Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def test_save_perms(self):
bob = libnacl.dual.DualSecret()
fh_, bob_path = tempfile.mkstemp()
os.close(fh_)
bob.save(bob_path)
stats = os.stat(bob_path)
expected_perms = 0o100600 if sys.platform != 'win32' else 0o100666
self.assertEqual(stats[stat.ST_MODE], expected_perms)
os.remove(bob_path)
def test_publickey(self):
'''
'''
msg = b'You\'ve got two empty halves of coconut and you\'re bangin\' \'em together.'
bob = libnacl.dual.DualSecret()
alice = libnacl.dual.DualSecret()
alice_pk = libnacl.public.PublicKey(alice.pk)
bob_box = libnacl.public.Box(bob.sk, alice_pk)
alice_box = libnacl.public.Box(alice.sk, bob.pk)
bob_ctxt = bob_box.encrypt(msg)
self.assertNotEqual(msg, bob_ctxt)
bclear = alice_box.decrypt(bob_ctxt)
self.assertEqual(msg, bclear)
def test_secretkey(self):
'''
'''
msg = b'You\'ve got two empty halves of coconut and you\'re bangin\' \'em together.'
bob = libnacl.dual.DualSecret()
alice = libnacl.dual.DualSecret()
bob_box = libnacl.public.Box(bob.sk, alice.pk)
alice_box = libnacl.public.Box(alice.sk, bob.pk)
bob_ctxt = bob_box.encrypt(msg)
self.assertNotEqual(msg, bob_ctxt)
bclear = alice_box.decrypt(bob_ctxt)
self.assertEqual(msg, bclear)
alice_ctxt = alice_box.encrypt(msg)
self.assertNotEqual(msg, alice_ctxt)
aclear = alice_box.decrypt(alice_ctxt)
self.assertEqual(msg, aclear)
self.assertNotEqual(bob_ctxt, alice_ctxt)
try:
if serial == 'msgpack':
import msgpack
key_data = msgpack.load(stream)
elif serial == 'json':
import json
if sys.version_info[0] >= 3:
key_data = json.loads(stream.read())
else:
key_data = json.loads(stream.read(), encoding='UTF-8')
finally:
if stream != path_or_file:
stream.close()
if 'priv' in key_data and 'sign' in key_data and 'pub' in key_data:
return libnacl.dual.DualSecret(
libnacl.encode.hex_decode(key_data['priv']),
libnacl.encode.hex_decode(key_data['sign']))
elif 'priv' in key_data and 'pub' in key_data:
return libnacl.public.SecretKey(
libnacl.encode.hex_decode(key_data['priv']))
elif 'sign' in key_data:
return libnacl.sign.Signer(
libnacl.encode.hex_decode(key_data['sign']))
elif 'pub' in key_data:
return libnacl.public.PublicKey(
libnacl.encode.hex_decode(key_data['pub']))
elif 'verify' in key_data:
return libnacl.sign.Verifier(key_data['verify'])
elif 'priv' in key_data:
return libnacl.secret.SecretBox(
libnacl.encode.hex_decode(key_data['priv']))
def load_key(path, serial='json'):
'''
Read in a key from a file and return the applicable key object based on
the contents of the file
'''
with open(path, 'rb') as fp_:
packaged = fp_.read()
if serial == 'msgpack':
import msgpack
key_data = msgpack.loads(packaged)
elif serial == 'json':
import json
key_data = json.loads(packaged.decode(encoding='UTF-8'))
if 'priv' in key_data and 'sign' in key_data:
return libnacl.dual.DualSecret(
libnacl.encode.hex_decode(key_data['priv']),
libnacl.encode.hex_decode(key_data['sign']))
elif 'priv' in key_data:
return libnacl.public.SecretKey(libnacl.encode.hex_decode(key_data[
'priv']))
elif 'sign' in key_data:
return libnacl.sign.Signer(libnacl.encode.hex_decode(key_data['sign']))
elif 'pub' in key_data:
return libnacl.public.PublicKey(libnacl.encode.hex_decode(key_data[
'pub']))
elif 'verify' in key_data:
return libnacl.sign.Verifier(key_data['verify'])
raise ValueError('Found no key data')
def __init__(self, binarykey=""):
"""
Create a new LibNaCL secret key. Optionally load it from a string representation.
Otherwise generate it from the 25519 curve.
:param binarykey: load the sk from this string (see key_to_bin())
"""
# Load the key, if specified
if binarykey:
crypt, seed = (binarykey[:libnacl.crypto_box_SECRETKEYBYTES],
binarykey[libnacl.crypto_box_SECRETKEYBYTES: libnacl.crypto_box_SECRETKEYBYTES
+ libnacl.crypto_sign_SEEDBYTES])
self.key = libnacl.dual.DualSecret(crypt, seed)
else:
self.key = libnacl.dual.DualSecret()
# Immediately create a verifier
self.veri = libnacl.sign.Verifier(self.key.hex_vk())
def __init__(self, sk, pk):
if isinstance(sk, (SecretKey, libnacl.dual.DualSecret)):
sk = sk.sk
if isinstance(pk, (SecretKey, libnacl.dual.DualSecret)):
raise ValueError('Passed in secret key as public key')
if isinstance(pk, PublicKey):
pk = pk.pk
if pk and sk:
self._k = libnacl.crypto_box_beforenm(pk, sk)
def gen_keys(self, keydir=None, keyname=None, keysize=None, user=None):
'''
Use libnacl to generate and safely save a private key
'''
import libnacl.dual # pylint: disable=import-error,3rd-party-module-not-gated
d_key = libnacl.dual.DualSecret()
keydir, keyname, _, _ = self._get_key_attrs(keydir, keyname,
keysize, user)
path = '{0}.key'.format(os.path.join(
keydir,
keyname))
d_key.save(path, 'msgpack')
def __init__(self, pk, sk=None):
self.pk = pk
self.sk = sk
if isinstance(pk, (libnacl.public.SecretKey, libnacl.dual.DualSecret)):
self.pk = pk.pk
self.sk = pk.sk
if isinstance(pk, libnacl.public.PublicKey):
self.pk = pk.pk
def __init__(self, sk, pk):
if isinstance(sk, (SecretKey, libnacl.dual.DualSecret)):
sk = sk.sk
if isinstance(pk, (SecretKey, libnacl.dual.DualSecret)):
raise ValueError('Passed in secret key as public key')
if isinstance(pk, PublicKey):
pk = pk.pk
if pk and sk:
self._k = libnacl.crypto_box_beforenm(pk, sk)