This function will generate a hashed representation of the data. We want it to be simple, but for advanced usage you can set the length in bytes and the number of iterations.
Parameters: |
|
---|---|
Returns: | str – The generated hash in byte string. |
Alias for the hmac() function.
This function will generate an HMAC of the data (provides authentication and integrity). We want it to be simple, but for advanced usage you can set the length in bytes and the number of iterations.
Parameters: |
|
---|---|
Returns: | str – The generated hmac in byte string. |
Alias for the validate_hmac() function.
This function will validate a given HMAC authenticator against the HMAC of the data. Use this function instead of performing the comparison yourself, because it avoids timing attacks.
Parameters: |
|
---|---|
Returns: | bool – True if the given HMAC authenticator matches the HMAC of the data, False otherwise. |
Compares two strings to each other. The time taken is independent of the number of characters that match.
Parameters: |
|
---|---|
Returns: | bool – True if the two strings are equal, False otherwise. |
Generates a key of the given length.
Parameters: | length (int) – Length of the key to generate, in bytes. |
---|---|
Returns: | str – The generated key, in byte string. |
Generates a key for use in the encryption functions and classes.
Returns: | str – The generated key, in byte string. |
---|
Alias for the generate_hmac_key() function.
Generates a key for use in the hmac() function.
Returns: | str – The generated key, in byte string. |
---|
Alias for the generate_key_from_password() function.
Alias for the generate_key_from_password() function.
Use this function to generate a key from a password.
Parameters: |
|
---|---|
Returns: | str – The generated key, in byte string. |
Use this function to encrypt data (except streaming data, such as video streaming). Two keys must be provided, one to guarantee confidentiality and another to guarantee integrity.
Parameters: |
|
---|---|
Returns: | str – The encrypted data. |
Use this function to decrypt data that was encrypted using encrypt(). The same keys used to encrypt the data must be provided to decrypt it.
Parameters: |
|
---|---|
Returns: | dict – A dictionary with two keys, “data” with the decrypted data, and “associated_data” with the associated data. |
Use this class to encrypt or decrypt data (except streaming data, such as video streaming). Use it if you want to encrypt or decrypt multiple pieces of data with the same keys, else you can simply use the encrypt() and decrypt() functions.
In other words, this:
>>> block_cipher = BlockCipher(key, hmac_key)
>>> cta = block_cipher.encrypt(a)
>>> ctb = block_cipher.encrypt(b)
>>> ctc = block_cipher.encrypt(c)
is equivalent to this:
>>> cta = encrypt(key, hmac_key, a)
>>> ctb = encrypt(key, hmac_key, b)
>>> ctc = encrypt(key, hmac_key, c)
Parameters: |
|
---|
Parameters: |
|
---|---|
Returns: | str – The encrypted data. |
Parameters: | ciphertext (str) – The encrypted data. |
---|---|
Returns: | dict – A dictionary with two keys, “data” with the decrypted data, and “associated_data” with the associated data. |
Use this class to encrypt or decrypt a stream using a stream cipher.
Calling encrypt (or decrypt) multiple times for the same StreamCipher instance is equal to calling it once with the concatenation of the input. In other words, this:
>>> stream_cipher.encrypt(a) + stream_cipher.encrypt(b) + stream_cipher.encrypt(c)
is equivalent to this:
>>> stream_cipher.encrypt(a + b + c)
This property makes this class perfect for streams of data which must be encrypted in chunks instead of all at once.
Beware that this class only provides confidentiality, not integrity, i.e. it does not provide any protection against tampering. An HMAC could be computed over each chunk being encrypted to provide integrity, but this would have a huge overhead if the chunks are very small, so a better solution must be found depending on each specific case.
Parameters: | key (str) – The key to encrypt or decrypt the stream, in byte string. Provides confidentiality. You can use generate_encryption_key() to generate it. |
---|
Parameters: | stream (str) – The stream to encrypt, or part of it. |
---|---|
Returns: | str – The encrypted cipherstream. |
Parameters: | cipherstream (str) – The encrypted cipherstream, or part of it. |
---|---|
Returns: | str – The decrypted stream. |