How to use libnacl - 10 common examples
To help you get started, we’ve selected a few libnacl examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
hyperledger / indy-plenum / plenum / common / util.py View on Github 
def randomStr(size):
if not isinstance(size, int):
raise PlenumTypeError('size', size, int)
if not size > 0:
raise PlenumValueError('size', size, '> 0')
# Approach 1
rv = randombytes(size // 2).hex()
return rv if size % 2 == 0 else rv + hex(randombytes_uniform(15))[-1]def random_string(sz: int) -> str:
assert (sz > 0), "Expected random string size cannot be less than 1"
rv = libnacl.randombytes(sz // 2).hex()
return rv if sz % 2 == 0 else rv + hex(libnacl.randombytes_uniform(15))[-1]sk_decoded = base58.b58decode(sk_base58)
hash = pyscrypt.hash(password=b"demouser",
salt=b"demouser",
N=1024,
r=1,
p=1,
dkLen=32)
sk = base58.b58encode(hash)
hex_sk = binascii.b2a_hex(hash)
print('Secret Key:', sk, 'length: ', len(sk))
self.assertEqual(sk_base58, sk)
self.assertEqual(sk_decoded, hash)
#print(sk)
keypair = libnacl.public.SecretKey(hash)
# 2ipFYsqXnrw4Mt2RUWzEQntAH1FEFB8R52rAT3eExn9S
pk_base58 = base58.b58encode(keypair.pk)
pk_decoded = base58.b58decode(pk_base58)
self.assertEqual(pk_decoded, keypair.pk)
print('Public Key:', pk_base58, 'length: ', len(pk_base58))
print("XID: ", crypto.key_to_xid(keypair.pk))def test_packet_min_length(self):
"""
Check that an empty NaCl message takes exactly 40 bytes (24
bytes nonce and 16 bytes NaCl authenticator).
"""
a = libnacl.public.SecretKey()
b = libnacl.public.SecretKey()
box = libnacl.public.Box(sk=a.sk, pk=b.pk)
nonce, data = box.encrypt(b'', pack_nonce=False)
assert len(nonce) == 24
assert len(data) == 16def test_secret(self):
msg = b'But then of course African swallows are not migratory.'
box = libnacl.secret.SecretBox()
ctxt = box.encrypt(msg)
self.assertNotEqual(msg, ctxt)
box2 = libnacl.secret.SecretBox(box.sk)
clear1 = box.decrypt(ctxt)
self.assertEqual(msg, clear1)
clear2 = box2.decrypt(ctxt)
self.assertEqual(clear1, clear2)
ctxt2 = box2.encrypt(msg)
clear3 = box.decrypt(ctxt2)
self.assertEqual(clear3, msg)def test_onetimeauth_verify(self):
self.assertEqual("poly1305", libnacl.crypto_onetimeauth_primitive())
msg = b'Anybody can invent a cryptosystem he cannot break himself. Except Bruce Schneier.'
key1 = libnacl.randombytes(libnacl.crypto_onetimeauth_KEYBYTES)
key2 = libnacl.randombytes(libnacl.crypto_onetimeauth_KEYBYTES)
sig1 = libnacl.crypto_onetimeauth(msg, key1)
sig2 = libnacl.crypto_onetimeauth(msg, key2)
with self.assertRaises(ValueError):
libnacl.crypto_onetimeauth(msg, b'too_short')
with self.assertRaises(ValueError):
libnacl.crypto_onetimeauth_verify(sig1, msg, b'too_short')
with self.assertRaises(ValueError):
libnacl.crypto_onetimeauth_verify(b'too_short', msg, key1)
self.assertTrue(libnacl.crypto_onetimeauth_verify(sig1, msg, key1))
self.assertTrue(libnacl.crypto_onetimeauth_verify(sig2, msg, key2))async def test_explicit_permanent_key_unavailable(
self, server_no_key, server, client_factory
):
"""
Check that the server rejects a permanent key if the server
has none.
