A shared library for SDC services that use JWT with JWE
Project description
sdc-cryptography
A common source code library for SDC services that use JWE. Apps wishing to use this should add the sdc_cryptography dependency to their requirements.txt and install with pip.
Basic Use (with pipenv, recommended)
Install requirements
pip install pipenv
make build
Run the unit tests
pipenv run make test
Create a package for deployment
pipenv run make sdist
Basic Use (with activated virtual environment)
Install requirements
These commands will generate a requirements file that pip can use. It doesn't have to be created this way but this is the easiest way.
pip install pipenv
pipenv lock -r --dev > requirements.txt
pip install -r requirements.txt
Run the unit tests
make test
Create a package for deployment
make sdist
Usage
Need to generate a keys.yml file first. Note, this requires a file system to store the file. Then it needs to be loaded, and a key store generated.
generate_keys.py <key_folder_location>
After this has been configured, encrypting and decrypting can be done as in the example below.
secrets_from_file = yaml.safe_load("keys.yml")
validate_required_secrets(secrets_from_file, EXPECTED_SECRETS, KEY_PURPOSE_SUBMISSION)
key_store = KeyStore(secrets_from_file)
# Encrypt JSON (Purpose has a single encryption key in the key store)
from sdc.crypto.encrypter import encrypt
encrypted_json = encrypt(json, key_store, key_purpose)
# Encrypt JSON with encryption service (Purpose has multiple encryption keys in the key store each tagged with a service)
from sdc.crypto.encrypter import encrypt
encrypted_json = encrypt(json, key_store, key_purpose, encryption_for_service="some-service")
# Decrypt UTF8 jwe token
from sdc.crypto.decrypter import decrypt
data_bytes = data.decode('UTF8')
decrypted_json = decrypt(data_bytes, key_store, key_purpose)
PyPi
This repo is available from PyPi at sdc-cryptography
The package is published automatically to PyPi when a tag is created in Github. The configuration for this is in the .travis.yml file.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for sdc_cryptography-1.2.1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 2b87da178c0d9c6a8add4e2afbe81139bbb056598af0cda61b52f421fb29451f |
|
MD5 | a1cd5a458c6f7248c6d3d7953969c16e |
|
BLAKE2b-256 | 5ea2737b383015436c7b41cc684a28985104b396d7f704ce000d042cf14a777c |