././@PaxHeader0000000000000000000000000000003400000000000010212 xustar0028 mtime=1723031282.8425572 pysodium-0.7.18/0000755000175000017500000000000014654657363011031 5ustar00ss././@PaxHeader0000000000000000000000000000002600000000000010213 xustar0022 mtime=1723031109.0 pysodium-0.7.18/AUTHORS0000644000175000017500000000045214654657105012074 0ustar00ssStefan Marsiske s@ctrlc.hu Bulat Gaifullin Maximilian Heß J Bell Cale Black Jan Varho Henri Sivonen Wes Young namelessjon Emmanuel Vadot Kevin DeLoach Andreas Bogk Fredrick Brennan iachievedit Tacitus Aedifex venzen Blaz Bregar berndb84 Chris Topher c@creemama.com Jonathan Levin Stefan Schaubeck ././@PaxHeader0000000000000000000000000000002600000000000010213 xustar0022 mtime=1723031109.0 pysodium-0.7.18/LICENSE.txt0000644000175000017500000000251314654657105012647 0ustar00ssWrapper for libsodium library Copyright (c) 2013-2014, Marsiske Stefan. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ././@PaxHeader0000000000000000000000000000002600000000000010213 xustar0022 mtime=1723031109.0 pysodium-0.7.18/MANIFEST.in0000644000175000017500000000006614654657105012563 0ustar00ssinclude AUTHORS include LICENSE.txt include README.md ././@PaxHeader0000000000000000000000000000003400000000000010212 xustar0028 mtime=1723031282.8415573 pysodium-0.7.18/PKG-INFO0000644000175000017500000002603214654657363012131 0ustar00ssMetadata-Version: 2.1 Name: pysodium Version: 0.7.18 Summary: python libsodium wrapper Home-page: https://github.com/stef/pysodium Author: Stefan Marsiske Author-email: s@ctrlc.hu License: BSD Keywords: cryptography API NaCl libsodium Classifier: Development Status :: 4 - Beta Classifier: License :: OSI Approved :: BSD License Classifier: Topic :: Security :: Cryptography Classifier: Topic :: Security Requires: libsodium License-File: LICENSE.txt License-File: AUTHORS This is a very simple wrapper around libsodium masquerading as nacl. [![Build Status](https://travis-ci.org/stef/pysodium.svg?branch=master)](https://travis-ci.org/stef/pysodium) This wrapper requires a pre-installed libsodium from: https://github.com/jedisct1/libsodium then it provides access to the following functions: ``` crypto_aead_aegis128l_decrypt(ciphertext, ad, nonce, key) crypto_aead_aegis128l_encrypt(message, ad, nonce, key) crypto_aead_aegis128l_decrypt_detached(ciphertext, mac, ad, nonce, key) crypto_aead_aegis128l_encrypt_detached(message, ad, nonce, key) crypto_aead_aegis256_decrypt(ciphertext, ad, nonce, key) crypto_aead_aegis256_encrypt(message, ad, nonce, key) crypto_aead_aegis256_decrypt_detached(ciphertext, mac, ad, nonce, key) crypto_aead_aegis256_encrypt_detached(message, ad, nonce, key) crypto_aead_chacha20poly1305_decrypt(ciphertext, ad, nonce, key) crypto_aead_chacha20poly1305_encrypt(message, ad, nonce, key) crypto_aead_chacha20poly1305_decrypt_detached(ciphertext, mac, ad, nonce, key) crypto_aead_chacha20poly1305_encrypt_detached(message, ad, nonce, key) crypto_aead_chacha20poly1305_ietf_decrypt(ciphertext, ad, nonce, key) crypto_aead_chacha20poly1305_ietf_encrypt(message, ad, nonce, key) crypto_aead_chacha20poly1305_ietf_decrypt_detached(ciphertext, mac, ad, nonce, key) crypto_aead_chacha20poly1305_ietf_encrypt_detached(message, ad, nonce, key) crypto_aead_xchacha20poly1305_ietf_decrypt(ciphertext, ad, nonce, key) crypto_aead_xchacha20poly1305_ietf_encrypt(message, ad, nonce, key) crypto_auth(message, key) crypto_auth_verify(tag, message, key) crypto_box_afternm(msg, nonce, k) crypto_box_beforenm(pk, sk) crypto_box_detached(msg, nonce, pk, sk) crypto_box_keypair() crypto_box(msg, nonce, pk, sk) crypto_box_open_afternm(c, nonce, k) crypto_box_open(c, nonce, pk, sk) crypto_box_open_detached(c, mac, nonce, pk, sk) crypto_box_seal(msg, pk) crypto_box_seal_open(c, pk, sk) crypto_box_seed_keypair(seed) crypto_generichash_blake2b_salt_personal(message, outlen = crypto_generichash_blake2b_BYTES, key = b'', salt = b'', personal = b'') crypto_generichash_final(state, outlen=crypto_generichash_BYTES) crypto_generichash_init(outlen=crypto_generichash_BYTES, k=b'') crypto_generichash(m, k=b'', outlen=crypto_generichash_BYTES) crypto_generichash_update(state, m) crypto_hash_sha256(message) crypto_hash_sha512(message) crypto_hash_sha512_init() crypto_hash_sha512_update(state, data) crypto_hash_sha512_final(state) crypto_kx_client_session_keys(client_pk, client_sk, server_pk) crypto_kx_keypair() crypto_kx_server_session_keys(server_pk, server_sk, client_pk) crypto_pwhash(outlen, passwd, salt, opslimit, memlimit, alg) crypto_pwhash_scryptsalsa208sha256(outlen, passwd, salt, opslimit, memlimit) crypto_pwhash_scryptsalsa208sha256_str(passwd, opslimit, memlimit) crypto_pwhash_scryptsalsa208sha256_str_verify(stored, passwd) crypto_pwhash_str(passwd, opslimit, memlimit) crypto_pwhash_str_verify(pstr, passwd) crypto_scalarmult_base(n) crypto_scalarmult_curve25519_base(n) crypto_scalarmult_curve25519(n, p) crypto_secretbox(msg, nonce, k) crypto_secretbox_detached(msg, nonce, k) crypto_secretbox_open(c, nonce, k) crypto_secretbox_open_detached(c, mac, nonce, k) crypto_secretstream_xchacha20poly1305_keygen(): crypto_secretstream_xchacha20poly1305_init_push(key): crypto_secretstream_xchacha20poly1305_init_pull(header, key): crypto_secretstream_xchacha20poly1305_rekey(state): crypto_secretstream_xchacha20poly1305_push(state, message, ad, tag): crypto_secretstream_xchacha20poly1305_pull(state, ciphertext, ad): crypto_sign_init() crypto_sign_update(state, m) crypto_sign_final_create(state, sk) crypto_sign_final_verify(state, sig, pk) crypto_sign_detached(m, sk) crypto_sign_keypair() crypto_sign(m, sk) crypto_sign_open(sm, pk) crypto_sign_pk_to_box_pk(pk) crypto_sign_seed_keypair(seed) crypto_sign_sk_to_box_sk(sk) crypto_sign_sk_to_pk(sk) crypto_sign_sk_to_seed(sk) crypto_sign_verify_detached(sig, msg, pk) crypto_stream_chacha20_xor(message, nonce, key) crypto_stream_chacha20_xor_ic(message, nonce, initial_counter, key) crypto_stream_chacha20_ietf_xor(message, nonce, key) crypto_stream_chacha20_ietf_xor_ic(message, nonce, initial_counter, key) crypto_stream_xchacha20_xor(message, nonce, key) crypto_stream_xchacha20_xor_ic(message, nonce, initial_counter, key) crypto_stream(cnt, nonce=None, key=None) crypto_stream_xor(msg, cnt, nonce=None, key=None) randombytes(size) sodium_increment(bytes) crypto_core_ristretto255_is_valid_point(p) crypto_core_ristretto255_from_hash(r) crypto_scalarmult_ristretto255(n, p) crypto_scalarmult_ristretto255_base(n) crypto_core_ristretto255_scalar_random() crypto_core_ristretto255_scalar_invert(s) crypto_core_ristretto255_scalar_reduce(s) crypto_core_ristretto255_add(p, q) crypto_core_ristretto255_sub(p,q) crypto_core_ristretto255_random() crypto_core_ristretto255_scalar_negate(s) crypto_core_ristretto255_scalar_complement(s) crypto_core_ristretto255_scalar_add(x,y) crypto_core_ristretto255_scalar_sub(x,y) crypto_core_ristretto255_scalar_mul(x,y) crypto_auth_hmacsha256_keygen crypto_auth_hmacsha256 crypto_auth_hmacsha256_verify crypto_auth_hmacsha512_keygen crypto_auth_hmacsha512 crypto_auth_hmacsha512_verify crypto_auth_hmacsha512256_keygen crypto_auth_hmacsha512256 crypto_auth_hmacsha512256_verify crypto_kdf_derive_from_key(subkey_len, subkey_id, ctx, key) crypto_kdf_keygen() crypto_kdf_hkdf_sha256_extract_init(salt=b'') crypto_kdf_hkdf_sha256_extract_update(state, ikm=b'') crypto_kdf_hkdf_sha256_extract_final(state) crypto_kdf_hkdf_sha256_extract(salt=b'', ikm=b'') crypto_kdf_hkdf_sha256_keygen() crypto_kdf_hkdf_sha256_expand(outlen, prk, ctx=b'') crypto_kdf_hkdf_sha512_extract_init(salt=b'') crypto_kdf_hkdf_sha512_extract_update(state, ikm=b'') crypto_kdf_hkdf_sha512_extract_final(state) crypto_kdf_hkdf_sha512_extract(salt=b'', ikm=b'') crypto_kdf_hkdf_sha512_keygen() crypto_kdf_hkdf_sha512_expand(outlen, prk, ctx=b'') ``` Constants: ``` crypto_aead_chacha20poly1305_ABYTES crypto_aead_chacha20poly1305_KEYBYTES crypto_aead_chacha20poly1305_NPUBBYTES crypto_aead_chacha20poly1305_ietf_KEYBYTES crypto_aead_chacha20poly1305_ietf_NPUBBYTES crypto_aead_chacha20poly1305_ietf_ABYTES crypto_aead_xchacha20poly1305_ietf_KEYBYTES crypto_aead_xchacha20poly1305_ietf_NPUBBYTES crypto_aead_xchacha20poly1305_ietf_ABYTES crypto_auth_BYTES crypto_auth_KEYBYTES crypto_box_BEFORENMBYTES crypto_box_BOXZEROBYTES crypto_box_MACBYTES crypto_box_NONCEBYTES crypto_box_PUBLICKEYBYTES crypto_box_SEALBYTES crypto_box_SECRETKEYBYTES crypto_box_SEEDBYTES crypto_box_ZEROBYTES crypto_generichash_KEYBYTES_MAX crypto_generichash_BYTES crypto_generichash_BYTES_MAX crypto_generichash_BYTES_MIN crypto_generichash_STATEBYTES crypto_generichash_blake2b_BYTES crypto_generichash_blake2b_BYTES_MAX crypto_generichash_blake2b_BYTES_MIN crypto_generichash_blake2b_KEYBYTES_MAX crypto_generichash_blake2b_PERSONALBYTES crypto_generichash_blake2b_SALTBYTES crypto_hash_sha256_BYTES crypto_hash_sha512_BYTES crypto_hash_sha512_STATEBYTES crypto_kx_PUBLICKEYBYTES crypto_kx_SECRETKEYBYTES crypto_kx_SESSIONKEYBYTES crypto_pwhash_ALG_DEFAULT crypto_pwhash_ALG_ARGON2I13 crypto_pwhash_ALG_ARGON2ID13 crypto_pwhash_BYTES_MAX crypto_pwhash_BYTES_MIN crypto_pwhash_MEMLIMIT_MAX crypto_pwhash_MEMLIMIT_MIN crypto_pwhash_MEMLIMIT_INTERACTIVE crypto_pwhash_MEMLIMIT_MODERATE crypto_pwhash_MEMLIMIT_SENSITIVE crypto_pwhash_OPSLIMIT_MAX crypto_pwhash_OPSLIMIT_MIN crypto_pwhash_OPSLIMIT_INTERACTIVE crypto_pwhash_OPSLIMIT_MODERATE crypto_pwhash_OPSLIMIT_SENSITIVE crypto_pwhash_PASSWD_MAX crypto_pwhash_PASSWD_MIN crypto_pwhash_argon2i_MEMLIMIT_INTERACTIVE crypto_pwhash_argon2i_MEMLIMIT_MODERATE crypto_pwhash_argon2i_MEMLIMIT_SENSITIVE crypto_pwhash_argon2i_OPSLIMIT_INTERACTIVE crypto_pwhash_argon2i_OPSLIMIT_MODERATE crypto_pwhash_argon2i_OPSLIMIT_SENSITIVE crypto_pwhash_argon2id_MEMLIMIT_INTERACTIVE crypto_pwhash_argon2id_MEMLIMIT_MODERATE crypto_pwhash_argon2id_MEMLIMIT_SENSITIVE crypto_pwhash_argon2id_OPSLIMIT_INTERACTIVE crypto_pwhash_argon2id_OPSLIMIT_MODERATE crypto_pwhash_argon2id_OPSLIMIT_SENSITIVE crypto_pwhash_SALTBYTES crypto_pwhash_STRBYTES crypto_pwhash_scryptsalsa208sha256_BYTES_MAX crypto_pwhash_scryptsalsa208sha256_BYTES_MIN crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MAX crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MIN crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_SENSITIVE crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MAX crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MIN crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_SENSITIVE crypto_pwhash_scryptsalsa208sha256_PASSWD_MAX crypto_pwhash_scryptsalsa208sha256_PASSWD_MIN crypto_pwhash_scryptsalsa208sha256_SALTBYTES crypto_pwhash_scryptsalsa208sha256_STRBYTES crypto_pwhash_scryptsalsa208sha256_STRPREFIX crypto_scalarmult_BYTES crypto_scalarmult_SCALARBYTES crypto_scalarmult_curve25519_BYTES crypto_secretbox_BOXZEROBYTES crypto_secretbox_KEYBYTES crypto_secretbox_KEYBYTES crypto_secretbox_MACBYTES crypto_secretbox_NONCEBYTES crypto_secretbox_ZEROBYTES crypto_secretstream_xchacha20poly1305_STATEBYTES crypto_secretstream_xchacha20poly1305_ABYTES crypto_secretstream_xchacha20poly1305_HEADERBYTES crypto_secretstream_xchacha20poly1305_KEYBYTES crypto_secretstream_xchacha20poly1305_MESSAGEBYTES_MAX crypto_secretstream_xchacha20poly1305_TAG_MESSAGE crypto_secretstream_xchacha20poly1305_TAG_PUSH crypto_secretstream_xchacha20poly1305_TAG_REKEY crypto_secretstream_xchacha20poly1305_TAG_FINAL crypto_sign_BYTES crypto_sign_PUBLICKEYBYTES crypto_sign_SECRETKEYBYTES crypto_sign_SEEDBYTES crypto_sign_ed25519_PUBLICKEYBYTES crypto_sign_ed25519_SECRETKEYBYTES crypto_stream_KEYBYTES crypto_stream_NONCEBYTES crypto_stream_chacha20_NONCEBYTES crypto_stream_chacha20_KEYBYTES crypto_stream_chacha20_ietf_NONCEBYTES crypto_stream_chacha20_ietf_KEYBYTES crypto_stream_xchacha20_NONCEBYTES crypto_stream_xchacha20_KEYBYTES crypto_core_ristretto255_BYTES crypto_core_ristretto255_HASHBYTES crypto_core_ristretto255_SCALARBYTES crypto_core_ristretto255_NONREDUCEDSCALARBYTES crypto_auth_hmacsha256_BYTES crypto_auth_hmacsha256_KEYBYTES crypto_auth_hmacsha512_BYTES crypto_auth_hmacsha512_KEYBYTES crypto_auth_hmacsha512256_BYTES crypto_auth_hmacsha512256_KEYBYTES crypto_kdf_BYTES_MIN crypto_kdf_BYTES_MAX crypto_kdf_CONTEXTBYTES crypto_kdf_KEYBYTES crypto_kdf_hkdf_sha256_KEYBYTES crypto_kdf_hkdf_sha256_BYTES_MIN crypto_kdf_hkdf_sha256_BYTES_MAX crypto_kdf_hkdf_sha256_STATEBYTES ``` Note most of the the `*_easy` functions are not implemented as the "non-easy" functions provide already the "easy" interface, which hides the placement of buffers in memory, which makes little sense in python, so this wrapper handles this. ././@PaxHeader0000000000000000000000000000002600000000000010213 xustar0022 mtime=1723031109.0 pysodium-0.7.18/README.md0000644000175000017500000002510014654657105012300 0ustar00ssThis is a very simple wrapper around libsodium masquerading as nacl. [![Build Status](https://travis-ci.org/stef/pysodium.svg?branch=master)](https://travis-ci.org/stef/pysodium) This wrapper requires a pre-installed libsodium from: https://github.com/jedisct1/libsodium then it provides access to the following functions: ``` crypto_aead_aegis128l_decrypt(ciphertext, ad, nonce, key) crypto_aead_aegis128l_encrypt(message, ad, nonce, key) crypto_aead_aegis128l_decrypt_detached(ciphertext, mac, ad, nonce, key) crypto_aead_aegis128l_encrypt_detached(message, ad, nonce, key) crypto_aead_aegis256_decrypt(ciphertext, ad, nonce, key) crypto_aead_aegis256_encrypt(message, ad, nonce, key) crypto_aead_aegis256_decrypt_detached(ciphertext, mac, ad, nonce, key) crypto_aead_aegis256_encrypt_detached(message, ad, nonce, key) crypto_aead_chacha20poly1305_decrypt(ciphertext, ad, nonce, key) crypto_aead_chacha20poly1305_encrypt(message, ad, nonce, key) crypto_aead_chacha20poly1305_decrypt_detached(ciphertext, mac, ad, nonce, key) crypto_aead_chacha20poly1305_encrypt_detached(message, ad, nonce, key) crypto_aead_chacha20poly1305_ietf_decrypt(ciphertext, ad, nonce, key) crypto_aead_chacha20poly1305_ietf_encrypt(message, ad, nonce, key) crypto_aead_chacha20poly1305_ietf_decrypt_detached(ciphertext, mac, ad, nonce, key) crypto_aead_chacha20poly1305_ietf_encrypt_detached(message, ad, nonce, key) crypto_aead_xchacha20poly1305_ietf_decrypt(ciphertext, ad, nonce, key) crypto_aead_xchacha20poly1305_ietf_encrypt(message, ad, nonce, key) crypto_auth(message, key) crypto_auth_verify(tag, message, key) crypto_box_afternm(msg, nonce, k) crypto_box_beforenm(pk, sk) crypto_box_detached(msg, nonce, pk, sk) crypto_box_keypair() crypto_box(msg, nonce, pk, sk) crypto_box_open_afternm(c, nonce, k) crypto_box_open(c, nonce, pk, sk) crypto_box_open_detached(c, mac, nonce, pk, sk) crypto_box_seal(msg, pk) crypto_box_seal_open(c, pk, sk) crypto_box_seed_keypair(seed) crypto_generichash_blake2b_salt_personal(message, outlen = crypto_generichash_blake2b_BYTES, key = b'', salt = b'', personal = b'') crypto_generichash_final(state, outlen=crypto_generichash_BYTES) crypto_generichash_init(outlen=crypto_generichash_BYTES, k=b'') crypto_generichash(m, k=b'', outlen=crypto_generichash_BYTES) crypto_generichash_update(state, m) crypto_hash_sha256(message) crypto_hash_sha512(message) crypto_hash_sha512_init() crypto_hash_sha512_update(state, data) crypto_hash_sha512_final(state) crypto_kx_client_session_keys(client_pk, client_sk, server_pk) crypto_kx_keypair() crypto_kx_server_session_keys(server_pk, server_sk, client_pk) crypto_pwhash(outlen, passwd, salt, opslimit, memlimit, alg) crypto_pwhash_scryptsalsa208sha256(outlen, passwd, salt, opslimit, memlimit) crypto_pwhash_scryptsalsa208sha256_str(passwd, opslimit, memlimit) crypto_pwhash_scryptsalsa208sha256_str_verify(stored, passwd) crypto_pwhash_str(passwd, opslimit, memlimit) crypto_pwhash_str_verify(pstr, passwd) crypto_scalarmult_base(n) crypto_scalarmult_curve25519_base(n) crypto_scalarmult_curve25519(n, p) crypto_secretbox(msg, nonce, k) crypto_secretbox_detached(msg, nonce, k) crypto_secretbox_open(c, nonce, k) crypto_secretbox_open_detached(c, mac, nonce, k) crypto_secretstream_xchacha20poly1305_keygen(): crypto_secretstream_xchacha20poly1305_init_push(key): crypto_secretstream_xchacha20poly1305_init_pull(header, key): crypto_secretstream_xchacha20poly1305_rekey(state): crypto_secretstream_xchacha20poly1305_push(state, message, ad, tag): crypto_secretstream_xchacha20poly1305_pull(state, ciphertext, ad): crypto_sign_init() crypto_sign_update(state, m) crypto_sign_final_create(state, sk) crypto_sign_final_verify(state, sig, pk) crypto_sign_detached(m, sk) crypto_sign_keypair() crypto_sign(m, sk) crypto_sign_open(sm, pk) crypto_sign_pk_to_box_pk(pk) crypto_sign_seed_keypair(seed) crypto_sign_sk_to_box_sk(sk) crypto_sign_sk_to_pk(sk) crypto_sign_sk_to_seed(sk) crypto_sign_verify_detached(sig, msg, pk) crypto_stream_chacha20_xor(message, nonce, key) crypto_stream_chacha20_xor_ic(message, nonce, initial_counter, key) crypto_stream_chacha20_ietf_xor(message, nonce, key) crypto_stream_chacha20_ietf_xor_ic(message, nonce, initial_counter, key) crypto_stream_xchacha20_xor(message, nonce, key) crypto_stream_xchacha20_xor_ic(message, nonce, initial_counter, key) crypto_stream(cnt, nonce=None, key=None) crypto_stream_xor(msg, cnt, nonce=None, key=None) randombytes(size) sodium_increment(bytes) crypto_core_ristretto255_is_valid_point(p) crypto_core_ristretto255_from_hash(r) crypto_scalarmult_ristretto255(n, p) crypto_scalarmult_ristretto255_base(n) crypto_core_ristretto255_scalar_random() crypto_core_ristretto255_scalar_invert(s) crypto_core_ristretto255_scalar_reduce(s) crypto_core_ristretto255_add(p, q) crypto_core_ristretto255_sub(p,q) crypto_core_ristretto255_random() crypto_core_ristretto255_scalar_negate(s) crypto_core_ristretto255_scalar_complement(s) crypto_core_ristretto255_scalar_add(x,y) crypto_core_ristretto255_scalar_sub(x,y) crypto_core_ristretto255_scalar_mul(x,y) crypto_auth_hmacsha256_keygen crypto_auth_hmacsha256 crypto_auth_hmacsha256_verify crypto_auth_hmacsha512_keygen crypto_auth_hmacsha512 crypto_auth_hmacsha512_verify crypto_auth_hmacsha512256_keygen crypto_auth_hmacsha512256 crypto_auth_hmacsha512256_verify crypto_kdf_derive_from_key(subkey_len, subkey_id, ctx, key) crypto_kdf_keygen() crypto_kdf_hkdf_sha256_extract_init(salt=b'') crypto_kdf_hkdf_sha256_extract_update(state, ikm=b'') crypto_kdf_hkdf_sha256_extract_final(state) crypto_kdf_hkdf_sha256_extract(salt=b'', ikm=b'') crypto_kdf_hkdf_sha256_keygen() crypto_kdf_hkdf_sha256_expand(outlen, prk, ctx=b'') crypto_kdf_hkdf_sha512_extract_init(salt=b'') crypto_kdf_hkdf_sha512_extract_update(state, ikm=b'') crypto_kdf_hkdf_sha512_extract_final(state) crypto_kdf_hkdf_sha512_extract(salt=b'', ikm=b'') crypto_kdf_hkdf_sha512_keygen() crypto_kdf_hkdf_sha512_expand(outlen, prk, ctx=b'') ``` Constants: ``` crypto_aead_chacha20poly1305_ABYTES crypto_aead_chacha20poly1305_KEYBYTES crypto_aead_chacha20poly1305_NPUBBYTES crypto_aead_chacha20poly1305_ietf_KEYBYTES crypto_aead_chacha20poly1305_ietf_NPUBBYTES crypto_aead_chacha20poly1305_ietf_ABYTES crypto_aead_xchacha20poly1305_ietf_KEYBYTES crypto_aead_xchacha20poly1305_ietf_NPUBBYTES crypto_aead_xchacha20poly1305_ietf_ABYTES crypto_auth_BYTES crypto_auth_KEYBYTES crypto_box_BEFORENMBYTES crypto_box_BOXZEROBYTES crypto_box_MACBYTES crypto_box_NONCEBYTES crypto_box_PUBLICKEYBYTES crypto_box_SEALBYTES crypto_box_SECRETKEYBYTES crypto_box_SEEDBYTES crypto_box_ZEROBYTES crypto_generichash_KEYBYTES_MAX crypto_generichash_BYTES crypto_generichash_BYTES_MAX crypto_generichash_BYTES_MIN crypto_generichash_STATEBYTES crypto_generichash_blake2b_BYTES crypto_generichash_blake2b_BYTES_MAX crypto_generichash_blake2b_BYTES_MIN crypto_generichash_blake2b_KEYBYTES_MAX crypto_generichash_blake2b_PERSONALBYTES crypto_generichash_blake2b_SALTBYTES crypto_hash_sha256_BYTES crypto_hash_sha512_BYTES crypto_hash_sha512_STATEBYTES crypto_kx_PUBLICKEYBYTES crypto_kx_SECRETKEYBYTES crypto_kx_SESSIONKEYBYTES crypto_pwhash_ALG_DEFAULT crypto_pwhash_ALG_ARGON2I13 crypto_pwhash_ALG_ARGON2ID13 crypto_pwhash_BYTES_MAX crypto_pwhash_BYTES_MIN crypto_pwhash_MEMLIMIT_MAX crypto_pwhash_MEMLIMIT_MIN crypto_pwhash_MEMLIMIT_INTERACTIVE crypto_pwhash_MEMLIMIT_MODERATE crypto_pwhash_MEMLIMIT_SENSITIVE crypto_pwhash_OPSLIMIT_MAX crypto_pwhash_OPSLIMIT_MIN crypto_pwhash_OPSLIMIT_INTERACTIVE crypto_pwhash_OPSLIMIT_MODERATE crypto_pwhash_OPSLIMIT_SENSITIVE crypto_pwhash_PASSWD_MAX crypto_pwhash_PASSWD_MIN crypto_pwhash_argon2i_MEMLIMIT_INTERACTIVE crypto_pwhash_argon2i_MEMLIMIT_MODERATE crypto_pwhash_argon2i_MEMLIMIT_SENSITIVE crypto_pwhash_argon2i_OPSLIMIT_INTERACTIVE crypto_pwhash_argon2i_OPSLIMIT_MODERATE crypto_pwhash_argon2i_OPSLIMIT_SENSITIVE crypto_pwhash_argon2id_MEMLIMIT_INTERACTIVE crypto_pwhash_argon2id_MEMLIMIT_MODERATE crypto_pwhash_argon2id_MEMLIMIT_SENSITIVE crypto_pwhash_argon2id_OPSLIMIT_INTERACTIVE crypto_pwhash_argon2id_OPSLIMIT_MODERATE crypto_pwhash_argon2id_OPSLIMIT_SENSITIVE crypto_pwhash_SALTBYTES crypto_pwhash_STRBYTES crypto_pwhash_scryptsalsa208sha256_BYTES_MAX crypto_pwhash_scryptsalsa208sha256_BYTES_MIN crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MAX crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MIN crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_SENSITIVE crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MAX crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MIN crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_SENSITIVE crypto_pwhash_scryptsalsa208sha256_PASSWD_MAX crypto_pwhash_scryptsalsa208sha256_PASSWD_MIN crypto_pwhash_scryptsalsa208sha256_SALTBYTES crypto_pwhash_scryptsalsa208sha256_STRBYTES crypto_pwhash_scryptsalsa208sha256_STRPREFIX crypto_scalarmult_BYTES crypto_scalarmult_SCALARBYTES crypto_scalarmult_curve25519_BYTES crypto_secretbox_BOXZEROBYTES crypto_secretbox_KEYBYTES crypto_secretbox_KEYBYTES crypto_secretbox_MACBYTES crypto_secretbox_NONCEBYTES crypto_secretbox_ZEROBYTES crypto_secretstream_xchacha20poly1305_STATEBYTES crypto_secretstream_xchacha20poly1305_ABYTES crypto_secretstream_xchacha20poly1305_HEADERBYTES crypto_secretstream_xchacha20poly1305_KEYBYTES crypto_secretstream_xchacha20poly1305_MESSAGEBYTES_MAX crypto_secretstream_xchacha20poly1305_TAG_MESSAGE crypto_secretstream_xchacha20poly1305_TAG_PUSH crypto_secretstream_xchacha20poly1305_TAG_REKEY crypto_secretstream_xchacha20poly1305_TAG_FINAL crypto_sign_BYTES crypto_sign_PUBLICKEYBYTES crypto_sign_SECRETKEYBYTES crypto_sign_SEEDBYTES crypto_sign_ed25519_PUBLICKEYBYTES crypto_sign_ed25519_SECRETKEYBYTES crypto_stream_KEYBYTES crypto_stream_NONCEBYTES crypto_stream_chacha20_NONCEBYTES crypto_stream_chacha20_KEYBYTES crypto_stream_chacha20_ietf_NONCEBYTES crypto_stream_chacha20_ietf_KEYBYTES crypto_stream_xchacha20_NONCEBYTES crypto_stream_xchacha20_KEYBYTES crypto_core_ristretto255_BYTES crypto_core_ristretto255_HASHBYTES crypto_core_ristretto255_SCALARBYTES crypto_core_ristretto255_NONREDUCEDSCALARBYTES crypto_auth_hmacsha256_BYTES crypto_auth_hmacsha256_KEYBYTES crypto_auth_hmacsha512_BYTES crypto_auth_hmacsha512_KEYBYTES crypto_auth_hmacsha512256_BYTES crypto_auth_hmacsha512256_KEYBYTES crypto_kdf_BYTES_MIN crypto_kdf_BYTES_MAX crypto_kdf_CONTEXTBYTES crypto_kdf_KEYBYTES crypto_kdf_hkdf_sha256_KEYBYTES crypto_kdf_hkdf_sha256_BYTES_MIN crypto_kdf_hkdf_sha256_BYTES_MAX crypto_kdf_hkdf_sha256_STATEBYTES ``` Note most of the the `*_easy` functions are not implemented as the "non-easy" functions provide already the "easy" interface, which hides the placement of buffers in memory, which makes little sense in python, so this wrapper handles this. ././@PaxHeader0000000000000000000000000000003300000000000010211 xustar0027 mtime=1723031282.834557 pysodium-0.7.18/pysodium/0000755000175000017500000000000014654657363012702 5ustar00ss././@PaxHeader0000000000000000000000000000002600000000000010213 xustar0022 mtime=1723031109.0 pysodium-0.7.18/pysodium/__init__.py0000755000175000017500000030021214654657105015006 0ustar00ss#!/usr/bin/env python """ Wrapper for libsodium library Copyright (c) 2013-2023, Marsiske Stefan. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. """ import ctypes import ctypes.util sodium = ctypes.cdll.LoadLibrary(ctypes.util.find_library('sodium') or ctypes.util.find_library('libsodium')) if not sodium._name: raise ValueError('Unable to find libsodium') sodium.sodium_version_string.restype = ctypes.c_char_p try: sodium_major = int(sodium.sodium_version_string().decode('utf8').split('.')[0]) sodium_minor = int(sodium.sodium_version_string().decode('utf8').split('.')[1]) sodium_patch = int(sodium.sodium_version_string().decode('utf8').split('.')[2]) except (IndexError, ValueError): raise ValueError('Unable to parse version string from libsodium') def sodium_version_check(major, minor, patch): """Check if the current libsodium version is greater or equal to the supplied one """ if major > sodium_major: return False if major == sodium_major and minor > sodium_minor: return False if major == sodium_major and minor == sodium_minor and patch > sodium_patch: return False return True def sodium_version(major, minor, patch): def decorator(func): def wrapper(*args, **kwargs): if sodium_version_check(major, minor, patch) == False: raise ValueError('Unavailable in this libsodium version') return func(*args, **kwargs) return wrapper return decorator def encode_strings(func): """ This decorator forces the encoding of str function parameters to UTF-8 to elliminate the differences between Python 3.x and Python 2.x. The only caveat is that bytes and str are both str types in Python 2.x so it is possible for the encode() function to fail. It is OK for us to accept that failure, hence the pass in the except block. Use this decorator on any functions that can take strings as parameters such as crypto_pwhash(). """ def wrapper(*args, **kwargs): largs = [] for arg in args: if isinstance(arg, str): try: arg = arg.encode(encoding='utf-8') except: pass largs.append(arg) for k in kwargs.keys(): if isinstance(kwargs[k], str): try: kwargs[k] = kwargs[k].encode(encoding='utf-8') except: pass return func(*largs, **kwargs) return wrapper sodium.crypto_pwhash_scryptsalsa208sha256_strprefix.restype = ctypes.c_char_p crypto_auth_KEYBYTES = sodium.crypto_auth_keybytes() crypto_auth_BYTES = sodium.crypto_auth_bytes() crypto_box_NONCEBYTES = sodium.crypto_box_noncebytes() crypto_box_BEFORENMBYTES = sodium.crypto_box_beforenmbytes() crypto_box_PUBLICKEYBYTES = sodium.crypto_box_publickeybytes() crypto_box_SECRETKEYBYTES = sodium.crypto_box_secretkeybytes() crypto_box_ZEROBYTES = sodium.crypto_box_zerobytes() crypto_box_BOXZEROBYTES = sodium.crypto_box_boxzerobytes() crypto_box_MACBYTES = sodium.crypto_box_macbytes() crypto_box_SEALBYTES = sodium.crypto_box_sealbytes() crypto_box_SEEDBYTES = sodium.crypto_box_seedbytes() crypto_secretbox_KEYBYTES = sodium.crypto_secretbox_keybytes() crypto_secretbox_NONCEBYTES = sodium.crypto_secretbox_noncebytes() crypto_secretbox_ZEROBYTES = sodium.crypto_secretbox_zerobytes() crypto_secretbox_BOXZEROBYTES = sodium.crypto_secretbox_boxzerobytes() crypto_secretbox_MACBYTES = sodium.crypto_secretbox_macbytes() crypto_sign_PUBLICKEYBYTES = sodium.crypto_sign_publickeybytes() crypto_sign_SECRETKEYBYTES = sodium.crypto_sign_secretkeybytes() crypto_sign_SEEDBYTES = sodium.crypto_sign_seedbytes() crypto_sign_BYTES = sodium.crypto_sign_bytes() crypto_sign_ed25519_SECRETKEYBYTES = sodium.crypto_sign_ed25519_secretkeybytes() crypto_sign_ed25519_PUBLICKEYBYTES = sodium.crypto_sign_ed25519_publickeybytes() crypto_stream_KEYBYTES = sodium.crypto_stream_keybytes() crypto_stream_NONCEBYTES = sodium.crypto_stream_noncebytes() crypto_stream_chacha20_NONCEBYTES = sodium.crypto_stream_chacha20_noncebytes() crypto_stream_chacha20_KEYBYTES = sodium.crypto_stream_chacha20_keybytes() crypto_stream_chacha20_ietf_NONCEBYTES = sodium.crypto_stream_chacha20_ietf_noncebytes() crypto_stream_chacha20_ietf_KEYBYTES = sodium.crypto_stream_chacha20_ietf_keybytes() crypto_stream_xchacha20_NONCEBYTES = sodium.crypto_stream_xchacha20_noncebytes() crypto_stream_xchacha20_KEYBYTES = sodium.crypto_stream_xchacha20_keybytes() crypto_generichash_KEYBYTES_MAX = sodium.crypto_generichash_keybytes_max() crypto_generichash_BYTES = sodium.crypto_generichash_bytes() crypto_generichash_BYTES_MIN = sodium.crypto_generichash_bytes_min() crypto_generichash_BYTES_MAX = sodium.crypto_generichash_bytes_max() crypto_generichash_STATEBYTES = sodium.crypto_generichash_statebytes() crypto_scalarmult_curve25519_BYTES = sodium.crypto_scalarmult_curve25519_bytes() crypto_scalarmult_BYTES = sodium.crypto_scalarmult_bytes() crypto_scalarmult_SCALARBYTES = sodium.crypto_scalarmult_curve25519_scalarbytes() crypto_generichash_blake2b_KEYBYTES_MAX = sodium.crypto_generichash_blake2b_keybytes_max() crypto_generichash_blake2b_BYTES = sodium.crypto_generichash_blake2b_bytes() crypto_generichash_blake2b_BYTES_MIN = sodium.crypto_generichash_blake2b_bytes_min() crypto_generichash_blake2b_BYTES_MAX = sodium.crypto_generichash_blake2b_bytes_max() crypto_generichash_blake2b_SALTBYTES = sodium.crypto_generichash_blake2b_saltbytes() crypto_generichash_blake2b_PERSONALBYTES = sodium.crypto_generichash_blake2b_personalbytes() crypto_pwhash_scryptsalsa208sha256_SALTBYTES = sodium.crypto_pwhash_scryptsalsa208sha256_saltbytes() crypto_pwhash_scryptsalsa208sha256_STRBYTES = sodium.crypto_pwhash_scryptsalsa208sha256_strbytes() crypto_pwhash_scryptsalsa208sha256_STRPREFIX = sodium.crypto_pwhash_scryptsalsa208sha256_strprefix() crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE = sodium.crypto_pwhash_scryptsalsa208sha256_opslimit_interactive() crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE = sodium.crypto_pwhash_scryptsalsa208sha256_memlimit_interactive() crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_SENSITIVE = sodium.crypto_pwhash_scryptsalsa208sha256_opslimit_sensitive() crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_SENSITIVE = sodium.crypto_pwhash_scryptsalsa208sha256_memlimit_sensitive() crypto_hash_sha256_BYTES = sodium.crypto_hash_sha256_bytes() crypto_hash_sha512_BYTES = sodium.crypto_hash_sha512_bytes() crypto_hash_sha512_STATEBYTES = sodium.crypto_hash_sha512_statebytes() crypto_aead_chacha20poly1305_KEYBYTES = sodium.crypto_aead_chacha20poly1305_keybytes() crypto_aead_chacha20poly1305_NPUBBYTES = sodium.crypto_aead_chacha20poly1305_npubbytes() crypto_aead_chacha20poly1305_NONCEBYTES = crypto_aead_chacha20poly1305_NPUBBYTES crypto_aead_chacha20poly1305_ABYTES = sodium.crypto_aead_chacha20poly1305_abytes() crypto_kdf_BYTES_MIN = sodium.crypto_kdf_bytes_min() crypto_kdf_BYTES_MAX = sodium.crypto_kdf_bytes_max() crypto_kdf_CONTEXTBYTES = sodium.crypto_kdf_contextbytes() crypto_kdf_KEYBYTES = sodium.crypto_kdf_keybytes() if sodium_version_check(1, 0, 9): crypto_aead_chacha20poly1305_ietf_KEYBYTES = sodium.crypto_aead_chacha20poly1305_ietf_keybytes() crypto_aead_chacha20poly1305_ietf_NPUBBYTES = sodium.crypto_aead_chacha20poly1305_ietf_npubbytes() crypto_aead_chacha20poly1305_ietf_ABYTES = sodium.crypto_aead_chacha20poly1305_ietf_abytes() crypto_pwhash_SALTBYTES = sodium.crypto_pwhash_saltbytes() crypto_pwhash_STRBYTES = sodium.crypto_pwhash_strbytes() crypto_pwhash_OPSLIMIT_INTERACTIVE = sodium.crypto_pwhash_opslimit_interactive() crypto_pwhash_MEMLIMIT_INTERACTIVE = sodium.crypto_pwhash_memlimit_interactive() crypto_pwhash_OPSLIMIT_MODERATE = sodium.crypto_pwhash_opslimit_moderate() crypto_pwhash_MEMLIMIT_MODERATE = sodium.crypto_pwhash_memlimit_moderate() crypto_pwhash_OPSLIMIT_SENSITIVE = sodium.crypto_pwhash_opslimit_sensitive() crypto_pwhash_MEMLIMIT_SENSITIVE = sodium.crypto_pwhash_memlimit_sensitive() crypto_pwhash_ALG_DEFAULT = sodium.crypto_pwhash_alg_default() crypto_pwhash_ALG_ARGON2I13 = sodium.crypto_pwhash_alg_argon2i13() crypto_pwhash_argon2i_OPSLIMIT_INTERACTIVE = sodium.crypto_pwhash_argon2i_opslimit_interactive() crypto_pwhash_argon2i_MEMLIMIT_INTERACTIVE = sodium.crypto_pwhash_argon2i_memlimit_interactive() crypto_pwhash_argon2i_OPSLIMIT_MODERATE = sodium.crypto_pwhash_argon2i_opslimit_moderate() crypto_pwhash_argon2i_MEMLIMIT_MODERATE = sodium.crypto_pwhash_argon2i_memlimit_moderate() crypto_pwhash_argon2i_OPSLIMIT_SENSITIVE = sodium.crypto_pwhash_argon2i_opslimit_sensitive() crypto_pwhash_argon2i_MEMLIMIT_SENSITIVE = sodium.crypto_pwhash_argon2i_memlimit_sensitive() else: crypto_pwhash_ALG_DEFAULT = None crypto_aead_chacha20poly1305_ietf_KEYBYTES = 32 crypto_aead_chacha20poly1305_ietf_NPUBBYTES = 12 crypto_aead_chacha20poly1305_ietf_ABYTES = 16 crypto_pwhash_BYTES_MAX = 4294967295 crypto_pwhash_BYTES_MIN = 16 crypto_pwhash_MEMLIMIT_MAX = 4398046510080 crypto_pwhash_MEMLIMIT_MIN = 1 crypto_pwhash_OPSLIMIT_MAX = 4294967295 crypto_pwhash_OPSLIMIT_MIN = 3 crypto_pwhash_PASSWD_MAX = 4294967295 crypto_pwhash_PASSWD_MIN = 0 crypto_aead_chacha20poly1305_ietf_NONCEBYTES = crypto_aead_chacha20poly1305_ietf_NPUBBYTES if sodium_version_check(1, 0, 12): crypto_kx_PUBLICKEYBYTES = sodium.crypto_kx_publickeybytes() crypto_kx_SECRETKEYBYTES = sodium.crypto_kx_secretkeybytes() crypto_kx_SESSIONKEYBYTES = sodium.crypto_kx_sessionkeybytes() crypto_aead_xchacha20poly1305_ietf_KEYBYTES = sodium.crypto_aead_xchacha20poly1305_ietf_keybytes() crypto_aead_xchacha20poly1305_ietf_NPUBBYTES = sodium.crypto_aead_xchacha20poly1305_ietf_npubbytes() crypto_aead_xchacha20poly1305_ietf_NONCEBYTES = crypto_aead_xchacha20poly1305_ietf_NPUBBYTES crypto_aead_xchacha20poly1305_ietf_ABYTES = sodium.crypto_aead_xchacha20poly1305_ietf_abytes() sodium.crypto_pwhash_bytes_max.restype=ctypes.c_uint sodium.crypto_pwhash_opslimit_max.restype=ctypes.c_uint sodium.crypto_pwhash_memlimit_max.restype=ctypes.c_uint sodium.crypto_pwhash_passwd_max.restype=ctypes.c_uint sodium.crypto_pwhash_scryptsalsa208sha256_bytes_max.restype=ctypes.c_uint sodium.crypto_pwhash_scryptsalsa208sha256_opslimit_max.restype=ctypes.c_uint sodium.crypto_pwhash_scryptsalsa208sha256_memlimit_max.restype=ctypes.c_ulonglong sodium.crypto_pwhash_scryptsalsa208sha256_passwd_max.restype=ctypes.c_uint crypto_pwhash_BYTES_MAX = sodium.crypto_pwhash_bytes_max() crypto_pwhash_BYTES_MIN = sodium.crypto_pwhash_bytes_min() crypto_pwhash_MEMLIMIT_MAX = sodium.crypto_pwhash_memlimit_max() crypto_pwhash_MEMLIMIT_MIN = sodium.crypto_pwhash_memlimit_min() crypto_pwhash_OPSLIMIT_MAX = sodium.crypto_pwhash_opslimit_max() crypto_pwhash_OPSLIMIT_MIN = sodium.crypto_pwhash_opslimit_min() crypto_pwhash_PASSWD_MAX = sodium.crypto_pwhash_passwd_max() crypto_pwhash_PASSWD_MIN = sodium.crypto_pwhash_passwd_min() crypto_pwhash_scryptsalsa208sha256_BYTES_MAX = sodium.crypto_pwhash_scryptsalsa208sha256_bytes_max() crypto_pwhash_scryptsalsa208sha256_BYTES_MIN = sodium.crypto_pwhash_scryptsalsa208sha256_bytes_min() crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MAX = sodium.crypto_pwhash_scryptsalsa208sha256_memlimit_max() crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MIN = sodium.crypto_pwhash_scryptsalsa208sha256_memlimit_min() crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MAX = sodium.crypto_pwhash_scryptsalsa208sha256_opslimit_max() crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MIN = sodium.crypto_pwhash_scryptsalsa208sha256_opslimit_min() crypto_pwhash_scryptsalsa208sha256_PASSWD_MAX = sodium.crypto_pwhash_scryptsalsa208sha256_passwd_max() crypto_pwhash_scryptsalsa208sha256_PASSWD_MIN = sodium.crypto_pwhash_scryptsalsa208sha256_passwd_min() else: crypto_pwhash_scryptsalsa208sha256_BYTES_MIN = 16 crypto_pwhash_scryptsalsa208sha256_BYTES_MAX = 4294967264 crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MAX = 68719476736 crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MIN = 16777216 crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MIN = 32768 crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MAX =4294967295 crypto_pwhash_scryptsalsa208sha256_PASSWD_MAX = 4294967295 crypto_pwhash_scryptsalsa208sha256_PASSWD_MIN = 0 if sodium_version_check(1, 0, 13): crypto_pwhash_ALG_ARGON2ID13 = sodium.crypto_pwhash_alg_argon2id13() crypto_pwhash_argon2id_OPSLIMIT_INTERACTIVE = sodium.crypto_pwhash_argon2id_opslimit_interactive() crypto_pwhash_argon2id_MEMLIMIT_INTERACTIVE = sodium.crypto_pwhash_argon2id_memlimit_interactive() crypto_pwhash_argon2id_OPSLIMIT_MODERATE = sodium.crypto_pwhash_argon2id_opslimit_moderate() crypto_pwhash_argon2id_MEMLIMIT_MODERATE = sodium.crypto_pwhash_argon2id_memlimit_moderate() crypto_pwhash_argon2id_OPSLIMIT_SENSITIVE = sodium.crypto_pwhash_argon2id_opslimit_sensitive() crypto_pwhash_argon2id_MEMLIMIT_SENSITIVE = sodium.crypto_pwhash_argon2id_memlimit_sensitive() if sodium_version_check(1, 0, 15): crypto_secretstream_xchacha20poly1305_STATEBYTES = sodium.crypto_secretstream_xchacha20poly1305_statebytes() crypto_secretstream_xchacha20poly1305_ABYTES = sodium.crypto_secretstream_xchacha20poly1305_abytes() crypto_secretstream_xchacha20poly1305_HEADERBYTES = sodium.crypto_secretstream_xchacha20poly1305_headerbytes() crypto_secretstream_xchacha20poly1305_KEYBYTES = sodium.crypto_secretstream_xchacha20poly1305_keybytes() sodium.crypto_secretstream_xchacha20poly1305_messagebytes_max.restype = ctypes.c_size_t crypto_secretstream_xchacha20poly1305_MESSAGEBYTES_MAX = sodium.crypto_secretstream_xchacha20poly1305_messagebytes_max() crypto_secretstream_xchacha20poly1305_TAG_MESSAGE = sodium.crypto_secretstream_xchacha20poly1305_tag_message() crypto_secretstream_xchacha20poly1305_TAG_PUSH = sodium.crypto_secretstream_xchacha20poly1305_tag_push() crypto_secretstream_xchacha20poly1305_TAG_REKEY = sodium.crypto_secretstream_xchacha20poly1305_tag_rekey() crypto_secretstream_xchacha20poly1305_TAG_FINAL = sodium.crypto_secretstream_xchacha20poly1305_tag_final() if sodium_version_check(1, 0, 18): crypto_core_ristretto255_BYTES = sodium.crypto_core_ristretto255_bytes() crypto_core_ristretto255_HASHBYTES = sodium.crypto_core_ristretto255_hashbytes() crypto_core_ristretto255_SCALARBYTES = sodium.crypto_core_ristretto255_scalarbytes() crypto_core_ristretto255_NONREDUCEDSCALARBYTES = sodium.crypto_core_ristretto255_nonreducedscalarbytes() crypto_auth_hmacsha256_BYTES = sodium.crypto_auth_hmacsha256_bytes() crypto_auth_hmacsha256_KEYBYTES = sodium.crypto_auth_hmacsha256_keybytes() crypto_hash_sha256_STATEBYTES = sodium.crypto_hash_sha256_statebytes() crypto_auth_hmacsha512_BYTES = sodium.crypto_auth_hmacsha512_bytes() crypto_auth_hmacsha512_KEYBYTES = sodium.crypto_auth_hmacsha512_keybytes() crypto_hash_sha512_STATEBYTES = sodium.crypto_hash_sha512_statebytes() crypto_auth_hmacsha512256_BYTES = sodium.crypto_auth_hmacsha512256_bytes() crypto_auth_hmacsha512256_KEYBYTES = sodium.crypto_auth_hmacsha512256_keybytes() if sodium_version_check(1, 0, 19): crypto_kdf_hkdf_sha256_KEYBYTES = sodium.crypto_kdf_hkdf_sha256_keybytes() crypto_kdf_hkdf_sha256_BYTES_MIN = sodium.crypto_kdf_hkdf_sha256_bytes_min() crypto_kdf_hkdf_sha256_BYTES_MAX = sodium.crypto_kdf_hkdf_sha256_bytes_max() crypto_kdf_hkdf_sha256_STATEBYTES = sodium.crypto_kdf_hkdf_sha256_statebytes() crypto_kdf_hkdf_sha512_KEYBYTES = sodium.crypto_kdf_hkdf_sha512_keybytes() crypto_kdf_hkdf_sha512_BYTES_MIN = sodium.crypto_kdf_hkdf_sha512_bytes_min() crypto_kdf_hkdf_sha512_BYTES_MAX = sodium.crypto_kdf_hkdf_sha512_bytes_max() crypto_aead_aegis128l_KEYBYTES = sodium.crypto_aead_aegis128l_keybytes() crypto_aead_aegis128l_NPUBBYTES = sodium.crypto_aead_aegis128l_npubbytes() crypto_aead_aegis128l_NONCEBYTES = crypto_aead_aegis128l_NPUBBYTES crypto_aead_aegis128l_ABYTES = sodium.crypto_aead_aegis128l_abytes() sodium.crypto_aead_aegis128l_messagebytes_max.restype = ctypes.c_size_t crypto_aead_aegis128l_MESSAGEBYTES_MAX = sodium.crypto_aead_aegis128l_messagebytes_max() crypto_aead_aegis256_KEYBYTES = sodium.crypto_aead_aegis256_keybytes() crypto_aead_aegis256_NPUBBYTES = sodium.crypto_aead_aegis256_npubbytes() crypto_aead_aegis256_NONCEBYTES = crypto_aead_aegis256_NPUBBYTES crypto_aead_aegis256_ABYTES = sodium.crypto_aead_aegis256_abytes() sodium.crypto_aead_aegis256_messagebytes_max.restype = ctypes.c_size_t crypto_aead_aegis256_MESSAGEBYTES_MAX = sodium.crypto_aead_aegis256_messagebytes_max() if sodium_version_check(1, 0, 20): crypto_kdf_hkdf_sha512_STATEBYTES = sodium.crypto_kdf_hkdf_sha512_statebytes() sodium_init = sodium.sodium_init class CryptoSignState(ctypes.Structure): _pack_ = 1 _fields_ = [ ('state', ctypes.c_uint64 * 8), ('count', ctypes.c_uint64 * 2), ('buf', ctypes.c_uint8 * 128) ] def __check(code): if code != 0: raise ValueError def pad_buf(buf, length, name = 'buf'): buflen = len(buf) if buflen > length: raise ValueError("Cannot pad %s (len: %d - expected %d or less)" % (name, buflen, length)) padding = length - buflen if padding > 0: return buf + b"\x00"*padding else: return buf # int crypto_scalarmult_base(unsigned char *q, const unsigned char *n); def crypto_scalarmult_base(n): if n is None: raise ValueError("invalid parameters") if len(n) != crypto_scalarmult_SCALARBYTES: raise ValueError("truncated scalar") q = ctypes.create_string_buffer(crypto_scalarmult_BYTES) __check(sodium.crypto_scalarmult_base(q, n)) return q.raw def crypto_scalarmult_curve25519(n, p): if None in (n,p): raise ValueError("invalid parameters") if len(n) != crypto_scalarmult_SCALARBYTES: raise ValueError("truncated scalar") if len(p) != crypto_scalarmult_BYTES: raise ValueError("truncated point") buf = ctypes.create_string_buffer(crypto_scalarmult_BYTES) __check(sodium.crypto_scalarmult_curve25519(buf, n, p)) return buf.raw def crypto_scalarmult_curve25519_base(n): if n is None: raise ValueError("invalid parameters") if len(n) != crypto_scalarmult_SCALARBYTES: raise ValueError("truncated scalar") buf = ctypes.create_string_buffer(crypto_scalarmult_BYTES) __check(sodium.crypto_scalarmult_curve25519_base(buf, n)) return buf.raw # crypto_stream_chacha20_xor(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, const unsigned char *k) def crypto_stream_chacha20_xor(message, nonce, key): if len(nonce) != crypto_stream_chacha20_NONCEBYTES: raise ValueError("truncated nonce") if len(key) != crypto_stream_chacha20_KEYBYTES: raise ValueError("truncated key") mlen = ctypes.c_longlong(len(message)) c = ctypes.create_string_buffer(len(message)) __check(sodium.crypto_stream_chacha20_xor(c, message, mlen, nonce, key)) return c.raw # crypto_stream_chacha20_xor_ic(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, uint64_t ic, const unsigned char *k) def crypto_stream_chacha20_xor_ic(message, nonce, initial_counter, key): if len(nonce) != crypto_stream_chacha20_NONCEBYTES: raise ValueError("truncated nonce") if len(key) != crypto_stream_chacha20_KEYBYTES: raise ValueError("truncated key") mlen = ctypes.c_longlong(len(message)) ic = ctypes.c_uint64(initial_counter) c = ctypes.create_string_buffer(len(message)) __check(sodium.crypto_stream_chacha20_xor_ic(c, message, mlen, nonce, ic, key)) return c.raw # crypto_stream_chacha20_ietf_xor(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, const unsigned char *k) def crypto_stream_chacha20_ietf_xor(message, nonce, key): if len(nonce) != crypto_stream_chacha20_ietf_NONCEBYTES: raise ValueError("truncated nonce") if len(key) != crypto_stream_chacha20_ietf_KEYBYTES: raise ValueError("truncated key") mlen = ctypes.c_longlong(len(message)) c = ctypes.create_string_buffer(len(message)) __check(sodium.crypto_stream_chacha20_ietf_xor(c, message, mlen, nonce, key)) return c.raw # crypto_stream_chacha20_ietf_xor_ic(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, uint64_t ic, const unsigned char *k) def crypto_stream_chacha20_ietf_xor_ic(message, nonce, initial_counter, key): if len(nonce) != crypto_stream_chacha20_ietf_NONCEBYTES: raise ValueError("truncated nonce") if len(key) != crypto_stream_chacha20_ietf_KEYBYTES: raise ValueError("truncated key") mlen = ctypes.c_longlong(len(message)) ic = ctypes.c_uint64(initial_counter) c = ctypes.create_string_buffer(len(message)) __check(sodium.crypto_stream_chacha20_ietf_xor_ic(c, message, mlen, nonce, ic, key)) return c.raw # crypto_stream_xchacha20_xor(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, const unsigned char *k) def crypto_stream_xchacha20_xor(message, nonce, key): if len(nonce) != crypto_stream_xchacha20_NONCEBYTES: raise ValueError("truncated nonce") if len(key) != crypto_stream_xchacha20_KEYBYTES: raise ValueError("truncated key") mlen = ctypes.c_longlong(len(message)) c = ctypes.create_string_buffer(len(message)) __check(sodium.crypto_stream_xchacha20_xor(c, message, mlen, nonce, key)) return c.raw # crypto_stream_xchacha20_xor_ic(unsigned char *c, const unsigned char *m, unsigned long long mlen, const unsigned char *n, uint64_t ic, const unsigned char *k) def crypto_stream_xchacha20_xor_ic(message, nonce, initial_counter, key): if len(nonce) != crypto_stream_xchacha20_NONCEBYTES: raise ValueError("truncated nonce") if len(key) != crypto_stream_xchacha20_KEYBYTES: raise ValueError("truncated key") mlen = ctypes.c_longlong(len(message)) ic = ctypes.c_uint64(initial_counter) c = ctypes.create_string_buffer(len(message)) __check(sodium.crypto_stream_xchacha20_xor_ic(c, message, mlen, nonce, ic, key)) return c.raw # crypto_aead_chacha20poly1305_encrypt(unsigned char *c, unsigned long long *clen, const unsigned char *m, unsigned long long mlen, const unsigned char *ad, unsigned long long adlen, const unsigned char *nsec, const unsigned char *npub, const unsigned char *k); def crypto_aead_chacha20poly1305_encrypt(message, ad, nonce, key): if len(nonce) != crypto_aead_chacha20poly1305_NONCEBYTES: raise ValueError("truncated nonce") if len(key) != crypto_aead_chacha20poly1305_KEYBYTES: raise ValueError("truncated key") mlen = ctypes.c_ulonglong(len(message)) adlen = ctypes.c_ulonglong(len(ad)) if ad is not None else ctypes.c_ulonglong(0) c = ctypes.create_string_buffer(mlen.value + crypto_aead_chacha20poly1305_ABYTES) clen = ctypes.c_ulonglong(0) __check(sodium.crypto_aead_chacha20poly1305_encrypt(c, ctypes.byref(clen), message, mlen, ad, adlen, None, nonce, key)) return c.raw # crypto_aead_chacha20poly1305_decrypt(unsigned char *m, unsigned long long *mlen, unsigned char *nsec, const unsigned char *c, unsigned long long clen, const unsigned char *ad, unsigned long long adlen, const unsigned char *npub, const unsigned char *k) def crypto_aead_chacha20poly1305_decrypt(ciphertext, ad, nonce, key): if len(nonce) != crypto_aead_chacha20poly1305_NONCEBYTES: raise ValueError("truncated nonce") if len(key) != crypto_aead_chacha20poly1305_KEYBYTES: raise ValueError("truncated key") m = ctypes.create_string_buffer(len(ciphertext) - crypto_aead_chacha20poly1305_ABYTES) mlen = ctypes.c_ulonglong(0) clen = ctypes.c_ulonglong(len(ciphertext)) adlen = ctypes.c_ulonglong(len(ad)) if ad is not None else ctypes.c_ulonglong(0) __check(sodium.crypto_aead_chacha20poly1305_decrypt(m, ctypes.byref(mlen), None, ciphertext, clen, ad, adlen, nonce, key)) return m.raw # crypto_aead_chacha20poly1305_encrypt_detached(unsigned char *c, unsigned char *mac, unsigned long long *maclen_p, const unsigned char *m, unsigned long long mlen, const unsigned char *ad, unsigned long long adlen, const unsigned char *nsec, const unsigned char *npub, const unsigned char *k) @sodium_version(1, 0, 9) def crypto_aead_chacha20poly1305_encrypt_detached(message, ad, nonce, key): """ Return ciphertext, mac tag """ if len(nonce) != crypto_aead_chacha20poly1305_NONCEBYTES: raise ValueError("truncated nonce") if len(key) != crypto_aead_chacha20poly1305_KEYBYTES: raise ValueError("truncated key") mlen = ctypes.c_ulonglong(len(message)) adlen = ctypes.c_ulonglong(len(ad)) if ad is not None else ctypes.c_ulonglong(0) c = ctypes.create_string_buffer(mlen.value) maclen_p = ctypes.c_ulonglong(crypto_aead_chacha20poly1305_ABYTES) mac = ctypes.create_string_buffer(maclen_p.value) __check(sodium.crypto_aead_chacha20poly1305_encrypt_detached(c, mac, ctypes.byref(maclen_p), message, mlen, ad, adlen, None, nonce, key)) return c.raw, mac.raw # crypto_aead_chacha20poly1305_decrypt_detached(unsigned char *m, unsigned char *nsec, const unsigned char *c, unsigned long long clen, const unsigned char *mac, const unsigned char *ad, unsigned long long adlen, const unsigned char *npub, const unsigned char *k) @sodium_version(1, 0, 9) def crypto_aead_chacha20poly1305_decrypt_detached(ciphertext, mac, ad, nonce, key): """ Return message if successful or -1 (ValueError) if not successful""" if len(nonce) != crypto_aead_chacha20poly1305_NONCEBYTES: raise ValueError("truncated nonce") if len(key) != crypto_aead_chacha20poly1305_KEYBYTES: raise ValueError("truncated key") if len(mac) != crypto_aead_chacha20poly1305_ABYTES: raise ValueError("mac length != %i" % crypto_aead_chacha20poly1305_ABYTES) clen = ctypes.c_ulonglong(len(ciphertext)) m = ctypes.create_string_buffer(clen.value) adlen = ctypes.c_ulonglong(len(ad)) if ad is not None else ctypes.c_ulonglong(0) __check(sodium.crypto_aead_chacha20poly1305_decrypt_detached(m, None, ciphertext, clen, mac, ad, adlen, nonce, key)) return m.raw # crypto_aead_aegis128l_encrypt(unsigned char *c, unsigned long long *clen, const unsigned char *m, unsigned long long mlen, const unsigned char *ad, unsigned long long adlen, const unsigned char *nsec, const unsigned char *npub, const unsigned char *k); @sodium_version(1, 0, 19) def crypto_aead_aegis128l_encrypt(message, ad, nonce, key): if len(nonce) != crypto_aead_aegis128l_NONCEBYTES: raise ValueError("truncated nonce") if len(key) != crypto_aead_aegis128l_KEYBYTES: raise ValueError("truncated key") mlen = ctypes.c_ulonglong(len(message)) adlen = ctypes.c_ulonglong(len(ad)) if ad is not None else ctypes.c_ulonglong(0) c = ctypes.create_string_buffer(mlen.value + crypto_aead_aegis128l_ABYTES) clen = ctypes.c_ulonglong(0) __check(sodium.crypto_aead_aegis128l_encrypt(c, ctypes.byref(clen), message, mlen, ad, adlen, None, nonce, key)) return c.raw # crypto_aead_aegis128l_decrypt(unsigned char *m, unsigned long long *mlen, unsigned char *nsec, const unsigned char *c, unsigned long long clen, const unsigned char *ad, unsigned long long adlen, const unsigned char *npub, const unsigned char *k) @sodium_version(1, 0, 19) def crypto_aead_aegis128l_decrypt(ciphertext, ad, nonce, key): if len(nonce) != crypto_aead_aegis128l_NONCEBYTES: raise ValueError("truncated nonce") if len(key) != crypto_aead_aegis128l_KEYBYTES: raise ValueError("truncated key") m = ctypes.create_string_buffer(len(ciphertext) - crypto_aead_aegis128l_ABYTES) mlen = ctypes.c_ulonglong(0) clen = ctypes.c_ulonglong(len(ciphertext)) adlen = ctypes.c_ulonglong(len(ad)) if ad is not None else ctypes.c_ulonglong(0) __check(sodium.crypto_aead_aegis128l_decrypt(m, ctypes.byref(mlen), None, ciphertext, clen, ad, adlen, nonce, key)) return m.raw # crypto_aead_aegis128l_encrypt_detached(unsigned char *c, unsigned char *mac, unsigned long long *maclen_p, const unsigned char *m, unsigned long long mlen, const unsigned char *ad, unsigned long long adlen, const unsigned char *nsec, const unsigned char *npub, const unsigned char *k) @sodium_version(1, 0, 19) def crypto_aead_aegis128l_encrypt_detached(message, ad, nonce, key): """ Return ciphertext, mac tag """ if len(nonce) != crypto_aead_aegis128l_NONCEBYTES: raise ValueError("truncated nonce") if len(key) != crypto_aead_aegis128l_KEYBYTES: raise ValueError("truncated key") mlen = ctypes.c_ulonglong(len(message)) adlen = ctypes.c_ulonglong(len(ad)) if ad is not None else ctypes.c_ulonglong(0) c = ctypes.create_string_buffer(mlen.value) maclen_p = ctypes.c_ulonglong(crypto_aead_aegis128l_ABYTES) mac = ctypes.create_string_buffer(maclen_p.value) __check(sodium.crypto_aead_aegis128l_encrypt_detached(c, mac, ctypes.byref(maclen_p), message, mlen, ad, adlen, None, nonce, key)) return c.raw, mac.raw # crypto_aead_aegis128l_decrypt_detached(unsigned char *m, unsigned char *nsec, const unsigned char *c, unsigned long long clen, const unsigned char *mac, const unsigned char *ad, unsigned long long adlen, const unsigned char *npub, const unsigned char *k) @sodium_version(1, 0, 19) def crypto_aead_aegis128l_decrypt_detached(ciphertext, mac, ad, nonce, key): """ Return message if successful or -1 (ValueError) if not successful""" if len(nonce) != crypto_aead_aegis128l_NONCEBYTES: raise ValueError("truncated nonce") if len(key) != crypto_aead_aegis128l_KEYBYTES: raise ValueError("truncated key") if len(mac) != crypto_aead_aegis128l_ABYTES: raise ValueError("mac length != %i" % crypto_aead_aegis128l_ABYTES) clen = ctypes.c_ulonglong(len(ciphertext)) m = ctypes.create_string_buffer(clen.value) adlen = ctypes.c_ulonglong(len(ad)) if ad is not None else ctypes.c_ulonglong(0) __check(sodium.crypto_aead_aegis128l_decrypt_detached(m, None, ciphertext, clen, mac, ad, adlen, nonce, key)) return m.raw # crypto_aead_aegis256_encrypt(unsigned char *c, unsigned long long *clen, const unsigned char *m, unsigned long long mlen, const unsigned char *ad, unsigned long long adlen, const unsigned char *nsec, const unsigned char *npub, const unsigned char *k); @sodium_version(1, 0, 19) def crypto_aead_aegis256_encrypt(message, ad, nonce, key): if len(nonce) != crypto_aead_aegis256_NONCEBYTES: raise ValueError("truncated nonce") if len(key) != crypto_aead_aegis256_KEYBYTES: raise ValueError("truncated key") mlen = ctypes.c_ulonglong(len(message)) adlen = ctypes.c_ulonglong(len(ad)) if ad is not None else ctypes.c_ulonglong(0) c = ctypes.create_string_buffer(mlen.value + crypto_aead_aegis256_ABYTES) clen = ctypes.c_ulonglong(0) __check(sodium.crypto_aead_aegis256_encrypt(c, ctypes.byref(clen), message, mlen, ad, adlen, None, nonce, key)) return c.raw # crypto_aead_aegis256_decrypt(unsigned char *m, unsigned long long *mlen, unsigned char *nsec, const unsigned char *c, unsigned long long clen, const unsigned char *ad, unsigned long long adlen, const unsigned char *npub, const unsigned char *k) @sodium_version(1, 0, 19) def crypto_aead_aegis256_decrypt(ciphertext, ad, nonce, key): if len(nonce) != crypto_aead_aegis256_NONCEBYTES: raise ValueError("truncated nonce") if len(key) != crypto_aead_aegis256_KEYBYTES: raise ValueError("truncated key") m = ctypes.create_string_buffer(len(ciphertext) - crypto_aead_aegis256_ABYTES) mlen = ctypes.c_ulonglong(0) clen = ctypes.c_ulonglong(len(ciphertext)) adlen = ctypes.c_ulonglong(len(ad)) if ad is not None else ctypes.c_ulonglong(0) __check(sodium.crypto_aead_aegis256_decrypt(m, ctypes.byref(mlen), None, ciphertext, clen, ad, adlen, nonce, key)) return m.raw # crypto_aead_aegis256_encrypt_detached(unsigned char *c, unsigned char *mac, unsigned long long *maclen_p, const unsigned char *m, unsigned long long mlen, const unsigned char *ad, unsigned long long adlen, const unsigned char *nsec, const unsigned char *npub, const unsigned char *k) @sodium_version(1, 0, 19) def crypto_aead_aegis256_encrypt_detached(message, ad, nonce, key): """ Return ciphertext, mac tag """ if len(nonce) != crypto_aead_aegis256_NONCEBYTES: raise ValueError("truncated nonce") if len(key) != crypto_aead_aegis256_KEYBYTES: raise ValueError("truncated key") mlen = ctypes.c_ulonglong(len(message)) adlen = ctypes.c_ulonglong(len(ad)) if ad is not None else ctypes.c_ulonglong(0) c = ctypes.create_string_buffer(mlen.value) maclen_p = ctypes.c_ulonglong(crypto_aead_aegis256_ABYTES) mac = ctypes.create_string_buffer(maclen_p.value) __check(sodium.crypto_aead_aegis256_encrypt_detached(c, mac, ctypes.byref(maclen_p), message, mlen, ad, adlen, None, nonce, key)) return c.raw, mac.raw # crypto_aead_aegis256_decrypt_detached(unsigned char *m, unsigned char *nsec, const unsigned char *c, unsigned long long clen, const unsigned char *mac, const unsigned char *ad, unsigned long long adlen, const unsigned char *npub, const unsigned char *k) @sodium_version(1, 0, 19) def crypto_aead_aegis256_decrypt_detached(ciphertext, mac, ad, nonce, key): """ Return message if successful or -1 (ValueError) if not successful""" if len(nonce) != crypto_aead_aegis256_NONCEBYTES: raise ValueError("truncated nonce") if len(key) != crypto_aead_aegis256_KEYBYTES: raise ValueError("truncated key") if len(mac) != crypto_aead_aegis256_ABYTES: raise ValueError("mac length != %i" % crypto_aead_aegis256_ABYTES) clen = ctypes.c_ulonglong(len(ciphertext)) m = ctypes.create_string_buffer(clen.value) adlen = ctypes.c_ulonglong(len(ad)) if ad is not None else ctypes.c_ulonglong(0) __check(sodium.crypto_aead_aegis256_decrypt_detached(m, None, ciphertext, clen, mac, ad, adlen, nonce, key)) return m.raw # crypto_aead_chacha20poly1305_ietf_encrypt(unsigned char *c, unsigned long long *clen_p, const unsigned char *m, unsigned long long mlen, const unsigned char *ad, unsigned long long adlen, const unsigned char *nsec, const unsigned char *npub, const unsigned char *k) @sodium_version(1, 0, 4) def crypto_aead_chacha20poly1305_ietf_encrypt(message, ad, nonce, key): if len(nonce) != crypto_aead_chacha20poly1305_ietf_NONCEBYTES: raise ValueError("truncated nonce") if len(key) != crypto_aead_chacha20poly1305_ietf_KEYBYTES: raise ValueError("truncated key") mlen = ctypes.c_ulonglong(len(message)) adlen = ctypes.c_ulonglong(len(ad)) if ad is not None else ctypes.c_ulonglong(0) c = ctypes.create_string_buffer(mlen.value + crypto_aead_chacha20poly1305_ietf_ABYTES) clen = ctypes.c_ulonglong(0) __check(sodium.crypto_aead_chacha20poly1305_ietf_encrypt(c, ctypes.byref(clen), message, mlen, ad, adlen, None, nonce, key)) return c.raw # crypto_aead_chacha20poly1305_ietf_decrypt(unsigned char *m, unsigned long long *mlen, unsigned char *nsec, const unsigned char *c, unsigned long long clen, const unsigned char *ad, unsigned long long adlen, const unsigned char *npub, const unsigned char *k) @sodium_version(1, 0, 4) def crypto_aead_chacha20poly1305_ietf_decrypt(ciphertext, ad, nonce, key): if len(nonce) != crypto_aead_chacha20poly1305_ietf_NONCEBYTES: raise ValueError("truncated nonce") if len(key) != crypto_aead_chacha20poly1305_ietf_KEYBYTES: raise ValueError("truncated key") m = ctypes.create_string_buffer(len(ciphertext) - crypto_aead_chacha20poly1305_ietf_ABYTES) mlen = ctypes.c_ulonglong(0) clen = ctypes.c_ulonglong(len(ciphertext)) adlen = ctypes.c_ulonglong(len(ad)) if ad is not None else ctypes.c_ulonglong(0) __check(sodium.crypto_aead_chacha20poly1305_ietf_decrypt(m, ctypes.byref(mlen), None, ciphertext, clen, ad, adlen, nonce, key)) return m.raw # crypto_aead_chacha20poly1305_ietf_encrypt_detached(unsigned char *c, unsigned char *mac, unsigned long long *maclen_p, const unsigned char *m, unsigned long long