]> git.datanom.net - securemail.git/blob - cryptonize.py
Make backwards compatible with nacl 1.0.x
[securemail.git] / cryptonize.py
1 # -*- coding: utf-8 -*-
2
3 # Copyright (c) 2018 Michael Rasmussen <mir@datanom.net>
4
5 # This file is part of SecureMail.
6
7 # SecureMail is free software: you can redistribute it and/or modify
8 # it under the terms of the GNU General Public License as published by
9 # the Free Software Foundation, either version 3 of the License, or
10 # (at your option) any later version.
11 #
12 # SecureMail is distributed in the hope that it will be useful,
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
16 #
17 # You should have received a copy of the GNU General Public License
18 # along with SecureMail. If not, see <https://www.gnu.org/licenses/>.
19
20 from nacl import __version__ as NACL_VERSION
21 from nacl.secret import SecretBox
22 from nacl.public import PrivateKey, Box
23 from nacl.utils import random, EncryptedMessage
24 from nacl.encoding import HexEncoder
25 import nacl.hash
26
27 class Cryptonize:
28 """
29 Encrypt and decrypt objects
30 """
31
32 def symmetric_encrypt(self, key, plain):
33 skey = self.sanitize_key(key)
34 box = SecretBox(skey)
35 if NACL_VERSION < "1.1.0":
36 nonce = random(SecretBox.NONCE_SIZE)
37 cipher = box.encrypt(plain, nonce)
38 else:
39 cipher = box.encrypt(plain)
40 box = skey = None
41
42 return cipher
43
44 def symmetric_decrypt(self, key, cipher):
45 skey = self.sanitize_key(key)
46 box = SecretBox(skey)
47 plain = box.decrypt(cipher)
48 box = skey = None
49
50 return plain
51
52 def asymmetric_encrypt(self, privkey, pubkey, plain):
53 box = Box(privkey, pubkey)
54 cipher = box.encrypt(plain)
55 box = None
56
57 return cipher
58
59 def asymmetric_decrypt(self, privkey, pubkey, cipher):
60 box = Box(privkey, pubkey)
61 plain = box.decrypt(cipher)
62 box = None
63
64 return plain
65
66 def get_random_key(self):
67 return random(SecretBox.KEY_SIZE)
68
69 def sanitize_key(self, key):
70 if not isinstance(key, bytes):
71 key = key.encode('utf-8')
72 size = len(key)
73 if size < SecretBox.KEY_SIZE:
74 """ We must pad """
75 newkey = key + bytes(SecretBox.KEY_SIZE - size)
76 elif size > SecretBox.KEY_SIZE:
77 newkey = key[:SecretBox.KEY_SIZE]
78 else:
79 newkey = key
80
81
82 return newkey
83
84 def get_key_pair(self):
85 privkey = PrivateKey.generate()
86 pubkey = privkey.public_key
87
88 return (privkey, pubkey)
89
90 def generate_hash(self, key):
91 if not isinstance(key, bytes):
92 key = key.encode('utf-8')
93 HASHER = nacl.hash.sha512
94 digest = HASHER(key, encoder=HexEncoder)
95
96 return digest.decode()
97
98 def create_EncryptedMessage(self, payload):
99 nonce = payload[:SecretBox.NONCE_SIZE]
100 ciphertext = payload[SecretBox.NONCE_SIZE:]
101
102 return EncryptedMessage._from_parts(
103 nonce, ciphertext, nonce + ciphertext)
This page took 0.082771 seconds and 6 git commands to generate.