Security utilities plugin for Spakky framework

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for Spakky from gravatar.com Spakky
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT
  • Author: Spakky
  • Requires: Python >=3.11
Report project as malware

Project description

Spakky Security

Security utilities plugin for Spakky Framework.

Installation

pip install spakky-security

Or install via Spakky extras:

pip install spakky[security]

Features

  • Password Hashing: Argon2, bcrypt, scrypt, PBKDF2
  • Symmetric Encryption: AES-CBC, AES-GCM
  • Asymmetric Encryption: RSA
  • JWT Tokens: Create, sign, verify, and parse JWT tokens
  • HMAC Signing: Secure message authentication
  • Key Generation: Cryptographically secure random keys

Usage

Password Hashing

from spakky.plugins.security.password.argon2 import Argon2PasswordEncoder
from spakky.plugins.security.password.bcrypt import BcryptPasswordEncoder
from spakky.plugins.security.password.scrypt import ScryptPasswordEncoder
from spakky.plugins.security.password.pbkdf2 import Pbkdf2PasswordEncoder

# Argon2 (recommended)
encoder = Argon2PasswordEncoder(password="my_password")
hashed = encoder.encode()  # Returns formatted hash string

# Verify password
encoder_verify = Argon2PasswordEncoder(password_hash=hashed)
is_valid = encoder_verify.verify("my_password")

# bcrypt
bcrypt_encoder = BcryptPasswordEncoder(password="my_password")
hashed = bcrypt_encoder.encode()

# scrypt
scrypt_encoder = ScryptPasswordEncoder(password="my_password")
hashed = scrypt_encoder.encode()

# PBKDF2
pbkdf2_encoder = Pbkdf2PasswordEncoder(password="my_password")
hashed = pbkdf2_encoder.encode()

Symmetric Encryption (AES)

from spakky.plugins.security.cryptography.aes import Aes
from spakky.plugins.security.cryptography.gcm import Gcm
from spakky.plugins.security.key import Key

# Generate a 256-bit key
key = Key(size=32)

# AES-CBC
aes = Aes(key)
encrypted = aes.encrypt("Hello, World!")
decrypted = aes.decrypt(encrypted)  # "Hello, World!"

# AES-GCM (authenticated encryption)
gcm = Gcm(key)
encrypted = gcm.encrypt("Hello, World!")
decrypted = gcm.decrypt(encrypted)  # "Hello, World!"

Asymmetric Encryption (RSA)

from spakky.plugins.security.cryptography.rsa import Rsa, AsymmetricKey

# Generate RSA key pair (supports 1024, 2048, 4096, 8192 bits)
asymmetric_key = AsymmetricKey(size=2048)
rsa = Rsa(key=asymmetric_key)

# Encrypt with public key
encrypted = rsa.encrypt("Secret message")

# Decrypt with private key
decrypted = rsa.decrypt(encrypted)  # "Secret message"

# Export keys
public_key = asymmetric_key.public_key
private_key = asymmetric_key.private_key  # Returns Key or None

# Import from PEM (passphrase optional)
imported_key = AsymmetricKey(key=private_key_pem, passphrase="optional")
rsa_imported = Rsa(key=imported_key)

JWT Tokens

from spakky.plugins.security.jwt import JWT
from spakky.plugins.security.hmac_signer import HMACType
from spakky.plugins.security.key import Key
from datetime import timedelta

# Create a JWT
jwt = JWT()
jwt.set_payload(user_id=123, role="admin")
jwt.set_expiration(timedelta(hours=1))

# Sign the token (default: HS256)
key = Key(size=32)
jwt.sign(key)
token_string = jwt.export()

# Use different hash algorithm
jwt.set_hash_type(HMACType.HS512)
jwt.sign(key)

# Parse and verify a token
parsed_jwt = JWT(token=token_string)
is_valid = parsed_jwt.verify(key)

# Access claims
user_id = parsed_jwt.payload.get("user_id")
is_expired = parsed_jwt.is_expired

HMAC Signing

from spakky.plugins.security.hmac_signer import HMAC, HMACType
from spakky.plugins.security.key import Key

key = Key(size=32)