mlen, const unsigned char *ad, unsigned long long adlen, const unsigned char *nsec, const unsigned char *npub, const unsigned char *k) @sodium_version(1, 0, 9) def crypto_aead_chacha20poly1305_ietf_encrypt_detached(message, ad, nonce, key): """ Return ciphertext, mac tag """ if len(nonce) != crypto_aead_chacha20poly1305_ietf_NONCEBYTES: raise ValueError("truncated nonce") if len(key) != crypto_aead_chacha20poly1305_ietf_KEYBYTES: raise ValueError("truncated key") mlen = ctypes.c_ulonglong(len(message)) adlen = ctypes.c_ulonglong(len(ad)) if ad is not None else ctypes.c_ulonglong(0) c = ctypes.create_string_buffer(mlen.value) maclen_p = ctypes.c_ulonglong(crypto_aead_chacha20poly1305_ietf_ABYTES) mac = ctypes.create_string_buffer(maclen_p.value) __check(sodium.crypto_aead_chacha20poly1305_ietf_encrypt_detached(c, mac, ctypes.byref(maclen_p), message, mlen, ad, adlen, None, nonce, key)) return c.raw, mac.raw # crypto_aead_chacha20poly1305_ietf_decrypt_detached(unsigned char *m, unsigned char *nsec, const unsigned char *c, unsigned long long clen, const unsigned char *mac, const unsigned char *ad, unsigned long long adlen, const unsigned char *npub, const unsigned char *k) @sodium_version(1, 0, 9) def crypto_aead_chacha20poly1305_ietf_decrypt_detached(ciphertext, mac, ad, nonce, key): """ Return message if successful or -1 (ValueError) if not successful""" if len(nonce) != crypto_aead_chacha20poly1305_ietf_NONCEBYTES: raise ValueError("truncated nonce") if len(key) != crypto_aead_chacha20poly1305_ietf_KEYBYTES: raise ValueError("truncated key") if len(mac) != crypto_aead_chacha20poly1305_ietf_ABYTES: raise ValueError("mac length != %i" % crypto_aead_chacha20poly1305_ietf_ABYTES) clen = ctypes.c_ulonglong(len(ciphertext)) m = ctypes.create_string_buffer(clen.value) adlen = ctypes.c_ulonglong(len(ad)) if ad is not None else ctypes.c_ulonglong(0) __check(sodium.crypto_aead_chacha20poly1305_ietf_decrypt_detached(m, None, ciphertext, clen, mac, ad, adlen, nonce, key)) return m.raw #crypto_aead_xchacha20poly1305_ietf_encrypt(ciphertext, &ciphertext_len, # message, message_len, # additional_data, additional_data_len, # null, nonce, key); @sodium_version(1, 0, 12) def crypto_aead_xchacha20poly1305_ietf_encrypt(message, ad, nonce, key): if len(nonce) != crypto_aead_xchacha20poly1305_ietf_NPUBBYTES: raise ValueError("truncated nonce") if len(key) != crypto_aead_xchacha20poly1305_ietf_KEYBYTES: raise ValueError("truncated key") mlen = ctypes.c_ulonglong(len(message)) adlen = ctypes.c_ulonglong(len(ad)) if ad is not None else ctypes.c_ulonglong(0) c = ctypes.create_string_buffer(mlen.value + crypto_aead_xchacha20poly1305_ietf_ABYTES) clen = ctypes.c_ulonglong(0) __check(sodium.crypto_aead_xchacha20poly1305_ietf_encrypt(c, ctypes.byref(clen), message, mlen, ad, adlen, None, nonce, key)) return c.raw #crypto_aead_xchacha20poly1305_ietf_decrypt(decrypted, &decrypted_len, # null, # ciphertext, ciphertext_len, # additional_data, additional_data_len, # nonce, key); @sodium_version(1, 0, 12) def crypto_aead_xchacha20poly1305_ietf_decrypt(ciphertext, ad, nonce, key): if len(nonce) != crypto_aead_xchacha20poly1305_ietf_NPUBBYTES: raise ValueError("truncated nonce") if len(key) != crypto_aead_xchacha20poly1305_ietf_KEYBYTES: raise ValueError("truncated key") m = ctypes.create_string_buffer(len(ciphertext) - crypto_aead_xchacha20poly1305_ietf_ABYTES) mlen = ctypes.c_ulonglong(0) clen = ctypes.c_ulonglong(len(ciphertext)) adlen = ctypes.c_ulonglong(len(ad)) if ad is not None else ctypes.c_ulonglong(0) __check(sodium.crypto_aead_xchacha20poly1305_ietf_decrypt(m, ctypes.byref(mlen), None, ciphertext, clen, ad, adlen, nonce, key)) return m.raw # crypto_auth(unsigned char *out, const unsigned char *in, unsigned long long inlen, const unsigned char *k) def crypto_auth(m, k): if m is None or k is None: raise ValueError("invalid parameters") if len(k) != crypto_auth_KEYBYTES: raise ValueError("invalid key") buf = ctypes.create_string_buffer(crypto_auth_BYTES) __check(sodium.crypto_auth(buf, m, ctypes.c_ulonglong(len(m)), k)) return buf.raw # crypto_auth_verify(const unsigned char *h, const unsigned char *in, unsigned long long inlen, const unsigned char *k) def crypto_auth_verify(h, m, k): if h is None or m is None or k is None: raise ValueError("invalid parameters") if len(k) != crypto_auth_KEYBYTES: raise ValueError("invalid key") if len(h) != crypto_auth_BYTES: raise ValueError("invalid tag") __check(sodium.crypto_auth_verify(h, m, ctypes.c_ulonglong(len(m)), k)) # void crypto_auth_hmacsha256_keygen(unsigned char k[crypto_auth_hmacsha256_KEYBYTES]); def crypto_auth_hmacsha256_keygen(): k = ctypes.create_string_buffer(crypto_auth_hmacsha256_KEYBYTES) sodium.crypto_auth_hmacsha256_keygen(k) return k.raw # int crypto_auth_hmacsha256(unsigned char *out, # const unsigned char *in, # unsigned long long inlen, # const unsigned char *k); def crypto_auth_hmacsha256(m, k): if not len(k) == crypto_auth_hmacsha256_KEYBYTES: raise ValueError("invalid parameters") buf = ctypes.create_string_buffer(crypto_auth_hmacsha256_BYTES) msg = ctypes.create_string_buffer(m) key = ctypes.create_string_buffer(k) __check( sodium.crypto_auth_hmacsha256( ctypes.byref(buf), ctypes.byref(msg), ctypes.c_ulonglong(len(m)), ctypes.byref(key), ) ) return buf.raw # int crypto_auth_hmacsha256_verify(const unsigned char *h, # const unsigned char *in, # unsigned long long inlen, # const unsigned char *k); def crypto_auth_hmacsha256_verify(h, m, k): if not len(k) == crypto_auth_hmacsha256_KEYBYTES: raise ValueError("invalid parameters") hmac = ctypes.create_string_buffer(h) msg = ctypes.create_string_buffer(m) mlen = ctypes.c_ulonglong(len(m)) key = ctypes.create_string_buffer(k) __check( sodium.crypto_auth_hmacsha256_verify( ctypes.byref(hmac), ctypes.byref(msg), mlen, ctypes.byref(key) ) ) # void crypto_auth_hmacsha512_keygen(unsigned char k[crypto_auth_hmacsha512_KEYBYTES]); def crypto_auth_hmacsha512_keygen(): k = ctypes.create_string_buffer(crypto_auth_hmacsha512_KEYBYTES) sodium.crypto_auth_hmacsha512_keygen(k) return k.raw # int crypto_auth_hmacsha512(unsigned char *out, # const unsigned char *in, # unsigned long long inlen, # const unsigned char *k); def crypto_auth_hmacsha512(m, k): if not len(k) == crypto_auth_hmacsha512_KEYBYTES: raise ValueError("invalid parameters") buf = ctypes.create_string_buffer(crypto_auth_hmacsha512_BYTES) msg = ctypes.create_string_buffer(m) key = ctypes.create_string_buffer(k) __check( sodium.crypto_auth_hmacsha512( ctypes.byref(buf), ctypes.byref(msg), ctypes.c_ulonglong(len(m)), ctypes.byref(key), ) ) return buf.raw # int crypto_auth_hmacsha512_verify(const unsigned char *h, # const unsigned char *in, # unsigned long long inlen, # const unsigned char *k); def crypto_auth_hmacsha512_verify(h, m, k): if not len(k) == crypto_auth_hmacsha512_KEYBYTES: raise ValueError("invalid parameters") hmac = ctypes.create_string_buffer(h) msg = ctypes.create_string_buffer(m) mlen = ctypes.c_ulonglong(len(m)) key = ctypes.create_string_buffer(k) __check( sodium.crypto_auth_hmacsha512_verify( ctypes.byref(hmac), ctypes.byref(msg), mlen, ctypes.byref(key) ) ) # void crypto_auth_hmacsha512256_keygen(unsigned char k[crypto_auth_hmacsha512256_KEYBYTES]); def crypto_auth_hmacsha512256_keygen(): k = ctypes.create_string_buffer(crypto_auth_hmacsha512256_KEYBYTES) sodium.crypto_auth_hmacsha512256_keygen(k) return k.raw # int crypto_auth_hmacsha512256(unsigned char *out, # const unsigned char *in, # unsigned long long inlen, # const unsigned char *k); def crypto_auth_hmacsha512256(m, k): if not len(k) == crypto_auth_hmacsha512256_KEYBYTES: raise ValueError("invalid parameters") buf = ctypes.create_string_buffer(crypto_auth_hmacsha512256_BYTES) msg = ctypes.create_string_buffer(m) key = ctypes.create_string_buffer(k) __check( sodium.crypto_auth_hmacsha512256( ctypes.byref(buf), ctypes.byref(msg), ctypes.c_ulonglong(len(m)), ctypes.byref(key), ) ) return buf.raw # int crypto_auth_hmacsha512256_verify(const unsigned char *h, # const unsigned char *in, # unsigned long long inlen, # const unsigned char *k); def crypto_auth_hmacsha512256_verify(h, m, k): if not len(k) == crypto_auth_hmacsha512256_KEYBYTES: raise ValueError("invalid parameters") hmac = ctypes.create_string_buffer(h) msg = ctypes.create_string_buffer(m) mlen = ctypes.c_ulonglong(len(m)) key = ctypes.create_string_buffer(k) __check( sodium.crypto_auth_hmacsha512256_verify( ctypes.byref(hmac), ctypes.byref(msg), mlen, ctypes.byref(key) ) ) # crypto_generichash(unsigned char *out, size_t outlen, const unsigned char *in, unsigned long long inlen, const unsigned char *key, size_t keylen) @encode_strings def crypto_generichash(m, k=b'', outlen=crypto_generichash_BYTES): buf = ctypes.create_string_buffer(outlen) __check(sodium.crypto_generichash(buf, ctypes.c_size_t(outlen), m, ctypes.c_ulonglong(len(m)), k, ctypes.c_size_t(len(k)))) return buf.raw # crypto_generichash_init(crypto_generichash_state *state, const unsigned char *key, const size_t keylen, const size_t outlen); @encode_strings def crypto_generichash_init(outlen=crypto_generichash_BYTES, k=b''): state = ctypes.create_string_buffer(crypto_generichash_STATEBYTES) __check(sodium.crypto_generichash_init(ctypes.byref(state), k, ctypes.c_size_t(len(k)), ctypes.c_size_t(outlen))) return state # crypto_generichash_update(crypto_generichash_state *state, const unsigned char *in, unsigned long long inlen); @encode_strings def crypto_generichash_update(state, m): if len(state) != crypto_generichash_STATEBYTES: raise ValueError("invalid state") __check(sodium.crypto_generichash_update(ctypes.byref(state), m, ctypes.c_ulonglong(len(m)))) return state # crypto_generichash_final(crypto_generichash_state *state, unsigned char *out, const size_t outlen); def crypto_generichash_final(state, outlen=crypto_generichash_BYTES): if len(state) != crypto_generichash_STATEBYTES: raise ValueError("invalid state") buf = ctypes.create_string_buffer(outlen) __check(sodium.crypto_generichash_final(ctypes.byref(state), buf, ctypes.c_size_t(outlen))) return buf.raw def crypto_generichash_blake2b_salt_personal(message, outlen = crypto_generichash_blake2b_BYTES, key = b'', salt = b'', personal = b''): keylen = len(key) if keylen != 0 and not crypto_generichash_blake2b_BYTES_MIN <= keylen <= crypto_generichash_blake2b_KEYBYTES_MAX: raise ValueError("%d <= len(key) <= %d - %d received" % (crypto_generichash_blake2b_BYTES_MIN, crypto_generichash_blake2b_KEYBYTES_MAX, keylen)) salt = pad_buf(salt, crypto_generichash_blake2b_SALTBYTES, 'salt') personal = pad_buf(personal, crypto_generichash_blake2b_PERSONALBYTES, 'personal') buf = ctypes.create_string_buffer(outlen) outlen = ctypes.c_size_t(outlen) inlen = ctypes.c_ulonglong(len(message)) keylen = ctypes.c_size_t(keylen) __check(sodium.crypto_generichash_blake2b_salt_personal(buf, outlen, message, inlen, key, keylen, salt, personal)) return buf.raw def randombytes(size): buf = ctypes.create_string_buffer(size) sodium.randombytes(buf, ctypes.c_ulonglong(size)) return buf.raw def crypto_box_keypair(): pk = ctypes.create_string_buffer(crypto_box_PUBLICKEYBYTES) sk = ctypes.create_string_buffer(crypto_box_SECRETKEYBYTES) __check(sodium.crypto_box_keypair(pk, sk)) return pk.raw, sk.raw # int crypto_box_seed_keypair(unsigned char *pk, unsigned char *sk, # const unsigned char *seed); def crypto_box_seed_keypair(seed): if seed is None: raise ValueError("invalid parameters") if len(seed) != crypto_box_SEEDBYTES: raise ValueError("invalid seed size") pk = ctypes.create_string_buffer(crypto_box_PUBLICKEYBYTES) sk = ctypes.create_string_buffer(crypto_box_SECRETKEYBYTES) __check(sodium.crypto_box_seed_keypair(pk, sk, seed)) return pk.raw, sk.raw def crypto_box_beforenm(pk, sk): if pk is None or sk is None: raise ValueError("invalid parameters") if len(pk) != crypto_box_PUBLICKEYBYTES: raise ValueError("pk incorrect size") if len(sk) != crypto_box_SECRETKEYBYTES: raise ValueError("sk incorrect size") c = ctypes.create_string_buffer(crypto_secretbox_KEYBYTES) __check(sodium.crypto_box_beforenm(c, pk, sk)) return c.raw def crypto_box(msg, nonce, pk, sk): if None in (msg, nonce, pk, sk): raise ValueError("invalid parameters") if len(pk) != crypto_box_PUBLICKEYBYTES: raise ValueError("pk incorrect size") if len(sk) != crypto_box_SECRETKEYBYTES: raise ValueError("sk incorrect size") if len(nonce) != crypto_box_NONCEBYTES: raise ValueError("nonce incorrect size") c = ctypes.create_string_buffer(crypto_box_MACBYTES + len(msg)) __check(sodium.crypto_box_easy(c, msg, ctypes.c_ulonglong(len(msg)), nonce, pk, sk)) return c.raw def crypto_box_afternm(msg, nonce, k): if None in (msg, nonce, k): raise ValueError("invalid parameters") if len(k) != crypto_box_BEFORENMBYTES: raise ValueError("k incorrect size") if len(nonce) != crypto_box_NONCEBYTES: raise ValueError("nonce incorrect size") c = ctypes.create_string_buffer(crypto_box_MACBYTES + len(msg)) __check(sodium.crypto_box_easy_afternm(c, msg, ctypes.c_ulonglong(len(msg)), nonce, k)) return c.raw def crypto_box_open(c, nonce, pk, sk): if None in (c, nonce, pk, sk): raise ValueError("invalid parameters") if len(pk) != crypto_box_PUBLICKEYBYTES: raise ValueError("pk incorrect size") if len(sk) != crypto_box_SECRETKEYBYTES: raise ValueError("sk incorrect size") if len(nonce) != crypto_box_NONCEBYTES: raise ValueError("nonce incorrect size") msg = ctypes.create_string_buffer(len(c) - crypto_box_MACBYTES) __check(sodium.crypto_box_open_easy(msg, c, ctypes.c_ulonglong(len(c)), nonce, pk, sk)) return msg.raw def crypto_box_open_afternm(c, nonce, k): if None in (c, nonce, k): raise ValueError("invalid parameters") if len(k) != crypto_box_BEFORENMBYTES: raise ValueError("k incorrect size") if len(nonce) != crypto_box_NONCEBYTES: raise ValueError("nonce incorrect size") msg = ctypes.create_string_buffer(len(c) - crypto_box_MACBYTES) __check(sodium.crypto_box_open_easy_afternm(msg, c, ctypes.c_ulonglong(len(c)), nonce, k)) return msg.raw def crypto_secretbox(msg, nonce, k): if None in (msg, nonce, k): raise ValueError("invalid parameters") if len(k) != crypto_secretbox_KEYBYTES: raise ValueError("k incorrect size") if len(nonce) != crypto_secretbox_NONCEBYTES: raise ValueError("nonce incorrect size") padded = b"\x00" * crypto_secretbox_ZEROBYTES + msg c = ctypes.create_string_buffer(len(padded)) __check(sodium.crypto_secretbox(c, padded, ctypes.c_ulonglong(len(padded)), nonce, k)) return c.raw[crypto_secretbox_BOXZEROBYTES:] def crypto_secretbox_open(c, nonce, k): if None in (c, nonce, k): raise ValueError("invalid parameters") if len(k) != crypto_secretbox_KEYBYTES: raise ValueError("k incorrect size") if len(nonce) != crypto_secretbox_NONCEBYTES: raise ValueError("nonce incorrect size") padded = b"\x00" * crypto_secretbox_BOXZEROBYTES + c msg = ctypes.create_string_buffer(len(padded)) __check(sodium.crypto_secretbox_open(msg, padded, ctypes.c_ulonglong(len(padded)), nonce, k)) return msg.raw[crypto_secretbox_ZEROBYTES:] # int crypto_box_seal(unsigned char *c, const unsigned char *m, # unsigned long long mlen, const unsigned char *pk); @sodium_version(1, 0, 3) def crypto_box_seal(msg, k): if msg is None or k is None: raise ValueError("invalid parameters") if len(k) != crypto_box_PUBLICKEYBYTES: raise ValueError("k incorrect size") c = ctypes.create_string_buffer(len(msg)+crypto_box_SEALBYTES) __check(sodium.crypto_box_seal(c, msg, ctypes.c_ulonglong(len(msg)), k)) return c.raw # int crypto_box_seal_open(unsigned char *m, const unsigned char *c, # unsigned long long clen, # const unsigned char *pk, const unsigned char *sk); @sodium_version(1, 0, 3) def crypto_box_seal_open(c, pk, sk): if None in (c, pk, sk): raise ValueError("invalid parameters") if len(pk) != crypto_box_PUBLICKEYBYTES: raise ValueError("pk incorrect size") if len(sk) != crypto_box_SECRETKEYBYTES: raise ValueError("sk incorrect size") msg = ctypes.create_string_buffer(len(c)-crypto_box_SEALBYTES) __check(sodium.crypto_box_seal_open(msg, c, ctypes.c_ulonglong(len(c)), pk, sk)) return msg.raw # int crypto_secretbox_detached(unsigned char *c, unsigned char *mac, # const unsigned char *m, # unsigned long long mlen, # const unsigned char *n, # const unsigned char *k); def crypto_secretbox_detached(msg, nonce, k): if None in (msg, nonce, k): raise ValueError("invalid parameters") if len(k) != crypto_secretbox_KEYBYTES: raise ValueError("key incorrect size") if len(nonce) != crypto_secretbox_NONCEBYTES: raise ValueError("nonce incorrect size") c = ctypes.create_string_buffer(len(msg)) mac = ctypes.create_string_buffer(crypto_secretbox_MACBYTES) __check(sodium.crypto_secretbox_detached(c, mac, msg, ctypes.c_ulonglong(len(msg)), nonce, k)) return c.raw, mac.raw # int crypto_secretbox_open_detached(unsigned char *m, # const unsigned char *c, # const unsigned char *mac, # unsigned long long clen, # const unsigned char *n, # const unsigned char *k); def crypto_secretbox_open_detached(c, mac, nonce, k): if None in (c, mac, nonce, k): raise ValueError("invalid parameters") if len(k) != crypto_secretbox_KEYBYTES: raise ValueError("key incorrect size") if len(nonce) != crypto_secretbox_NONCEBYTES: raise ValueError("nonce incorrect size") msg = ctypes.create_string_buffer(len(c)) __check(sodium.crypto_secretbox_open_detached(msg, c, mac, ctypes.c_ulonglong(len(c)), nonce, k)) return msg.raw # int crypto_box_detached(unsigned char *c, unsigned char *mac, # const unsigned char *m, unsigned long long mlen, # const unsigned char *n, const unsigned char *pk, # const unsigned char *sk); def crypto_box_detached(msg, nonce, pk, sk): if None in (msg, nonce, pk, sk): raise ValueError("invalid parameters") if len(pk) != crypto_box_PUBLICKEYBYTES: raise ValueError("pk incorrect size") if len(sk) != crypto_box_SECRETKEYBYTES: raise ValueError("sk incorrect size") if len(nonce) != crypto_box_NONCEBYTES: raise ValueError("nonce incorrect size") c = ctypes.create_string_buffer(len(msg)) mac = ctypes.create_string_buffer(crypto_box_MACBYTES) __check(sodium.crypto_box_detached(c, mac, msg, ctypes.c_ulonglong(len(msg)), nonce, pk, sk)) return c.raw, mac.raw # int crypto_box_open_detached(unsigned char *m, const unsigned char *c, # const unsigned char *mac, # unsigned long long clen, # const unsigned char *n, # const unsigned char *pk, # const unsigned char *sk); def crypto_box_open_detached(c, mac, nonce, pk, sk): if None in (c, mac, nonce, pk, sk): raise ValueError("invalid parameters") if len(pk) != crypto_box_PUBLICKEYBYTES: raise ValueError("pk incorrect size") if len(sk) != crypto_box_SECRETKEYBYTES: raise ValueError("sk incorrect size") if len(nonce) != crypto_box_NONCEBYTES: raise ValueError("nonce incorrect size") msg = ctypes.create_string_buffer(len(c)) __check(sodium.crypto_box_open_detached(msg, c, mac, ctypes.c_ulonglong(len(c)), nonce, pk, sk)) return msg.raw # void crypto_secretstream_xchacha20poly1305_keygen (unsigned char k[crypto_secretstream_xchacha20poly1305_KEYBYTES]) @sodium_version(1, 0, 15) def crypto_secretstream_xchacha20poly1305_keygen(): key = ctypes.create_string_buffer(crypto_secretstream_xchacha20poly1305_KEYBYTES) sodium.crypto_secretstream_xchacha20poly1305_keygen(ctypes.byref(key)) return key.raw # int crypto_secretstream_xchacha20poly1305_init_push(crypto_secretstream_xchacha20poly1305_state *state, # unsigned char out[crypto_secretstream_xchacha20poly1305_HEADERBYTES], # const unsigned char k[crypto_secretstream_xchacha20poly1305_KEYBYTES]) @sodium_version(1, 0, 15) def crypto_secretstream_xchacha20poly1305_init_push(key): if key == None: raise ValueError("invalid parameters") if not (len(key) == crypto_secretstream_xchacha20poly1305_KEYBYTES): raise ValueError("Truncated key") state = ctypes.create_string_buffer(crypto_secretstream_xchacha20poly1305_STATEBYTES) header = ctypes.create_string_buffer(crypto_secretstream_xchacha20poly1305_HEADERBYTES) __check(sodium.crypto_secretstream_xchacha20poly1305_init_push(state, header, key)) return state.raw, header.raw # int crypto_secretstream_xchacha20poly1305_init_pull(crypto_secretstream_xchacha20poly1305_state *state, # const unsigned char in[crypto_secretstream_xchacha20poly1305_HEADERBYTES], # const unsigned char k[crypto_secretstream_xchacha20poly1305_KEYBYTES]) @sodium_version(1, 0, 15) def crypto_secretstream_xchacha20poly1305_init_pull(header, key): if None in (header, key): raise ValueError("invalid parameters") if not (len(header) == crypto_secretstream_xchacha20poly1305_HEADERBYTES): raise ValueError("Truncated header") if not (len(key) == crypto_secretstream_xchacha20poly1305_KEYBYTES): raise ValueError("Truncated key") state = ctypes.create_string_buffer(crypto_secretstream_xchacha20poly1305_STATEBYTES) __check(sodium.crypto_secretstream_xchacha20poly1305_init_pull(state, header, key)) return state.raw #void crypto_secretstream_xchacha20poly1305_rekey (crypto_secretstream_xchacha20poly1305_state *state) @sodium_version(1, 0, 15) def crypto_secretstream_xchacha20poly1305_rekey(state): if state == None: raise ValueError("invalid parameters") if not (len(state) == crypto_secretstream_xchacha20poly1305_STATEBYTES): raise ValueError("Truncated state") sodium.crypto_secretstream_xchacha20poly1305_rekey(state) #int crypto_secretstream_xchacha20poly1305_push (crypto_secretstream_xchacha20poly1305_state *state, # unsigned char *out, # unsigned long long *outlen_p, # const unsigned char *m, # unsigned long long mlen, # const unsigned char *ad, # unsigned long long adlen, # unsigned char tag) @sodium_version(1, 0, 15) def crypto_secretstream_xchacha20poly1305_push(state, message, ad, tag): if None in (state, message): raise ValueError("invalid parameters") if not (len(state) == crypto_secretstream_xchacha20poly1305_STATEBYTES): raise ValueError("Truncated state") mlen = ctypes.c_ulonglong(len(message)) adlen = ctypes.c_ulonglong(len(ad)) if ad is not None else ctypes.c_ulonglong(0) c = ctypes.create_string_buffer(mlen.value + crypto_secretstream_xchacha20poly1305_ABYTES) clen = ctypes.c_ulonglong(0) __check(sodium.crypto_secretstream_xchacha20poly1305_push( state, # crypto_secretstream_xchacha20poly1305_state *state, c, # unsigned char *out ctypes.byref(clen), # unsigned long long *outlen_p, message, # const unsigned char *m, mlen, # unsigned long long mlen, ad, # const unsigned char *ad, adlen, # unsigned long long adlen, tag)) # unsigned char tag) return c.raw #crypto_secretstream_xchacha20poly1305_pull (crypto_secretstream_xchacha20poly1305_state *state, # unsigned char *m, # unsigned long long *mlen_p, # unsigned char *tag_p, # const unsigned char *in, # unsigned long long inlen, # const unsigned char *ad, # unsigned long long adlen) @sodium_version(1, 0, 15) def crypto_secretstream_xchacha20poly1305_pull(state, ciphertext, ad): if None in (state, ciphertext): raise ValueError("invalid parameters") if not (len(state) == crypto_secretstream_xchacha20poly1305_STATEBYTES): raise ValueError("Truncated state") if len(ciphertext) < crypto_secretstream_xchacha20poly1305_ABYTES: raise ValueError("truncated cyphertext") m = ctypes.create_string_buffer(len(ciphertext) - crypto_secretstream_xchacha20poly1305_ABYTES) mlen = ctypes.c_ulonglong(0) tag = ctypes.c_ubyte(0) clen = ctypes.c_ulonglong(len(ciphertext)) adlen = ctypes.c_ulonglong(len(ad)) if ad is not None else ctypes.c_ulonglong(0) __check(sodium.crypto_secretstream_xchacha20poly1305_pull( state, m, # char *m, ctypes.byref(mlen), # long long *mlen_p, ctypes.byref(tag), # char *tag_p, ciphertext, # unsigned char *in, clen, # long long inlen, ad, # unsigned char *ad, adlen # long long adlen) )) return m.raw, tag.value def crypto_sign_keypair(): pk = ctypes.create_string_buffer(crypto_sign_PUBLICKEYBYTES) sk = ctypes.create_string_buffer(crypto_sign_SECRETKEYBYTES) __check(sodium.crypto_sign_keypair(pk, sk)) return pk.raw, sk.raw def crypto_sign_seed_keypair(seed): if len(seed) != crypto_sign_SEEDBYTES: raise ValueError("invalid seed size") pk = ctypes.create_string_buffer(crypto_sign_PUBLICKEYBYTES) sk = ctypes.create_string_buffer(crypto_sign_SECRETKEYBYTES) __check(sodium.crypto_sign_seed_keypair(pk, sk, seed)) return pk.raw, sk.raw def crypto_sign(m, sk): if m is None or sk is None: raise ValueError("invalid parameters") if not (len(sk) == crypto_sign_SECRETKEYBYTES): raise ValueError('Truncated secret key') smsg = ctypes.create_string_buffer(len(m) + crypto_sign_BYTES) smsglen = ctypes.c_ulonglong() __check(sodium.crypto_sign(smsg, ctypes.byref(smsglen), m, ctypes.c_ulonglong(len(m)), sk)) return smsg.raw def crypto_sign_detached(m, sk): if m is None or sk is None: raise ValueError("invalid parameters") if not (len(sk) == crypto_sign_SECRETKEYBYTES): raise ValueError('Truncated secret key') sig = ctypes.create_string_buffer(crypto_sign_BYTES) # second parm is for output of signature len (optional, ignored if NULL) __check(sodium.crypto_sign_detached(sig, ctypes.c_void_p(0), m, ctypes.c_ulonglong(len(m)), sk)) return sig.raw def crypto_sign_open(sm, pk): if sm is None or pk is None: raise ValueError("invalid parameters") if not (len(pk) == crypto_sign_PUBLICKEYBYTES): raise ValueError('Truncated public key') msg = ctypes.create_string_buffer(len(sm)) msglen = ctypes.c_ulonglong() __check(sodium.crypto_sign_open(msg, ctypes.byref(msglen), sm, ctypes.c_ulonglong(len(sm)), pk)) return msg.raw[:msglen.value] def crypto_sign_verify_detached(sig, msg, pk): if None in (sig, msg, pk): raise ValueError if len(sig) != crypto_sign_BYTES: raise ValueError("invalid sign") if not (len(pk) == crypto_sign_PUBLICKEYBYTES): raise ValueError('Truncated public key') __check(sodium.crypto_sign_verify_detached(sig, msg, ctypes.c_ulonglong(len(msg)), pk)) # crypto_sign_init(crypto_sign_state *state); @sodium_version(1, 0, 12) def crypto_sign_init(): state = CryptoSignState() __check(sodium.crypto_sign_init(ctypes.byref(state))) return state # crypto_sign_update(crypto_sign_state *state, const unsigned char *m, unsigned long long mlen); @sodium_version(1, 0, 12) def crypto_sign_update(state, m): if(not isinstance(state, CryptoSignState)): raise TypeError("state is not CryptoSignState") if m is None: raise ValueError("invalid parameters") __check(sodium.crypto_sign_update(ctypes.byref(state), m, ctypes.c_ulonglong(len(m)))) # crypto_sign_final_create(crypto_sign_state *state, unsigned char *sig, unsigned long long *siglen_p, const unsigned char *sk); @sodium_version(1, 0, 12) def crypto_sign_final_create(state, sk): if(not isinstance(state, CryptoSignState)): raise TypeError("state is not CryptoSignState") if sk is None: raise ValueError("invalid parameters") if len(sk) != crypto_sign_SECRETKEYBYTES: raise ValueError("invalid secret key") buf = ctypes.create_string_buffer(crypto_sign_BYTES) __check(sodium.crypto_sign_final_create(ctypes.byref(state), buf, ctypes.c_void_p(0), sk)) return buf.raw # crypto_sign_final_verify(crypto_sign_state *state, unsigned char *sig, const unsigned char *sk); @sodium_version(1, 0, 12) def crypto_sign_final_verify(state, sig, pk): if(not isinstance(state, CryptoSignState)): raise TypeError("state is not CryptoSignState") if None in (sig, pk): raise ValueError("invalid parameters") if len(sig) != crypto_sign_BYTES: raise ValueError("invalid signature") if len(pk) != crypto_sign_PUBLICKEYBYTES: raise ValueError("invalid public key") __check(sodium.crypto_sign_final_verify(ctypes.byref(state), sig, pk)) # int crypto_stream_salsa20(unsigned char *c, unsigned long long clen, # const unsigned char *n, const unsigned char *k); def crypto_stream(cnt, nonce=None, key=None): res = ctypes.create_string_buffer(cnt) if not nonce: nonce = randombytes(crypto_stream_NONCEBYTES) if not key: key = randombytes(crypto_stream_KEYBYTES) __check(sodium.crypto_stream(res, ctypes.c_ulonglong(cnt), nonce, key)) return res.raw # crypto_stream_salsa20_xor(unsigned char *c, const unsigned char *m, unsigned long long mlen, # const unsigned char *n, const unsigned char *k) def crypto_stream_xor(msg, cnt, nonce, key): res = ctypes.create_string_buffer(cnt) if len(nonce) != crypto_stream_NONCEBYTES: raise ValueError("invalid nonce") if len(key) != crypto_stream_KEYBYTES: raise ValueError("invalid key") __check(sodium.crypto_stream_xor(res, msg, ctypes.c_ulonglong(cnt), nonce, key)) return res.raw def crypto_sign_pk_to_box_pk(pk): if pk is None: raise ValueError if not (len(pk) == crypto_sign_PUBLICKEYBYTES): raise ValueError('Truncated public key') res = ctypes.create_string_buffer(crypto_box_PUBLICKEYBYTES) __check(sodium.crypto_sign_ed25519_pk_to_curve25519(ctypes.byref(res), pk)) return res.raw def crypto_sign_sk_to_box_sk(sk): if sk is None: raise ValueError if not (len(sk) == crypto_sign_SECRETKEYBYTES): raise ValueError('Truncated secret key') res = ctypes.create_string_buffer(crypto_box_SECRETKEYBYTES) __check(sodium.crypto_sign_ed25519_sk_to_curve25519(ctypes.byref(res), sk)) return res.raw def crypto_sign_sk_to_seed(sk): if sk is None: raise ValueError if not (len(sk) == crypto_sign_SECRETKEYBYTES): raise ValueError('Truncated secret key') seed = ctypes.create_string_buffer(crypto_sign_SEEDBYTES) __check(sodium.crypto_sign_ed25519_sk_to_seed(ctypes.byref(seed), sk)) return seed.raw # int crypto_pwhash(unsigned char * const out, # unsigned