How to use the libnacl.public.Box function in libnacl
To help you get started, we’ve selected a few libnacl examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
saltstack / libnacl / tests / unit / test_save.py View on Github 
def test_save_load(self):
msg = b'then leap out of the rabbit, taking the French by surprise'
bob = libnacl.dual.DualSecret()
alice = libnacl.dual.DualSecret()
fh_, bob_path = tempfile.mkstemp()
os.close(fh_)
fh_, alice_path = tempfile.mkstemp()
os.close(fh_)
bob.save(bob_path)
alice.save(alice_path)
bob_box = libnacl.public.Box(bob, alice.pk)
alice_box = libnacl.public.Box(alice, bob.pk)
bob_enc = bob_box.encrypt(msg)
alice_enc = alice_box.encrypt(msg)
bob_load = libnacl.utils.load_key(bob_path)
alice_load = libnacl.utils.load_key(alice_path)
bob_load_box = libnacl.public.Box(bob_load, alice_load.pk)
alice_load_box = libnacl.public.Box(alice_load, bob_load.pk)
self.assertEqual(bob.sk, bob_load.sk)
self.assertEqual(bob.pk, bob_load.pk)
self.assertEqual(bob.vk, bob_load.vk)
self.assertEqual(bob.seed, bob_load.seed)
self.assertEqual(alice.sk, alice_load.sk)
self.assertEqual(alice.pk, alice_load.pk)
self.assertEqual(alice.vk, alice_load.vk)
self.assertEqual(alice.seed, alice_load.seed)
bob_dec = alice_load_box.decrypt(bob_enc)def test_public_key_encryption(self):
msg = b'You\'ve got two empty halves of coconut and you\'re bangin\' \'em together.'
bob = libnacl.public.SecretKey()
alice = libnacl.public.SecretKey()
bob_box = libnacl.public.Box(bob.sk, alice.pk)
alice_box = libnacl.public.Box(alice.sk, bob.pk)
bob_ctxt = bob_box.encrypt(msg)
bclear = alice_box.decrypt(bob_ctxt)
alice_ctxt = alice_box.encrypt(msg)
aclear = alice_box.decrypt(alice_ctxt)
self.assertEqual(bclear, aclear)
self.assertEqual(bclear, msg)msg = b'then leap out of the rabbit, taking the French by surprise'
bob = libnacl.dual.DualSecret()
alice = libnacl.dual.DualSecret()
fh_, bob_path = tempfile.mkstemp()
os.close(fh_)
fh_, alice_path = tempfile.mkstemp()
os.close(fh_)
bob.save(bob_path)
alice.save(alice_path)
bob_box = libnacl.public.Box(bob, alice.pk)
alice_box = libnacl.public.Box(alice, bob.pk)
bob_enc = bob_box.encrypt(msg)
alice_enc = alice_box.encrypt(msg)
bob_load = libnacl.utils.load_key(bob_path)
alice_load = libnacl.utils.load_key(alice_path)
bob_load_box = libnacl.public.Box(bob_load, alice_load.pk)
alice_load_box = libnacl.public.Box(alice_load, bob_load.pk)
self.assertEqual(bob.sk, bob_load.sk)
self.assertEqual(bob.pk, bob_load.pk)
self.assertEqual(bob.vk, bob_load.vk)
self.assertEqual(bob.seed, bob_load.seed)
self.assertEqual(alice.sk, alice_load.sk)
self.assertEqual(alice.pk, alice_load.pk)
self.assertEqual(alice.vk, alice_load.vk)
self.assertEqual(alice.seed, alice_load.seed)
bob_dec = alice_load_box.decrypt(bob_enc)
alice_dec = bob_load_box.decrypt(alice_enc)
self.assertEqual(bob_dec, msg)
self.assertEqual(alice_dec, msg)
os.remove(bob_path)
os.remove(alice_path)# server-hello, already checked in another test
message, _, sck, s, d, start_scsn = await client.recv()
ssk = message['key']
client.box = libnacl.public.Box(sk=initiator_key, pk=ssk)
# client-auth
cck, ccsn = cookie_factory(), 2**32 - 1
await client.send(pack_nonce(cck, 0x00, 0x00, ccsn), {
'type': 'client-auth',
'your_cookie': sck,
'subprotocols': pytest.saltyrtc.subprotocols,
})
ccsn += 1
# server-auth
client.sign_box = libnacl.public.Box(
sk=initiator_key, pk=server_permanent_keys[0].pk)
message, nonce, ck, s, d, scsn = await client.recv()
assert s == 0x00
assert d == 0x01
assert sck == ck
assert scsn == start_scsn + 1
assert message['type'] == 'server-auth'
assert message['your_cookie'] == cck
assert len(message['signed_keys']) == SIGNED_KEYS_CIPHERTEXT_LENGTH
keys = client.sign_box.decrypt(message['signed_keys'], nonce=nonce)
assert keys == ssk + initiator_key.pk
assert 'initiator_connected' not in message
assert len(message['responders']) == 0
await client.close()
await server.wait_connections_closed()Decrypt data by using public-key decryption.
