Security utilities plugin for Spakky framework

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for Spakky from gravatar.com Spakky
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT
  • Author: Spakky
  • Requires: Python >=3.11
Report project as malware

Project description

Spakky Security

Security utilities plugin for Spakky Framework.

Installation

pip install spakky-security

Or install via Spakky extras:

pip install spakky[security]

Features

  • Password Hashing: Argon2, bcrypt, scrypt, PBKDF2
  • Symmetric Encryption: AES-CBC, AES-GCM
  • Asymmetric Encryption: RSA
  • JWT Tokens: Create, sign, verify, and parse JWT tokens
  • HMAC Signing: Secure message authentication
  • Key Generation: Cryptographically secure random keys

Usage

Password Hashing

from spakky.plugins.security.password.argon2 import Argon2PasswordEncoder
from spakky.plugins.security.password.bcrypt import BcryptPasswordEncoder
from spakky.plugins.security.password.scrypt import ScryptPasswordEncoder
from spakky.plugins.security.password.pbkdf2 import Pbkdf2PasswordEncoder

# Argon2 (recommended)
encoder = Argon2PasswordEncoder(password="my_password")
hashed = encoder.encode()  # Returns formatted hash string

# Verify password
encoder_verify = Argon2PasswordEncoder(password_hash=hashed)
is_valid = encoder_verify.verify("my_password")

# bcrypt
bcrypt_encoder = BcryptPasswordEncoder(password="my_password")
hashed = bcrypt_encoder.encode()

# scrypt
scrypt_encoder = ScryptPasswordEncoder(password="my_password")
hashed = scrypt_encoder.encode()

# PBKDF2
pbkdf2_encoder = Pbkdf2PasswordEncoder(password="my_password")
hashed = pbkdf2_encoder.encode()

Symmetric Encryption (AES)

from spakky.plugins.security.cryptography.aes import Aes
from spakky.plugins.security.cryptography.gcm import Gcm
from spakky.plugins.security.key import Key

# Generate a 256-bit key
key = Key(size=32)

# AES-CBC
aes = Aes(key)
encrypted = aes.encrypt("Hello, World!")
decrypted = aes.decrypt(encrypted)  # "Hello, World!"

# AES-GCM (authenticated encryption)
gcm = Gcm(key)
encrypted = gcm.encrypt("Hello, World!")
decrypted = gcm.decrypt(encrypted)  # "Hello, World!"

Asymmetric Encryption (RSA)

from spakky.plugins.security.cryptography.rsa import Rsa, AsymmetricKey

# Generate RSA key pair (supports 1024, 2048, 4096, 8192 bits)
asymmetric_key = AsymmetricKey(size=2048)
rsa = Rsa(key=asymmetric_key)

# Encrypt with public key
encrypted = rsa.encrypt("Secret message")

# Decrypt with private key
decrypted = rsa.decrypt(encrypted)  # "Secret message"

# Export keys
public_key = asymmetric_key.public_key
private_key = asymmetric_key.private_key  # Returns Key or None

# Import from PEM (passphrase optional)
imported_key = AsymmetricKey(key=private_key_pem, passphrase="optional")
rsa_imported = Rsa(key=imported_key)

JWT Tokens

from spakky.plugins.security.jwt import JWT
from spakky.plugins.security.hmac_signer import HMACType
from spakky.plugins.security.key import Key
from datetime import timedelta

# Create a JWT
jwt = JWT()
jwt.set_payload(user_id=123, role="admin")
jwt.set_expiration(timedelta(hours=1))

# Sign the token (default: HS256)
key = Key(size=32)
jwt.sign(key)
token_string = jwt.export()

# Use different hash algorithm
jwt.set_hash_type(HMACType.HS512)
jwt.sign(key)

# Parse and verify a token
parsed_jwt = JWT(token=token_string)
is_valid = parsed_jwt.verify(key)

# Access claims
user_id = parsed_jwt.payload.get("user_id")
is_expired = parsed_jwt.is_expired

HMAC Signing

from spakky.plugins.security.hmac_signer import HMAC, HMACType
from spakky.plugins.security.key import Key

key = Key(size=32)