long long outlen, # const char * const passwd, # unsigned long long passwdlen, # const unsigned char * const salt, # unsigned long long opslimit, # size_t memlimit, int alg); @sodium_version(1, 0, 9) @encode_strings def crypto_pwhash(outlen, passwd, salt, opslimit, memlimit, alg=crypto_pwhash_ALG_DEFAULT): if None in (outlen, passwd, salt, opslimit, memlimit): raise ValueError("invalid parameters") if len(salt) != crypto_pwhash_SALTBYTES: raise ValueError("invalid salt") if not (crypto_pwhash_BYTES_MIN <= outlen <= crypto_pwhash_BYTES_MAX): raise ValueError("invalid hash len") if not (crypto_pwhash_PASSWD_MIN <= len(passwd) <= crypto_pwhash_PASSWD_MAX): raise ValueError("invalid passwd len") if not (crypto_pwhash_OPSLIMIT_MIN <= opslimit <= crypto_pwhash_OPSLIMIT_MAX): raise ValueError("invalid opslimit") if not (crypto_pwhash_MEMLIMIT_MIN <= memlimit <= crypto_pwhash_MEMLIMIT_MAX): raise ValueError("invalid memlimit") out = ctypes.create_string_buffer(outlen) __check(sodium.crypto_pwhash(ctypes.byref(out), ctypes.c_ulonglong(outlen), passwd, ctypes.c_ulonglong(len(passwd)), salt, ctypes.c_ulonglong(opslimit), ctypes.c_size_t(memlimit), ctypes.c_int(alg))) return out.raw # int crypto_pwhash_str(char out[crypto_pwhash_STRBYTES], # const char * const passwd, # unsigned long long passwdlen, # unsigned long long opslimit, # size_t memlimit); @sodium_version(1, 0, 9) @encode_strings def crypto_pwhash_str(passwd, opslimit, memlimit): if None in (passwd, opslimit, memlimit): raise ValueError("invalid parameters") if not (crypto_pwhash_PASSWD_MIN <= len(passwd) <= crypto_pwhash_PASSWD_MAX): raise ValueError("invalid passwd len") if not (crypto_pwhash_OPSLIMIT_MIN <= opslimit <= crypto_pwhash_OPSLIMIT_MAX): raise ValueError("invalid opslimit") if not (crypto_pwhash_MEMLIMIT_MIN <= memlimit <= crypto_pwhash_MEMLIMIT_MAX): raise ValueError("invalid memlimit") out = ctypes.create_string_buffer(crypto_pwhash_STRBYTES) __check(sodium.crypto_pwhash_str(ctypes.byref(out), passwd, ctypes.c_ulonglong(len(passwd)), ctypes.c_ulonglong(opslimit), ctypes.c_size_t(memlimit))) return out.raw # int crypto_pwhash_str_verify(const char str[crypto_pwhash_STRBYTES], # const char * const passwd, # unsigned long long passwdlen); @sodium_version(1, 0, 9) @encode_strings def crypto_pwhash_str_verify(pstr, passwd): if None in (pstr, passwd) or len(pstr) != crypto_pwhash_STRBYTES: raise ValueError("invalid parameters") if not (crypto_pwhash_PASSWD_MIN < len(passwd) <= crypto_pwhash_PASSWD_MAX): raise ValueError("invalid passwd len") return sodium.crypto_pwhash_str_verify(pstr, passwd, ctypes.c_ulonglong(len(passwd))) == 0 # int crypto_pwhash_scryptsalsa208sha256(unsigned char * const out, # unsigned long long outlen, # const char * const passwd, # unsigned long long passwdlen, # const unsigned char * const salt, # unsigned long long opslimit, # size_t memlimit); def crypto_pwhash_scryptsalsa208sha256(outlen, passwd, salt, opslimit, memlimit): if None in (outlen, passwd, salt, opslimit, memlimit): raise ValueError if len(salt) != crypto_pwhash_scryptsalsa208sha256_SALTBYTES: raise ValueError("invalid salt") if not (crypto_pwhash_scryptsalsa208sha256_BYTES_MIN <= outlen <= crypto_pwhash_scryptsalsa208sha256_BYTES_MAX): raise ValueError("invalid hash len") if not (crypto_pwhash_scryptsalsa208sha256_PASSWD_MIN <= len(passwd) <= crypto_pwhash_scryptsalsa208sha256_PASSWD_MAX): raise ValueError("invalid passwd len") if not (crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MIN <= opslimit <= crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MAX): raise ValueError("invalid opslimit") if not (crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MIN <= memlimit <= crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MAX): raise ValueError("invalid memlimit") out = ctypes.create_string_buffer(outlen) __check(sodium.crypto_pwhash_scryptsalsa208sha256(out, ctypes.c_ulonglong(outlen), passwd, ctypes.c_ulonglong(len(passwd)), salt, ctypes.c_ulonglong(opslimit), ctypes.c_size_t(memlimit))) return out.raw # int crypto_pwhash_scryptsalsa208sha256_str(char out[crypto_pwhash_scryptsalsa208sha256_STRBYTES], # const char * const passwd, # unsigned long long passwdlen, # unsigned long long opslimit, # size_t memlimit); def crypto_pwhash_scryptsalsa208sha256_str(passwd, opslimit, memlimit): if None in (passwd, opslimit, memlimit): raise ValueError if not (crypto_pwhash_scryptsalsa208sha256_PASSWD_MIN <= len(passwd) <= crypto_pwhash_scryptsalsa208sha256_PASSWD_MAX): raise ValueError("invalid passwd len") if not (crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MIN <= opslimit <= crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MAX): raise ValueError("invalid opslimit") if not (crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MIN <= memlimit <= crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MAX): raise ValueError("invalid memlimit") out = ctypes.create_string_buffer(crypto_pwhash_scryptsalsa208sha256_STRBYTES) __check(sodium.crypto_pwhash_scryptsalsa208sha256_str(out, passwd, ctypes.c_ulonglong(len(passwd)), ctypes.c_ulonglong(opslimit), ctypes.c_size_t(memlimit))) return out.raw #int crypto_pwhash_scryptsalsa208sha256_str_verify(const char str[crypto_pwhash_scryptsalsa208sha256_STRBYTES], # const char * const passwd, # unsigned long long passwdlen); def crypto_pwhash_scryptsalsa208sha256_str_verify(stored, passwd): if stored is None or passwd is None: raise ValueError if not (crypto_pwhash_scryptsalsa208sha256_PASSWD_MIN <= len(passwd) <= crypto_pwhash_scryptsalsa208sha256_PASSWD_MAX): raise ValueError("invalid passwd len") if len(stored) != crypto_pwhash_scryptsalsa208sha256_STRBYTES: raise ValueError('invalid str size') __check(sodium.crypto_pwhash_scryptsalsa208sha256_str_verify(stored, passwd, ctypes.c_ulonglong(len(passwd)))) # int crypto_sign_ed25519_sk_to_pk(unsigned char *pk, const unsigned char *sk) def crypto_sign_sk_to_pk(sk): if sk is None or len(sk) != crypto_sign_ed25519_SECRETKEYBYTES: raise ValueError res = ctypes.create_string_buffer(crypto_sign_ed25519_PUBLICKEYBYTES) __check(sodium.crypto_sign_ed25519_sk_to_pk(ctypes.byref(res), sk)) return res.raw # int crypto_hash_sha256(unsigned char *out, const unsigned char *in, # unsigned long long inlen); def crypto_hash_sha256(message): if message is None: raise ValueError("invalid parameters") out = ctypes.create_string_buffer(crypto_hash_sha256_BYTES) __check(sodium.crypto_hash_sha256(out, message, ctypes.c_ulonglong(len(message)))) return out.raw # int crypto_hash_sha512(unsigned char *out, const unsigned char *in, # unsigned long long inlen); def crypto_hash_sha512(message): if message is None: raise ValueError("invalid parameters") out = ctypes.create_string_buffer(crypto_hash_sha512_BYTES) __check(sodium.crypto_hash_sha512(out, message, ctypes.c_ulonglong(len(message)))) return out.raw # int crypto_hash_sha512_init(crypto_hash_sha512_state *state) def crypto_hash_sha512_init(): state = ctypes.create_string_buffer(crypto_hash_sha512_STATEBYTES) __check(sodium.crypto_hash_sha512_init(state)) return state # int crypto_hash_sha512_update(crypto_hash_sha512_state *state, const unsigned char *in, unsigned long long inlen) def crypto_hash_sha512_update(state, data): __check(sodium.crypto_hash_sha512_update(state,data,ctypes.c_ulonglong(len(data)))) return state # int crypto_hash_sha512_final(crypto_hash_sha512_state *state, unsigned char *out) def crypto_hash_sha512_final(state): out = ctypes.create_string_buffer(crypto_hash_sha512_BYTES) __check(sodium.crypto_hash_sha512_final(state, out)) return out.raw # int crypto_kdf_derive_from_key(unsigned char *subkey, size_t subkey_len, # uint64_t subkey_id, # const char ctx[crypto_kdf_CONTEXTBYTES], # const unsigned char key[crypto_kdf_KEYBYTES]) def crypto_kdf_derive_from_key(subkey_len, subkey_id, ctx, key): if len(ctx) != crypto_kdf_CONTEXTBYTES: raise ValueError("invalid context") if len(key) != crypto_kdf_KEYBYTES: raise ValueError("invalid key") if not (crypto_kdf_BYTES_MIN <= subkey_len <= crypto_kdf_BYTES_MAX): raise ValueError("invalid subkey len") subkey = ctypes.create_string_buffer(subkey_len) si = ctypes.c_uint64(subkey_id) __check(sodium.crypto_kdf_derive_from_key(subkey, ctypes.c_size_t(subkey_len), si, ctx, key)) return subkey.raw # void crypto_kdf_keygen(unsigned char k[crypto_kdf_KEYBYTES]) def crypto_kdf_keygen(): k = ctypes.create_string_buffer(crypto_kdf_KEYBYTES) sodium.crypto_kdf_keygen(k) return k.raw # int crypto_kdf_hkdf_sha256_extract_init(crypto_kdf_hkdf_sha256_state *state, # const unsigned char *salt, size_t salt_len) @sodium_version(1, 0, 19) def crypto_kdf_hkdf_sha256_extract_init(salt=b''): state = ctypes.create_string_buffer(crypto_kdf_hkdf_sha256_STATEBYTES) __check(sodium.crypto_kdf_hkdf_sha256_extract_init(state, salt, ctypes.c_size_t(len(salt)))) return state # int crypto_kdf_hkdf_sha256_extract_update(crypto_kdf_hkdf_sha256_state *state, # const unsigned char *ikm, size_t ikm_len) @sodium_version(1, 0, 19) def crypto_kdf_hkdf_sha256_extract_update(state, ikm=b''): if len(state) != crypto_kdf_hkdf_sha256_STATEBYTES: raise ValueError("invalid state") __check(sodium.crypto_kdf_hkdf_sha256_extract_update(state, ikm, ctypes.c_size_t(len(ikm)))) return state # int crypto_kdf_hkdf_sha256_extract_final(crypto_kdf_hkdf_sha256_state *state, # unsigned char prk[crypto_kdf_hkdf_sha256_KEYBYTES]) @sodium_version(1, 0, 19) def crypto_kdf_hkdf_sha256_extract_final(state): if len(state) != crypto_kdf_hkdf_sha256_STATEBYTES: raise ValueError("invalid state") prk = ctypes.create_string_buffer(crypto_kdf_hkdf_sha256_KEYBYTES) __check(sodium.crypto_kdf_hkdf_sha256_extract_final(state, prk)) return prk.raw # int crypto_kdf_hkdf_sha256_extract( # unsigned char prk[crypto_kdf_hkdf_sha256_KEYBYTES], # const unsigned char *salt, size_t salt_len, const unsigned char *ikm, # size_t ikm_len) @sodium_version(1, 0, 19) def crypto_kdf_hkdf_sha256_extract(salt=b'', ikm=b''): prk = ctypes.create_string_buffer(crypto_kdf_hkdf_sha256_KEYBYTES) __check(sodium.crypto_kdf_hkdf_sha256_extract(prk, salt, ctypes.c_size_t(len(salt)), ikm, ctypes.c_size_t(len(ikm)))) return prk.raw # void crypto_kdf_hkdf_sha256_keygen(unsigned char prk[crypto_kdf_hkdf_sha256_KEYBYTES]) @sodium_version(1, 0, 19) def crypto_kdf_hkdf_sha256_keygen(): k = ctypes.create_string_buffer(crypto_kdf_hkdf_sha256_KEYBYTES) sodium.crypto_kdf_hkdf_sha256_keygen(k) return k.raw # int crypto_kdf_hkdf_sha256_expand(unsigned char *out, size_t out_len, # const char *ctx, size_t ctx_len, # const unsigned char prk[crypto_kdf_hkdf_sha256_KEYBYTES]) @sodium_version(1, 0, 19) def crypto_kdf_hkdf_sha256_expand(outlen, prk, ctx=b''): if not (crypto_kdf_hkdf_sha256_BYTES_MIN <= outlen <= crypto_kdf_hkdf_sha256_BYTES_MAX): raise ValueError("invalid output len") if len(prk) != crypto_kdf_hkdf_sha256_KEYBYTES: raise ValueError("invalid prk") out = ctypes.create_string_buffer(outlen) __check(sodium.crypto_kdf_hkdf_sha256_expand(out, ctypes.c_size_t(outlen), ctx, ctypes.c_size_t(len(ctx)), prk)) return out.raw # int crypto_kdf_hkdf_sha512_extract_init(crypto_kdf_hkdf_sha512_state *state, # const unsigned char *salt, size_t salt_len) @sodium_version(1, 0, 20) def crypto_kdf_hkdf_sha512_extract_init(salt=b''): state = ctypes.create_string_buffer(crypto_kdf_hkdf_sha512_STATEBYTES) __check(sodium.crypto_kdf_hkdf_sha512_extract_init(state, salt, ctypes.c_size_t(len(salt)))) return state # int crypto_kdf_hkdf_sha512_extract_update(crypto_kdf_hkdf_sha512_state *state, # const unsigned char *ikm, size_t ikm_len) @sodium_version(1, 0, 20) def crypto_kdf_hkdf_sha512_extract_update(state, ikm=b''): if len(state) != crypto_kdf_hkdf_sha512_STATEBYTES: raise ValueError("invalid state") __check(sodium.crypto_kdf_hkdf_sha512_extract_update(state, ikm, ctypes.c_size_t(len(ikm)))) return state # int crypto_kdf_hkdf_sha512_extract_final(crypto_kdf_hkdf_sha512_state *state, # unsigned char prk[crypto_kdf_hkdf_sha512_KEYBYTES]) @sodium_version(1, 0, 20) def crypto_kdf_hkdf_sha512_extract_final(state): if len(state) != crypto_kdf_hkdf_sha512_STATEBYTES: raise ValueError("invalid state") prk = ctypes.create_string_buffer(crypto_kdf_hkdf_sha512_KEYBYTES) __check(sodium.crypto_kdf_hkdf_sha512_extract_final(state, prk)) return prk.raw # int crypto_kdf_hkdf_sha512_extract( # unsigned char prk[crypto_kdf_hkdf_sha512_KEYBYTES], # const unsigned char *salt, size_t salt_len, const unsigned char *ikm, # size_t ikm_len) @sodium_version(1, 0, 19) def crypto_kdf_hkdf_sha512_extract(salt=b'', ikm=b''): prk = ctypes.create_string_buffer(crypto_kdf_hkdf_sha512_KEYBYTES) __check(sodium.crypto_kdf_hkdf_sha512_extract(prk, salt, ctypes.c_size_t(len(salt)), ikm, ctypes.c_size_t(len(ikm)))) return prk.raw # void crypto_kdf_hkdf_sha512_keygen(unsigned char prk[crypto_kdf_hkdf_sha512_KEYBYTES]) @sodium_version(1, 0, 19) def crypto_kdf_hkdf_sha512_keygen(): k = ctypes.create_string_buffer(crypto_kdf_hkdf_sha512_KEYBYTES) sodium.crypto_kdf_hkdf_sha512_keygen(k) return k.raw # int crypto_kdf_hkdf_sha512_expand(unsigned char *out, size_t out_len, # const char *ctx, size_t ctx_len, # const unsigned char prk[crypto_kdf_hkdf_sha512_KEYBYTES]) @sodium_version(1, 0, 19) def crypto_kdf_hkdf_sha512_expand(outlen, prk, ctx=b''): if not (crypto_kdf_hkdf_sha512_BYTES_MIN <= outlen <= crypto_kdf_hkdf_sha512_BYTES_MAX): raise ValueError("invalid output len") if len(prk) != crypto_kdf_hkdf_sha512_KEYBYTES: raise ValueError("invalid prk") out = ctypes.create_string_buffer(outlen) __check(sodium.crypto_kdf_hkdf_sha512_expand(out, ctypes.c_size_t(outlen), ctx, ctypes.c_size_t(len(ctx)), prk)) return out.raw # int crypto_kx_keypair(unsigned char pk[crypto_kx_PUBLICKEYBYTES], # unsigned char sk[crypto_kx_SECRETKEYBYTES]); @sodium_version(1, 0, 12) def crypto_kx_keypair(): pk = ctypes.create_string_buffer(crypto_kx_PUBLICKEYBYTES) sk = ctypes.create_string_buffer(crypto_kx_SECRETKEYBYTES) __check(sodium.crypto_kx_keypair(pk, sk)) return pk.raw, sk.raw # int crypto_kx_client_session_keys(unsigned char rx[crypto_kx_SESSIONKEYBYTES], # unsigned char tx[crypto_kx_SESSIONKEYBYTES], # const unsigned char client_pk[crypto_kx_PUBLICKEYBYTES], # const unsigned char client_sk[crypto_kx_SECRETKEYBYTES], # const unsigned char server_pk[crypto_kx_PUBLICKEYBYTES]); @sodium_version(1, 0, 12) def crypto_kx_client_session_keys(client_pk, client_sk, server_pk): if None in (client_pk, client_sk, server_pk): raise ValueError("invalid parameters") if not (len(client_pk) == crypto_kx_PUBLICKEYBYTES): raise ValueError("Invalid client public key") if not (len(client_sk) == crypto_kx_SECRETKEYBYTES): raise