cryptokit is a cryptography kit base on Cryptography(https://github.com/pyca/cryptography)
You can find more information in the cryptokit documentation.
- AES Cryptography
- RSA Cryptography
- ED25519
- x25519 key exchange
- HKDF
pip install cryptokit>>> from cryptokit import AESCrypto
>>> message = "hello cryptokit"
>>> crypto = AESCrypto('WDMG1e38igW53YuxkE0SsKUDeLbULAtL', 'm2VYHdx41zRgvg6f')
>>> data = crypto.encrypt(message)
>>> b'\xaa<\x9d\xe9\xde\x0b\xd7\xe9\xfd\xac\xfc\xdd\x9f\xe2V\xd4'
>>> crypto.decrypt(data)
>>> 'hello cryptokit'>>> from cryptokit import RSACrypto
>>> private_key = RSACrypto.generate_private_key(2048)
>>> public_key = private_key.public_key()
>>> message = 'Hello cryptokit'
>>> ciphertext = RSACrypto.encrypt(message, public_key, algorithm='sha256')
>>> plaintext = RSACrypto.decrypt(ciphertext, private_key, algorithm='sha256')
>>> plaintext == message
True>>> from cryptokit import load_pfx, get_pubkey_from_pfx
>>> pkcs12 = load_pfx(pfx_file, password='password')
>>> cert = pkcs12.get_certificate()
>>> pubkey = get_pubkey_from_pfx(pfx_file, password='password')
# or use cert get pubkey
>>> pubkey = cert.get_pubkey().to_cryptography_key()
>>> from cryptokit import generate_pfx
>>> pfx_data = generate_pfx(cert, friendly_name, private_key)from cryptokit import generate_csr
from cryptokit.rsa import RSACrypto
private_key = RSACrypto.generate_private_key(2048)
payload = {
'country_name': 'US',
'state_or_province': 'California',
'locality_name': 'San Francisco',
'org_name': 'My Company',
'common_name': 'mysite.com',
'dns_list': ['mysite.com', 'www.mysite.com', 'subdomain.mysite.com']
}
csr_data = generate_csr(private_key, encoding='pem', algorithm='sha256', **payload)
with open('/path/to/csr.pem', 'wb') as f:
f.write(csr_data)Generate key pair
from cryptokit import ed25519
# raw Cryptography object
private_key_obj, public_key_obj = ed25519.generate_ed25519_key_pair()
# hex
private_key_hex, public_key_hex = ed25519.generate_ed25519_key_pair("hex")
# base64 encode
private_key_b64, public_key_b64 = ed25519.generate_ed25519_key_pair("base64")
# bytes
private_key_bytes, public_key_bytes = ed25519.generate_ed25519_key_pair("bytes")from cryptokit import ed25519
private_key_hex = "private_key_hex"
target_public_key_hex = "target_public_key_hex"
share_secret_hex = ed25519.get_share_secret_from_hex(private_key_hex, target_public_key_hex)from cryptokit import hkdf
device_key = hkdf.get_hkdf_device_key(bytes.fromhex("hex format string"))MIT. See LICENSE for more details.