# Sign a message (static method)
signature = HMAC.sign_text(key, HMACType.HS256, "message to sign")

# URL-safe signature
signature_safe = HMAC.sign_text(key, HMACType.HS256, "message", url_safe=True)

# Verify signature (static method)
is_valid = HMAC.verify(key, HMACType.HS256, "message to sign", signature)

Key Generation

from spakky.plugins.security.key import Key

# Generate random key
key = Key(size=32)  # 256-bit key

# Access key data
raw_bytes = key.binary
base64_encoded = key.b64
url_safe_base64 = key.b64_urlsafe
hex_encoded = key.hex

# Create key from existing data
key_from_bytes = Key(binary=existing_bytes)
key_from_base64 = Key(base64=encoded_string)

Components

Component Description
Argon2PasswordEncoder Argon2 password hashing (recommended)
BcryptPasswordEncoder bcrypt password hashing
ScryptPasswordEncoder scrypt password hashing
Pbkdf2PasswordEncoder PBKDF2 password hashing
Aes AES-CBC encryption/decryption
Gcm AES-GCM authenticated encryption
Rsa RSA asymmetric encryption
JWT JSON Web Token creation and validation
HMAC HMAC message signing and verification
Key Secure key generation and management

Security Best Practices

  1. Use Argon2 for passwords: It's the winner of the Password Hashing Competition
  2. Use AES-GCM for encryption: Provides both confidentiality and integrity
  3. Generate secure keys: Always use Key(size=N) for cryptographic keys
  4. Set JWT expiration: Always set an expiration time for tokens
  5. Store keys securely: Use environment variables or secret managers

License

MIT

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for Spakky from gravatar.com Spakky
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT
  • Author: Spakky
  • Requires: Python >=3.11

Release history Release notifications | RSS feed

6.5.0

6.4.0

6.3.1

6.3.0

6.2.0

6.1.3

6.1.2

This version

6.1.1

6.1.0

6.0.0

5.0.1

5.0.0

4.0.0

3.4.0

3.3.3

3.3.2

3.3.1

3.3.0

3.1.5

3.1.4

3.1.3

3.1.2

3.1.1

3.1.0

3.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

spakky_security-6.1.1.tar.gz (13.0 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

spakky_security-6.1.1-py3-none-any.whl (23.7 kB view details)

Uploaded Python 3

File details

Details for the file spakky_security-6.1.1.tar.gz.

File metadata

  • Download URL: spakky_security-6.1.1.tar.gz
  • Upload date:
  • Size: 13.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for spakky_security-6.1.1.tar.gz
Algorithm Hash digest
SHA256 15206b511d16d20aa2998b0081f2efbea1d46431cc77f6bedfccd490025c08d9
MD5 dbcfeeee9059d2c3f0deacac421e73d2
BLAKE2b-256 1817e61e4fce4487d28cb43163d38b483a59c23d885df710c0efe972beef1dd3

See more details on using hashes here.

Provenance

The following attestation bundles were made for spakky_security-6.1.1.tar.gz:

Publisher: release.yml on E5presso/spakky-framework

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file spakky_security-6.1.1-py3-none-any.whl.

File metadata

File hashes

Hashes for spakky_security-6.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 e8901d63c1db2caca83a2ed0bb1b70ec30c023757ba26457428df44b132835b3
MD5 5cfad7dc7015fe200c05fe87ae45ce0d
BLAKE2b-256 28d6277a7dda7a6e6b221f766873db8d5c925e4aade756e968576d6ea81c8e30

See more details on using hashes here.

Provenance

The following attestation bundles were made for spakky_security-6.1.1-py3-none-any.whl:

Publisher: release.yml on E5presso/spakky-framework

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page