoerr/PyEasyCrypto.git

Sign And Verify

ed25519 curve is used to sign and verify and everytime we save it in root directory given to root parameter which by default is ./data/keys.

from PyEasyCrypto import ECDSA

# Sign And Verify
e = ECDSA()
e.generate_new_keypair(password=None)
e.load_keys(password=None)

message = b"A message to sign"
signature = e.sign(message)
# using public key to verify
with open("./data/keys/public.pem", "rb") as f:
   e.verify(f.read(), signature, message)

Load Keys From Anywhere

In case you don't want to change root path for ECDSA object.

e.load_keys_from(
   private_key="path/to/private_key.pem",
   password:bytes=None
)

Warning : Saving keys without password is not secure enough. Also remember to not hard-code password!

NOTE : load_keys and load_keys_from will return a bool value. Please check before doing anything.

Encrypt And Decrypt

x25519 curve is used to generate shared keys between 2 peers and then AES-256 mode CBC is used to encrypt data with shared key.

import os
from PyEasyCrypto import ECDH, AES256CBC

# Generate Shared Key Between 2 Peers
p1 = ECDH()
p1.generate_keypair()
p2 = ECDH()
p2.generate_keypair()
p1.generate_shared_key_and_derive(p2.get_public_key_pem())
p2.generate_shared_key_and_derive(p1.get_public_key_pem())
# testing
print(p1.get_derived_key() == p2.get_derived_key())


# Encrypt And Decrypt Data Using Shared Key
data = b"Some Data"
iv = os.urandom(16)
aes = AES256CBC(p1.get_derived_key(), iv)
encrypted = aes.encrypt(data)
decrypted = aes.decrypt(encrypted)

# NOTE : You can use base64 built-in 
#        library to convert bytes to
#        base64 if you want.

Save And Load x25519 Keys

p1.save_keys(
   private_key="path/to/private.pem",
   public_key="path/to/public.pem",
   password=None
)

p1.load_keys(
   priavte_key="path/to/private.pem",
   public_key=None,
   password=None
)
# There will not be any problem 
# if you set public_key as None.
# Public key will be derived from
# private key.

What's Happening Here?

The library is only a thin wrapper of python's own cryptography module. It uses well known and battle tested encryption techniques. It provides a convenient wrapper around these functions, taking away the details of using encryption correctly. Feel free to explore the source!