Another libsodium wrapper.
Project description
Chloryne - libsodium wrapper
Another libsodium wrapper, with its own scheme.
Installation
Chloryne is available via PyPI:
$ pip install chloryne
Installation requires the presence of libsodium.
Usage
Use the up-level interface Chloride for a full cryptographic scheme.
Key generation:
from chloryne import Chloride
# lib sodium will be initialized automatically
server = Chloride()
client = Chloride()
Key export / import:
server.importKey(client.exportKey())
client.importKey(server.exportKey())
Compute a blake2b-derived shared secret:
assert server.compute() == client.compute()
NOTE: If you want a raw secret use
server.privateKey.compute(client.publicKey, raw=True)and vice versa.
Signature (Ed25519):
sig = server.sign(b'data')
assert client.verify(b'data', sig)
NOTE: Signing messages only does not require peer key.
Encryption (Curve25519XSalsa20Poly1305):
ct = server.encrypt(b'data')
assert client.decrypt(ct) == b'data'
NOTE: Decrypting messages only does not require peer key.
Unsafe MAC (fixed key):
mac = server.unsafeMAC()
mac.update(b'data')
digest = mac.finalize()
mac = client.unsafeMAC()
mac.update(b'data')
assert mac.verify(digest)
Safe MAC (ephemeral keys)
eph, mac = server.safeMAC()
mac.update(b'data')
digest = mac.finalize()
mac = client.safeMAC(eph)
mac.update(b'data')
assert mac.verify(digest)
NOTE: Verifying MACs only does not require peer key.
Incremental signing:
from chloride.signers import Signer
signer = Signer()
signer.update(b'data')
sig = signer.sign(server.privateKey)
signer = Signer()
signer.update(b'data')
assert signer.verify(client.peerPublicKey, sig)
Password hashing:
from chloride.password import Password
import os
# password-based KDF
salt = os.urandom(32) # must be 32-bytes
Password.derive(b'password', salt)
# password storage
strhash = Password.stringify(b'password')
assert Password.verify(b'password', strhash)
Stream Cipher (XChaCha20):
from chloride.ciphers import StreamCipher
import os
key = os.urandom(32)
sc = StreamCipher(key)
ct = sc.encrypt(b'data') + sc.nonce
# other side...
ct, nonce = ct[:-24], ct[-24:]
sc = StreamCipher(key, nonce)
assert sc.decrypt(ct) == b'data'
NOTE:
nonceisb''before callingencryptif not provided via constructor.
Store a chloride:
sk = server.privateKey.exportKey()
# sk is a bytes object that can be stored anywhere
server = Chloride(sk)
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file chloryne-1.0.0.tar.gz.
File metadata
- Download URL: chloryne-1.0.0.tar.gz
- Upload date:
- Size: 8.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.7.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 88385bae381d9f2458bba1647a272e47d0d9112a3467401ac345a5868fcc7883 |
|
| MD5 | defe4398698e9e18f9793c97ffe21384 |
|
| BLAKE2b-256 | c914730c4dd7b1ef3fd3ca418dc2c5a5c887fef67142c1401392289aa7339f52 |
File details
Details for the file chloryne-1.0.0-cp37-cp37m-macosx_10_9_x86_64.whl.
File metadata
- Download URL: chloryne-1.0.0-cp37-cp37m-macosx_10_9_x86_64.whl
- Upload date:
- Size: 13.5 kB
- Tags: CPython 3.7m, macOS 10.9+ x86-64
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.7.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 706f7a2bbe320d25adcbec20f36947430aab8a6e359b59c99ccafd4937bc7f9b |
|
| MD5 | ea8ec6c9566127df348e11de3b7a559b |
|
| BLAKE2b-256 | 78ce5182fe0951f8c0b8f4aaeabe9b1a85e63380616a611d2e07bd2b032a50d9 |