# Sign a message (static method)
signature = HMAC.sign_text(key, HMACType.HS256, "message to sign")

# URL-safe signature
signature_safe = HMAC.sign_text(key, HMACType.HS256, "message", url_safe=True)

# Verify signature (static method)
is_valid = HMAC.verify(key, HMACType.HS256, "message to sign", signature)

Key Generation

from spakky.plugins.security.key import Key

# Generate random key
key = Key(size=32)  # 256-bit key

# Access key data
raw_bytes = key.binary
base64_encoded = key.b64
url_safe_base64 = key.b64_urlsafe
hex_encoded = key.hex

# Create key from existing data
key_from_bytes = Key(binary=existing_bytes)
key_from_base64 = Key(base64=encoded_string)

Components

Component Description
Argon2PasswordEncoder Argon2 password hashing (recommended)
BcryptPasswordEncoder bcrypt password hashing
ScryptPasswordEncoder scrypt password hashing
Pbkdf2PasswordEncoder PBKDF2 password hashing
Aes AES-CBC encryption/decryption
Gcm AES-GCM authenticated encryption
Rsa RSA asymmetric encryption
JWT JSON Web Token creation and validation
HMAC HMAC message signing and verification
Key Secure key generation and management

Security Best Practices

  1. Use Argon2 for passwords: It's the winner of the Password Hashing Competition
  2. Use AES-GCM for encryption: Provides both confidentiality and integrity
  3. Generate secure keys: Always use Key(size=N) for cryptographic keys
  4. Set JWT expiration: Always set an expiration time for tokens
  5. Store keys securely: Use environment variables or secret managers

License

MIT

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for Spakky from gravatar.com Spakky
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT
  • Author: Spakky
  • Requires: Python >=3.11

Release history Release notifications | RSS feed

6.5.0

6.4.0

6.3.1

6.3.0

6.2.0

6.1.3

This version

6.1.2

6.1.1

6.1.0

6.0.0

5.0.1

5.0.0

4.0.0

3.4.0

3.3.3

3.3.2

3.3.1

3.3.0

3.1.5

3.1.4

3.1.3

3.1.2

3.1.1

3.1.0

3.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

spakky_security-6.1.2.tar.gz (13.1 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

spakky_security-6.1.2-py3-none-any.whl (23.7 kB view details)

Uploaded Python 3

File details

Details for the file spakky_security-6.1.2.tar.gz.

File metadata

  • Download URL: spakky_security-6.1.2.tar.gz
  • Upload date:
  • Size: 13.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for spakky_security-6.1.2.tar.gz
Algorithm Hash digest
SHA256 09114b081c22a7e6d0e279dddc51b803be48d61c2f115996c171f85f5035809c
MD5 10b8e2aeab67af10813e43f9da75a483
BLAKE2b-256 c445138c4ba0dd9e9f1a5e256e39a57ebad9551b363e7d6550c25424a1fd30ad

See more details on using hashes here.

Provenance

The following attestation bundles were made for spakky_security-6.1.2.tar.gz:

Publisher: release.yml on E5presso/spakky-framework

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file spakky_security-6.1.2-py3-none-any.whl.

File metadata

File hashes

Hashes for spakky_security-6.1.2-py3-none-any.whl
Algorithm Hash digest
SHA256 3e56cb3edb7567b70b9de4629ef1ea13392b88b28b56b2a5885c96ca6eabacc1
MD5 7a221320410c32802e0999836132eec0
BLAKE2b-256 413ddc130e41e27f4b200c7dd2ef3359cdd8f73db3bca29b3445db16c75e7c57

See more details on using hashes here.

Provenance

The following attestation bundles were made for spakky_security-6.1.2-py3-none-any.whl:

Publisher: release.yml on E5presso/spakky-framework

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page