Previous topic

Welcome to Security Lib’s documentation!

Next topic

securitylib.advanced_crypto — Advanced cryptographic functions library

This Page

securitylib.crypto — Cryptographic functions library

securitylib.crypto.generate_authenticator(data, authenticator_key)

This function will generate an authenticator for the data (provides authentication and integrity).

Parameters:
  • data (str) – The data over which to generate the authenticator.
  • authenticator_key (str) – The secret key to be used by the function, in byte string. You can use generate_authenticator_key() to generate it.
Returns:

str – The generated authenticator in byte string.

securitylib.crypto.validate_authenticator(data, authenticator_key, authenticator)

This function will generate an authenticator for the data using the given secret key and compare it to the given authenticator, in order to validate it. Use this function instead of performing the comparison yourself, because it avoids timing attacks.

Parameters:
  • data (str) – The data protected by the authenticator.
  • authenticator_key (str) – The secret key used to generate the given authenticator, in byte string.
  • authenticator (str) – The authenticator you want to compare, in byte string.
Returns:

bool – True if the given authenticator matches the generated authenticator or False otherwise.

securitylib.crypto.generate_encryption_key()

Generates a key for use in the encrypt() and decrypt() functions.

Returns:str – The generated key, in byte string.
securitylib.crypto.generate_authenticator_key()

Generates an authenticator key.

Returns:str – The generated key, in byte string.
securitylib.crypto.generate_encryption_key_from_password(password, salt)

Use this function to generate an encryption key from a password.

Parameters:
  • password (str) – The password from which to generate the key.
  • salt (str) – Salt for the password, in byte string. You can use get_random_token() to generate it.
Returns:

str – The generated encryption key, in byte string.

securitylib.crypto.generate_authenticator_key_from_password(password, salt)

Use this function to generate an authenticator key from a password.

Parameters:
  • password (str) – The password from which to generate the key.
  • salt (str) – Salt for the password, in byte string. You can use get_random_token() to generate it.
Returns:

str – The generated authenticator key, in byte string.

securitylib.crypto.encrypt(data, key, authenticator_key)

Use this function to encrypt data. Two keys must be provided, one to guarantee confidentiality and another to guarantee integrity.

Parameters:
  • data (str) – The data to encrypt.
  • key (str) – The key to encrypt the data, in byte string. Provides confidentiality. You can use generate_encryption_key() to generate it.
  • authenticator_key (str) – The key to authenticate the data, in byte string. Provides integrity. You can use generate_authenticator_key() to generate it.
Returns:

str – The encrypted data.

securitylib.crypto.decrypt(ciphertext, key, authenticator_key)

Use this function to decrypt data that was encrypted using encrypt(). The same keys used to encrypt the data must be provided to decrypt it.

Parameters:
  • ciphertext (str) – The encrypted data.
  • key (str) – The key that was used to encrypt the data, in byte string.
  • authenticator_key (str) – The key that was used to authenticate the data, in byte string.
Returns:

dict – The decrypted data.