Skip to main content

A shared library for SDC services that use JWT with JWE

Project description

sdc-cryptography

Build Status Codacy Badge codecov A common source code library for SDC services that use JWE. Apps wishing to use this should add the sdc_cryptography dependency to their requirements.txt and install with pip.

Basic Use (with pipenv, recommended)

Install requirements

pip install pipenv
make build

Run the unit tests

pipenv run make test

Create a package for deployment

pipenv run make sdist

Basic Use (with activated virtual environment)

Install requirements

These commands will generate a requirements file that pip can use. It doesn't have to be created this way but this is the easiest way.

pip install pipenv
pipenv lock -r --dev > requirements.txt
pip install -r requirements.txt

Run the unit tests

make test

Create a package for deployment

make sdist

Usage

Need to generate a keys.yml file first. Note, this requires a file system to store the file. Then it needs to be loaded, and a key store generated.

generate_keys.py <key_folder_location>

After this has been configured, encrypting and decrypting can be done as in the example below.

secrets_from_file = yaml.safe_load("keys.yml")

validate_required_secrets(secrets_from_file, EXPECTED_SECRETS, KEY_PURPOSE_SUBMISSION)

key_store = KeyStore(secrets_from_file)

# Encrypt JSON (Purpose has a single encryption key in the key store)
from sdc.crypto.encrypter import encrypt
encrypted_json = encrypt(json, key_store, key_purpose)

# Encrypt JSON with encryption service (Purpose has multiple encryption keys in the key store each tagged with a service)
from sdc.crypto.encrypter import encrypt
encrypted_json = encrypt(json, key_store, key_purpose, encryption_for_service="some-service")

# Decrypt UTF8 jwe token
from sdc.crypto.decrypter import decrypt
data_bytes = data.decode('UTF8')
decrypted_json = decrypt(data_bytes, key_store, key_purpose)

PyPi

This repo is available from PyPi at sdc-cryptography

The package is published automatically to PyPi when a tag is created in Github. The configuration for this is in the .travis.yml file.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

sdc-cryptography-1.1.0.tar.gz (9.8 kB view hashes)

Uploaded source

Built Distribution

sdc_cryptography-1.1.0-py3-none-any.whl (13.9 kB view hashes)

Uploaded py3

Supported by

AWS AWS Cloud computing Datadog Datadog Monitoring Facebook / Instagram Facebook / Instagram PSF Sponsor Fastly Fastly CDN Google Google Object Storage and Download Analytics Huawei Huawei PSF Sponsor Microsoft Microsoft PSF Sponsor NVIDIA NVIDIA PSF Sponsor Pingdom Pingdom Monitoring Salesforce Salesforce PSF Sponsor Sentry Sentry Error logging StatusPage StatusPage Status page