"""
key = libnacl.public.SecretKey()
# Expect invalid key
with pytest.raises(websockets.ConnectionClosed) as exc_info:
await client_factory(
server=server_no_key, permanent_key=key.pk, explicit_permanent_key=True,
initiator_handshake=True)
assert exc_info.value.code == CloseCode.invalid_key
await server.wait_connections_closed()def test_save_load(self):
msg = b'then leap out of the rabbit, taking the French by surprise'
bob = libnacl.dual.DualSecret()
alice = libnacl.dual.DualSecret()
fh_, bob_path = tempfile.mkstemp()
os.close(fh_)
fh_, alice_path = tempfile.mkstemp()
os.close(fh_)
bob.save(bob_path)
alice.save(alice_path)
bob_box = libnacl.public.Box(bob, alice.pk)
alice_box = libnacl.public.Box(alice, bob.pk)
bob_enc = bob_box.encrypt(msg)
alice_enc = alice_box.encrypt(msg)
bob_load = libnacl.utils.load_key(bob_path)
alice_load = libnacl.utils.load_key(alice_path)
bob_load_box = libnacl.public.Box(bob_load, alice_load.pk)
alice_load_box = libnacl.public.Box(alice_load, bob_load.pk)
self.assertEqual(bob.sk, bob_load.sk)
self.assertEqual(bob.pk, bob_load.pk)
self.assertEqual(bob.vk, bob_load.vk)
self.assertEqual(bob.seed, bob_load.seed)
self.assertEqual(alice.sk, alice_load.sk)
self.assertEqual(alice.pk, alice_load.pk)
self.assertEqual(alice.vk, alice_load.vk)
self.assertEqual(alice.seed, alice_load.seed)
bob_dec = alice_load_box.decrypt(bob_enc)def test_public_key_encryption(self):
msg = b'You\'ve got two empty halves of coconut and you\'re bangin\' \'em together.'
bob = libnacl.public.SecretKey()
alice = libnacl.public.SecretKey()
bob_box = libnacl.public.Box(bob.sk, alice.pk)
alice_box = libnacl.public.Box(alice.sk, bob.pk)
bob_ctxt = bob_box.encrypt(msg)
bclear = alice_box.decrypt(bob_ctxt)
alice_ctxt = alice_box.encrypt(msg)
aclear = alice_box.decrypt(alice_ctxt)
self.assertEqual(bclear, aclear)
self.assertEqual(bclear, msg)msg = b'then leap out of the rabbit, taking the French by surprise'
bob = libnacl.dual.DualSecret()
alice = libnacl.dual.DualSecret()
fh_, bob_path = tempfile.mkstemp()
os.close(fh_)
fh_, alice_path = tempfile.mkstemp()
os.close(fh_)
bob.save(bob_path)
alice.save(alice_path)
bob_box = libnacl.public.Box(bob, alice.pk)
alice_box = libnacl.public.Box(alice, bob.pk)
bob_enc = bob_box.encrypt(msg)
alice_enc = alice_box.encrypt(msg)
bob_load = libnacl.utils.load_key(bob_path)
alice_load = libnacl.utils.load_key(alice_path)
bob_load_box = libnacl.public.Box(bob_load, alice_load.pk)
alice_load_box = libnacl.public.Box(alice_load, bob_load.pk)
self.assertEqual(bob.sk, bob_load.sk)
self.assertEqual(bob.pk, bob_load.pk)
self.assertEqual(bob.vk, bob_load.vk)
self.assertEqual(bob.seed, bob_load.seed)
self.assertEqual(alice.sk, alice_load.sk)
self.assertEqual(alice.pk, alice_load.pk)
self.assertEqual(alice.vk, alice_load.vk)
self.assertEqual(alice.seed, alice_load.seed)
bob_dec = alice_load_box.decrypt(bob_enc)
alice_dec = bob_load_box.decrypt(alice_enc)
self.assertEqual(bob_dec, msg)
self.assertEqual(alice_dec, msg)
os.remove(bob_path)
os.remove(alice_path)libnacl
Python bindings for libsodium based on ctypes
Package Health Score
59 / 100Popular libnacl functions
- libnacl.crypto_box_beforenm
- libnacl.crypto_generichash
- libnacl.crypto_hash_sha256
- libnacl.crypto_sign_open
- libnacl.crypto_sign_seed_keypair
- libnacl.dual.DualSecret
- libnacl.encode.hex_decode
- libnacl.encode.hex_encode
- libnacl.public
- libnacl.public.Box
- libnacl.public.PublicKey
- libnacl.public.SecretKey
- libnacl.randombytes
- libnacl.sealed.SealedBox
- libnacl.secret
- libnacl.secret.SecretBox
- libnacl.sign.Signer
- libnacl.sign.Verifier
- libnacl.utils
- libnacl.utils.rand_nonce