Skip to main content

A Python package to facilitate JSON Web Encryption (JWE) with enhanced security, leveraging AWS Key Management Service (KMS) and Secrets Manager for secure input and output handling.

Project description

jwe-encryptify

jwe-encryptify is a Python package designed for secure encryption and decryption using JSON Web Encryption (JWE), enhanced by AWS Key Management Service (KMS) and AWS Secrets Manager integration. This package offers a straightforward solution for handling sensitive data, allowing encrypted data exchange while securely managing encryption keys through AWS

Features

  • Robust Data Encryption: Uses JSON Web Encryption (JWE) to ensure data security and integrity.
  • AWS KMS Integration: Leverages AWS KMS for secure key encryption and decryption.
  • AWS Secrets Manager: Efficiently manages public and private key pairs for encryption processes.
  • User-Friendly API: Simplified methods for secure JSON payload encryption and decryption.

Installation

You can install the package via pip from PyPI:

pip install jwe-encryptify

Usage

  • AWS Configuration: Ensure that your AWS credentials and region are set up. The package requires AWS permissions to access KMS and Secrets Manager.
  • Environment Variable: Set AWS_DEFAULT_REGION as an environment variable or configure it in your AWS settings.

Encrypting Data

Use the encrypt method to secure JSON data with a public key stored in AWS Secrets Manager.

from jwe_encryptify import encrypt

# Sample data to encrypt
data_to_encrypt = {"user": "John Doe", "account_id": "123456"}

# Encrypt the data
encrypted_jwe = encrypt(
    kms_id="your-kms-key-id",
    secret_name="your-secret-name",
    secret_key="public-key",
    api_response=data_to_encrypt
)

print("Encrypted JWE token:", encrypted_jwe)

Decrypting Data

Use the decrypt method to decrypt an encrypted JWE token using a private key from AWS Secrets Manager.

from jwe_encryptify import decrypt

# JWE token to decrypt
jwe_token = "your-encrypted-jwe-token"

# Decrypt the data
decrypted_data = decrypt(
    kms_id="your-kms-key-id",
    secret_name="your-secret-name",
    secret_key="private-key",
    jwe_payload=jwe_token
)

print("Decrypted Data:", decrypted_data)

AWS Permissions

To use jwe-encryptify, your AWS IAM role or user should have permissions to:

  • Access the specified KMS key (kms_id) for encryption and decryption.
  • Retrieve secrets from AWS Secrets Manager for the specified secret names.

Dependencies

The package requires:

  • jwcrypto: For JWE encoding and decoding.
  • boto3: AWS SDK for Python, used to interact with KMS and Secrets Manager.
  • botocore: Core functionality required by boto3.

License

This project is licensed under the MIT License.

Contributing

We welcome contributions! Feel free to submit issues or pull requests to help improve the package.

Authors

M Santhosh Kumar Initial work santhoshse7en@gmail.com

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

jwe_encryptify-0.0.1.tar.gz (4.3 kB view details)

Uploaded Source

Built Distribution

jwe_encryptify-0.0.1-py3-none-any.whl (4.0 kB view details)

Uploaded Python 3

File details

Details for the file jwe_encryptify-0.0.1.tar.gz.

File metadata

  • Download URL: jwe_encryptify-0.0.1.tar.gz
  • Upload date:
  • Size: 4.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.1 CPython/3.13.0

File hashes

Hashes for jwe_encryptify-0.0.1.tar.gz
Algorithm Hash digest
SHA256 8f8e97c62bbd81f14020b63481a585f07e83a6ca3f4c3ba6bef1eae3a09eb37d
MD5 f548566f7e16603c2ce48394dae6c578
BLAKE2b-256 e279c68983d3dbaff9ec08dc46b1ec3b18581f61578eb8a5e58c031ea8671af2

See more details on using hashes here.

File details

Details for the file jwe_encryptify-0.0.1-py3-none-any.whl.

File metadata

File hashes

Hashes for jwe_encryptify-0.0.1-py3-none-any.whl
Algorithm Hash digest
SHA256 a29c8743212ac15e08902d1259899123503e69909fa6bb59117647c423e63665
MD5 cffe76351a326b79da70e568b6241164
BLAKE2b-256 aef99d658a0702550feebce083cadc70389d0b095e997c6bc7d0d7a29611d7bc

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page