ECIES, AES and RSA OpenSSL-based implementation with fallback

Project description

sslcrypto

Code Quality Code Coverage

sslcrypto is a fast and simple library for AES, ECIES and ECDSA for Python.

License: MIT + BSD-2 for ripemd implementation (see _ripemd.py).

Why?

sslcrypto can use OpenSSL in case it's available in your system for speedup, but pure-Python code is also available and is heavily optimized.

N.B. There are alternatives like coincurve which are faster in some cases (e.g. when using secp256k1). They don't include ECIES implementation and some useful ECDSA features and are specialized on a single curve. If that's enough for you and libsecp256k1 bindings are available for all OSes you need to support, use those libraries.

N.B. While there are other mature cryptography libraries, they are too heavy for simple stuff and require OpenSSL that is not available by default on Windows (most likely many other OSes as well). That said, in case you're processing big data, not much data, the speed advantage you get from libraries is too small to use heavy alternatives.

Installation

pip install sslcrypto

Additionally, you can download this repository and run python setup.py install.

Usage

AES

import sslcrypto

# Generate random key
key = sslcrypto.aes.new_key()

# Encrypt something
data = b"Hello, world!"
ciphertext, iv = sslcrypto.aes.encrypt(data, key)

# Decrypt
assert sslcrypto.aes.decrypt(ciphertext, iv, key) == data

By default, aes-256-cbc cipher is used. You can specify another one if you want. The following ciphers are supported:

aes-128-cbc, aes-192-cbc, aes-256-cbc
aes-128-ctr, aes-192-ctr, aes-256-ctr
aes-128-cfb, aes-192-cfb, aes-256-cfb
aes-128-ofb, aes-192-ofb, aes-256-ofb

import sslcrypto

# Generate random key
key = sslcrypto.aes.new_key(algo="aes-192-cfb")

# Encrypt something
data = b"Hello, world!"
ciphertext, iv = sslcrypto.aes.encrypt(data, key, algo="aes-192-cfb")

# Decrypt
assert sslcrypto.aes.decrypt(ciphertext, iv, key, algo="aes-192-cfb") == data

ECIES

The following curves are supported:

secp112r1, secp112r2
secp128r1, secp128r2
secp160k1, secp160r1, secp160r2
secp192k1, prime192v1
secp224k1, secp224r1
secp256k1, prime256v1
secp384r1
secp521r1

Please tell me if you want to add any other curves.

import sslcrypto

# Create curve object
curve = sslcrypto.ecc.get_curve("secp256k1")

# Generate private key
private_key = curve.new_private_key()

# Find a matching public key
public_key = curve.private_to_public(private_key)

# Encrypt something. You can specify a cipher if you want to, aes-256-cbc is the
# default value
data = b"Hello, world!"
ciphertext = curve.encrypt(data, public_key, algo="aes-256-ofb")

# Decrypt
assert curve.decrypt(ciphertext, private_key) == data

ECDSA

import sslcrypto

# Create curve object
curve = sslcrypto.ecc.get_curve("secp256k1")

# Generate private key
private_key = curve.new_private_key()

# Find a matching public key
public_key = curve.private_to_public(private_key)

# Sign something
data = b"Hello, world!"
signature = curve.sign(data, private_key)

# Verify
assert curve.verify(signature, data, public_key) == True  # Would raise on error

Additionally, you can create recoverable signatures:

import sslcrypto

# Create curve object
curve = sslcrypto.ecc.get_curve("secp256k1")

# Generate private key
private_key = curve.new_private_key()

# Find a matching public key
public_key = curve.private_to_public(private_key)

# Sign something
data = b"Hello, world!"
signature = curve.sign(data, private_key, recoverable=True)

# Recover public key
assert curve.recover(signature, data) == public_key  # Would raise on error

By default, compressed public keys are generated and/or recovered from signatures. You can change this behavior.

import sslcrypto

# Create curve object
curve = sslcrypto.ecc.get_curve("secp256k1")

# Generate private key
private_key = curve.new_private_key()

# Find a matching public key
public_key = curve.private_to_public(private_key, is_compressed=False)

# Sign something
data = b"Hello, world!"
signature = curve.sign(data, private_key, is_compressed=False, recoverable=True)

# Recover public key
assert curve.recover(signature, data) == public_key

Bitcoin-related functions

import sslcrypto
curve = sslcrypto.ecc.get_curve("secp256k1")
private_key = curve.new_private_key()
public_key = curve.private_to_public(private_key)

wif = curve.private_to_wif(private_key)  # Transform to mainnet private key
assert curve.wif_to_private(wif) == private_key

address = curve.private_to_address(private_key)
assert address == curve.public_to_address(public_key)

# Based on BIP32. Hardened indexes aren't supported yet
curve.child_derive(private_key, 123)

Running tests

sslcrypto uses pytest framework. Install it with pip and run python3 -m pytest test in sslcrypto repository.

Project details

Release history Release notifications | RSS feed

5.3

Apr 8, 2020

5.2

Apr 6, 2020

5.1

Mar 30, 2020

5.0

Mar 30, 2020

4.0

Mar 15, 2020

3.3

Mar 3, 2020

3.2

Mar 3, 2020

3.1

Mar 3, 2020

3.0

Mar 2, 2020

2.5

Dec 13, 2019

2.4

Dec 13, 2019

2.3

Dec 11, 2019

2.2

Dec 3, 2019

This version

2.1

Dec 3, 2019

2.0

Dec 2, 2019

1.16

Nov 28, 2019

1.15

Nov 28, 2019

1.14

Nov 20, 2019

1.13

Nov 17, 2019

1.12

Nov 17, 2019

1.11

Nov 17, 2019

1.10

Nov 17, 2019

1.9

Nov 16, 2019

1.8

Nov 16, 2019

1.7

Nov 16, 2019

1.6

Nov 16, 2019

1.5

Nov 16, 2019

1.4

Nov 16, 2019

1.3

Nov 16, 2019

1.2

Nov 14, 2019

1.1

Nov 14, 2019

1.0

Nov 14, 2019

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

sslcrypto-2.1.tar.gz (26.0 kB view hashes)

Uploaded Dec 3, 2019 Source

Hashes for sslcrypto-2.1.tar.gz

Hashes for sslcrypto-2.1.tar.gz
Algorithm	Hash digest
SHA256	`4b07df0cd15b4b8236e80a1f54c8f9da63a85383ed4a18f50100b91529f9d800`
MD5	`ddfc370d0f7ab3a5425aaf2a6545637e`
BLAKE2b-256	`b2a540e3ab883e41410ed192d3f0b79f82c2d10c2f713a74b77c8b19cff46abd`