toil.lib.encryption._nacl
¶
Module Contents¶
Functions¶
|
Encrypts a message given a path to a local file containing a key. |
|
Decrypts a given message that was encrypted with the encrypt() method. |
Attributes¶
- toil.lib.encryption._nacl.overhead¶
- toil.lib.encryption._nacl.encrypt(message, keyPath)¶
Encrypts a message given a path to a local file containing a key.
- Parameters:
- Return type:
A constant overhead is added to every encrypted message (for the nonce and MAC). >>> import tempfile >>> k = tempfile.mktemp() >>> with open(k, ‘wb’) as f: … _ = f.write(nacl.utils.random(SecretBox.KEY_SIZE)) >>> message = ‘test’.encode(‘utf-8’) >>> len(encrypt(message, k)) == overhead + len(message) True >>> import os >>> os.remove(k)
- toil.lib.encryption._nacl.decrypt(ciphertext, keyPath)¶
Decrypts a given message that was encrypted with the encrypt() method.
- Parameters:
- Return type:
Raises an error if ciphertext was modified >>> import tempfile >>> k = tempfile.mktemp() >>> with open(k, ‘wb’) as f: … _ = f.write(nacl.utils.random(SecretBox.KEY_SIZE)) >>> ciphertext = encrypt(“testMessage”.encode(‘utf-8’), k) >>> ciphertext = b’5’ + ciphertext[1:] >>> decrypt(ciphertext, k) # doctest: +IGNORE_EXCEPTION_DETAIL Traceback (most recent call last): … CryptoError: Decryption failed. Ciphertext failed verification
Otherwise works correctly >>> decrypt(encrypt(“testMessage”.encode(‘utf-8’), k), k).decode(‘utf-8’) in (u’testMessage’, b’testMessage’, ‘testMessage’) # doctest: +ALLOW_UNICODE True
>>> import os >>> os.remove(k)