Arguments:
- `key_pair`: A tuple containing our private key and the public
key of the sender.
- `nonce`: The nonce of the encrypted data.
- `data`: Encrypted data.
Raises `libnacl.CryptError` in case the data could not be decrypted.
Raises `ValueError` in other cases.
Return the decrypted data.
"""
# Decrypt payload
private, public = key_pair
box = libnacl.public.Box(sk=private, pk=public)
return box.decrypt(data, nonce=nonce)
Encrypt message text with the public key of the recipient and a nonce
The nonce must be a 24 character string (you can use libnacl.utils.rand_nonce() to get one)
and unique for each encrypted message.
Return base58 encoded encrypted message
:param pubkey: Base58 encoded public key of the recipient
:param nonce: Unique nonce
:param text: Message to encrypt
:return:
"""
text_bytes = ensure_bytes(text)
nonce_bytes = ensure_bytes(nonce)
recipient_pubkey = PublicKey(pubkey)
crypt_bytes = libnacl.public.Box(self, recipient_pubkey).encrypt(
text_bytes, nonce_bytes
)
return Base58Encoder.encode(crypt_bytes[24:])
def box(self) -> MessageBox:
"""
Return the session's :class:`libnacl.public.Box` instance.
"""
if self._box is None:
self._box = MessageBox(libnacl.public.Box(self.server_key, self._client_key))
return self._boxdef public_key_encrypt(sender_sk, receiver_pk, plaintext):
sender_box = libnacl.public.Box(sender_sk, receiver_pk)
return sender_box.encrypt(plaintext)def as_init_encryption(kp, c_pk):
"""Given an initialised
keypair kp and a counterparty
pubkey c_pk, create a Box
ready for encryption/decryption.
"""
if not isinstance(c_pk, public.PublicKey):
raise NaclError("Object is not a public key")
if not isinstance(kp, public.SecretKey):
raise NaclError("Object is not a nacl keypair")
return public.Box(kp.sk, c_pk)def public_key_box(sk, pk):
return libnacl.public.Box(sk, pk)libnacl
Python bindings for libsodium based on ctypes
Package Health Score
68 / 100Popular libnacl functions
- libnacl.crypto_box_beforenm
- libnacl.crypto_generichash
- libnacl.crypto_hash_sha256
- libnacl.crypto_sign_open
- libnacl.crypto_sign_seed_keypair
- libnacl.dual.DualSecret
- libnacl.encode.hex_decode
- libnacl.encode.hex_encode
- libnacl.public
- libnacl.public.Box
- libnacl.public.PublicKey
- libnacl.public.SecretKey
- libnacl.randombytes
- libnacl.sealed.SealedBox
- libnacl.secret
- libnacl.secret.SecretBox
- libnacl.sign.Signer
- libnacl.sign.Verifier
- libnacl.utils
- libnacl.utils.rand_nonce