ValueError("Invalid client secret key") if not (len(server_pk) == crypto_kx_PUBLICKEYBYTES): raise ValueError("Invalid server public key") rx = ctypes.create_string_buffer(crypto_kx_SESSIONKEYBYTES) tx = ctypes.create_string_buffer(crypto_kx_SESSIONKEYBYTES) __check(sodium.crypto_kx_client_session_keys(rx, tx, client_pk, client_sk, server_pk)) return rx.raw, tx.raw # int crypto_kx_server_session_keys(unsigned char rx[crypto_kx_SESSIONKEYBYTES], # unsigned char tx[crypto_kx_SESSIONKEYBYTES], # const unsigned char server_pk[crypto_kx_PUBLICKEYBYTES], # const unsigned char server_sk[crypto_kx_SECRETKEYBYTES], # const unsigned char client_pk[crypto_kx_PUBLICKEYBYTES]); @sodium_version(1, 0, 12) def crypto_kx_server_session_keys(server_pk, server_sk, client_pk): if None in (server_pk, server_sk, client_pk): raise ValueError("invalid parameters") if not (len(server_pk) == crypto_kx_PUBLICKEYBYTES): raise ValueError("Invalid server public key") if not (len(server_sk) == crypto_kx_SECRETKEYBYTES): raise ValueError("Invalid server secret key") if not (len(client_pk) == crypto_kx_PUBLICKEYBYTES): raise ValueError("Invalid client public key") rx = ctypes.create_string_buffer(crypto_kx_SESSIONKEYBYTES) tx = ctypes.create_string_buffer(crypto_kx_SESSIONKEYBYTES) __check(sodium.crypto_kx_server_session_keys(rx, tx, server_pk, server_sk, client_pk)) return rx.raw, tx.raw # void sodium_increment(unsigned char *n, const size_t nlen) @sodium_version(1, 0, 4) def sodium_increment(n): sodium.sodium_increment(n, ctypes.c_size_t(len(n))) # int crypto_core_ristretto255_is_valid_point(const unsigned char *p); @sodium_version(1, 0, 18) def crypto_core_ristretto255_is_valid_point(p): return sodium.crypto_core_ristretto255_is_valid_point(p) == 1 # int crypto_core_ristretto255_from_hash(unsigned char *p, const unsigned char *r); @sodium_version(1, 0, 18) def crypto_core_ristretto255_from_hash(r): if len(r) != crypto_core_ristretto255_HASHBYTES: raise ValueError("Invalid parameter, must be {} bytes".format(crypto_core_ristretto255_HASHBYTES)) p = ctypes.create_string_buffer(crypto_core_ristretto255_BYTES) __check(sodium.crypto_core_ristretto255_from_hash(p,r)) return p.raw # int crypto_scalarmult_ristretto255(unsigned char *q, const unsigned char *n, const unsigned char *p); @sodium_version(1, 0, 18) def crypto_scalarmult_ristretto255(n, p): if None in (n,p): raise ValueError("invalid parameters") if len(n) != crypto_core_ristretto255_SCALARBYTES: raise ValueError("truncated scalar") if len(p) != crypto_core_ristretto255_BYTES: raise ValueError("truncated point") buf = ctypes.create_string_buffer(crypto_core_ristretto255_BYTES) __check(sodium.crypto_scalarmult_ristretto255(buf, n, p)) return buf.raw # int crypto_scalarmult_ristretto255_base(unsigned char *q, const unsigned char *n); @sodium_version(1, 0, 18) def crypto_scalarmult_ristretto255_base(n): if n is None: raise ValueError("invalid parameters") if len(n) != crypto_core_ristretto255_SCALARBYTES: raise ValueError("truncated scalar") buf = ctypes.create_string_buffer(crypto_core_ristretto255_BYTES) __check(sodium.crypto_scalarmult_ristretto255_base(buf, n)) return buf.raw # void crypto_core_ristretto255_scalar_random(unsigned char *r); @sodium_version(1, 0, 18) def crypto_core_ristretto255_scalar_random(): r = ctypes.create_string_buffer(crypto_core_ristretto255_SCALARBYTES) sodium.crypto_core_ristretto255_scalar_random(r) return r.raw # int crypto_core_ristretto255_scalar_invert(unsigned char *recip, const unsigned char *s); @sodium_version(1, 0, 18) def crypto_core_ristretto255_scalar_invert(s): if not s or len(s)!=crypto_core_ristretto255_SCALARBYTES: raise ValueError("Invalid param, must be {} bytes".format(crypto_core_ristretto255_SCALARBYTES)) r = ctypes.create_string_buffer(crypto_core_ristretto255_SCALARBYTES) __check(sodium.crypto_core_ristretto255_scalar_invert(r,s)) return r.raw # void crypto_core_ristretto255_scalar_reduce(unsigned char *r, const unsigned char *s); @sodium_version(1, 0, 18) def crypto_core_ristretto255_scalar_reduce(s): if not s or len(s)!=crypto_core_ristretto255_NONREDUCEDSCALARBYTES: raise ValueError("Invalid parameter: must be {} bytes".format(crypto_core_ristretto255_NONREDUCEDSCALARBYTES)) r = ctypes.create_string_buffer(crypto_core_ristretto255_SCALARBYTES) sodium.crypto_core_ristretto255_scalar_reduce(r,s) return r.raw # int crypto_core_ristretto255_add(unsigned char *r, const unsigned char *p, const unsigned char *q) @sodium_version(1, 0, 18) def crypto_core_ristretto255_add(p, q): if len(p) != crypto_core_ristretto255_BYTES: raise ValueError("truncated point p") if len(q) != crypto_core_ristretto255_BYTES: raise ValueError("truncated point q") r = ctypes.create_string_buffer(crypto_core_ristretto255_BYTES) __check(sodium.crypto_core_ristretto255_add(r, p, q)) return r.raw # int crypto_core_ristretto255_sub(unsigned char *r, const unsigned char *p, const unsigned char *q) @sodium_version(1, 0, 18) def crypto_core_ristretto255_sub(p,q): if len(p) != crypto_core_ristretto255_BYTES: raise ValueError("truncated point p") if len(q) != crypto_core_ristretto255_BYTES: raise ValueError("truncated point q") r = ctypes.create_string_buffer(crypto_core_ristretto255_BYTES) __check(sodium.crypto_core_ristretto255_sub(r, p, q)) return r.raw # void crypto_core_ristretto255_random(unsigned char *p) @sodium_version(1, 0, 18) def crypto_core_ristretto255_random(): p = ctypes.create_string_buffer(crypto_core_ristretto255_BYTES) sodium.crypto_core_ristretto255_random(p) return p.raw # void crypto_core_ristretto255_scalar_negate(unsigned char *neg, const unsigned char *s) @sodium_version(1, 0, 18) def crypto_core_ristretto255_scalar_negate(s): if not s or len(s)!=crypto_core_ristretto255_SCALARBYTES: raise ValueError("Invalid param, must be {} bytes".format(crypto_core_ristretto255_SCALARBYTES)) r = ctypes.create_string_buffer(crypto_core_ristretto255_SCALARBYTES) sodium.crypto_core_ristretto255_scalar_negate(r,s) return r.raw # void crypto_core_ristretto255_scalar_complement(unsigned char *comp, const unsigned char *s) @sodium_version(1, 0, 18) def crypto_core_ristretto255_scalar_complement(s): if not s or len(s)!=crypto_core_ristretto255_SCALARBYTES: raise ValueError("Invalid param, must be {} bytes".format(crypto_core_ristretto255_SCALARBYTES)) r = ctypes.create_string_buffer(crypto_core_ristretto255_SCALARBYTES) sodium.crypto_core_ristretto255_scalar_complement(r,s) return r.raw # void crypto_core_ristretto255_scalar_add(unsigned char *z, const unsigned char *x, const unsigned char *y) @sodium_version(1, 0, 18) def crypto_core_ristretto255_scalar_add(x,y): if not x or len(x)!=crypto_core_ristretto255_SCALARBYTES: raise ValueError("Invalid param, must be {} bytes".format(crypto_core_ristretto255_SCALARBYTES)) if not y or len(y)!=crypto_core_ristretto255_SCALARBYTES: raise ValueError("Invalid param, must be {} bytes".format(crypto_core_ristretto255_SCALARBYTES)) r = ctypes.create_string_buffer(crypto_core_ristretto255_SCALARBYTES) sodium.crypto_core_ristretto255_scalar_add(r,x,y) return r.raw # void crypto_core_ristretto255_scalar_sub(unsigned char *z, const unsigned char *x, const unsigned char *y) @sodium_version(1, 0, 18) def crypto_core_ristretto255_scalar_sub(x,y): if not x or len(x)!=crypto_core_ristretto255_SCALARBYTES: raise ValueError("Invalid param, must be {} bytes".format(crypto_core_ristretto255_SCALARBYTES)) if not y or len(y)!=crypto_core_ristretto255_SCALARBYTES: raise ValueError("Invalid param, must be {} bytes".format(crypto_core_ristretto255_SCALARBYTES)) r = ctypes.create_string_buffer(crypto_core_ristretto255_SCALARBYTES) sodium.crypto_core_ristretto255_scalar_sub(r,x,y) return r.raw # void crypto_core_ristretto255_scalar_mul(unsigned char *z, const unsigned char *x, const unsigned char *y) @sodium_version(1, 0, 18) def crypto_core_ristretto255_scalar_mul(x,y): if not x or len(x)!=crypto_core_ristretto255_SCALARBYTES: raise ValueError("Invalid param, must be {} bytes".format(crypto_core_ristretto255_SCALARBYTES)) if not y or len(y)!=crypto_core_ristretto255_SCALARBYTES: raise ValueError("Invalid param, must be {} bytes".format(crypto_core_ristretto255_SCALARBYTES)) r = ctypes.create_string_buffer(crypto_core_ristretto255_SCALARBYTES) sodium.crypto_core_ristretto255_scalar_mul(r,x,y) return r.raw ././@PaxHeader0000000000000000000000000000003300000000000010211 xustar0027 mtime=1723031282.840557 pysodium-0.7.18/pysodium.egg-info/0000755000175000017500000000000014654657363014374 5ustar00ss././@PaxHeader0000000000000000000000000000002600000000000010213 xustar0022 mtime=1723031282.0 pysodium-0.7.18/pysodium.egg-info/PKG-INFO0000644000175000017500000002603214654657362015473 0ustar00ssMetadata-Version: 2.1 Name: pysodium Version: 0.7.18 Summary: python libsodium wrapper Home-page: https://github.com/stef/pysodium Author: Stefan Marsiske Author-email: s@ctrlc.hu License: BSD Keywords: cryptography API NaCl libsodium Classifier: Development Status :: 4 - Beta Classifier: License :: OSI Approved :: BSD License Classifier: Topic :: Security :: Cryptography Classifier: Topic :: Security Requires: libsodium License-File: LICENSE.txt License-File: AUTHORS This is a very simple wrapper around libsodium masquerading as nacl. [![Build Status](https://travis-ci.org/stef/pysodium.svg?branch=master)](https://travis-ci.org/stef/pysodium) This wrapper requires a pre-installed libsodium from: https://github.com/jedisct1/libsodium then it provides access to the following functions: ``` crypto_aead_aegis128l_decrypt(ciphertext, ad, nonce, key) crypto_aead_aegis128l_encrypt(message, ad, nonce, key) crypto_aead_aegis128l_decrypt_detached(ciphertext, mac, ad, nonce, key) crypto_aead_aegis128l_encrypt_detached(message, ad, nonce, key) crypto_aead_aegis256_decrypt(ciphertext, ad, nonce, key) crypto_aead_aegis256_encrypt(message, ad, nonce, key) crypto_aead_aegis256_decrypt_detached(ciphertext, mac, ad, nonce, key) crypto_aead_aegis256_encrypt_detached(message, ad, nonce, key) crypto_aead_chacha20poly1305_decrypt(ciphertext, ad, nonce, key) crypto_aead_chacha20poly1305_encrypt(message, ad, nonce, key) crypto_aead_chacha20poly1305_decrypt_detached(ciphertext, mac, ad, nonce, key) crypto_aead_chacha20poly1305_encrypt_detached(message, ad, nonce, key) crypto_aead_chacha20poly1305_ietf_decrypt(ciphertext, ad, nonce, key) crypto_aead_chacha20poly1305_ietf_encrypt(message, ad, nonce, key) crypto_aead_chacha20poly1305_ietf_decrypt_detached(ciphertext, mac, ad, nonce, key) crypto_aead_chacha20poly1305_ietf_encrypt_detached(message, ad, nonce, key) crypto_aead_xchacha20poly1305_ietf_decrypt(ciphertext, ad, nonce, key) crypto_aead_xchacha20poly1305_ietf_encrypt(message, ad, nonce, key) crypto_auth(message, key) crypto_auth_verify(tag, message, key) crypto_box_afternm(msg, nonce, k) crypto_box_beforenm(pk, sk) crypto_box_detached(msg, nonce, pk, sk) crypto_box_keypair() crypto_box(msg, nonce, pk, sk) crypto_box_open_afternm(c, nonce, k) crypto_box_open(c, nonce, pk, sk) crypto_box_open_detached(c, mac, nonce, pk, sk) crypto_box_seal(msg, pk) crypto_box_seal_open(c, pk, sk) crypto_box_seed_keypair(seed) crypto_generichash_blake2b_salt_personal(message, outlen = crypto_generichash_blake2b_BYTES, key = b'', salt = b'', personal = b'') crypto_generichash_final(state, outlen=crypto_generichash_BYTES) crypto_generichash_init(outlen=crypto_generichash_BYTES, k=b'') crypto_generichash(m, k=b'', outlen=crypto_generichash_BYTES) crypto_generichash_update(state, m) crypto_hash_sha256(message) crypto_hash_sha512(message) crypto_hash_sha512_init() crypto_hash_sha512_update(state, data) crypto_hash_sha512_final(state) crypto_kx_client_session_keys(client_pk, client_sk, server_pk) crypto_kx_keypair() crypto_kx_server_session_keys(server_pk, server_sk, client_pk) crypto_pwhash(outlen, passwd, salt, opslimit, memlimit, alg) crypto_pwhash_scryptsalsa208sha256(outlen, passwd, salt, opslimit, memlimit) crypto_pwhash_scryptsalsa208sha256_str(passwd, opslimit, memlimit) crypto_pwhash_scryptsalsa208sha256_str_verify(stored, passwd) crypto_pwhash_str(passwd, opslimit, memlimit) crypto_pwhash_str_verify(pstr, passwd) crypto_scalarmult_base(n) crypto_scalarmult_curve25519_base(n) crypto_scalarmult_curve25519(n, p) crypto_secretbox(msg, nonce, k) crypto_secretbox_detached(msg, nonce, k) crypto_secretbox_open(c, nonce, k) crypto_secretbox_open_detached(c, mac, nonce, k) crypto_secretstream_xchacha20poly1305_keygen(): crypto_secretstream_xchacha20poly1305_init_push(key): crypto_secretstream_xchacha20poly1305_init_pull(header, key): crypto_secretstream_xchacha20poly1305_rekey(state): crypto_secretstream_xchacha20poly1305_push(state, message, ad, tag): crypto_secretstream_xchacha20poly1305_pull(state, ciphertext, ad): crypto_sign_init() crypto_sign_update(state, m) crypto_sign_final_create(state, sk) crypto_sign_final_verify(state, sig, pk) crypto_sign_detached(m, sk) crypto_sign_keypair() crypto_sign(m, sk) crypto_sign_open(sm, pk) crypto_sign_pk_to_box_pk(pk) crypto_sign_seed_keypair(seed) crypto_sign_sk_to_box_sk(sk) crypto_sign_sk_to_pk(sk) crypto_sign_sk_to_seed(sk) crypto_sign_verify_detached(sig, msg, pk) crypto_stream_chacha20_xor(message, nonce, key) crypto_stream_chacha20_xor_ic(message, nonce, initial_counter, key) crypto_stream_chacha20_ietf_xor(message, nonce, key) crypto_stream_chacha20_ietf_xor_ic(message, nonce, initial_counter, key) crypto_stream_xchacha20_xor(message, nonce, key) crypto_stream_xchacha20_xor_ic(message, nonce, initial_counter, key) crypto_stream(cnt, nonce=None, key=None) crypto_stream_xor(msg, cnt, nonce=None, key=None) randombytes(size) sodium_increment(bytes) crypto_core_ristretto255_is_valid_point(p) crypto_core_ristretto255_from_hash(r) crypto_scalarmult_ristretto255(n, p) crypto_scalarmult_ristretto255_base(n) crypto_core_ristretto255_scalar_random() crypto_core_ristretto255_scalar_invert(s) crypto_core_ristretto255_scalar_reduce(s) crypto_core_ristretto255_add(p, q) crypto_core_ristretto255_sub(p,q) crypto_core_ristretto255_random() crypto_core_ristretto255_scalar_negate(s) crypto_core_ristretto255_scalar_complement(s) crypto_core_ristretto255_scalar_add(x,y) crypto_core_ristretto255_scalar_sub(x,y) crypto_core_ristretto255_scalar_mul(x,y) crypto_auth_hmacsha256_keygen crypto_auth_hmacsha256 crypto_auth_hmacsha256_verify crypto_auth_hmacsha512_keygen crypto_auth_hmacsha512 crypto_auth_hmacsha512_verify crypto_auth_hmacsha512256_keygen crypto_auth_hmacsha512256 crypto_auth_hmacsha512256_verify crypto_kdf_derive_from_key(subkey_len, subkey_id, ctx, key) crypto_kdf_keygen() crypto_kdf_hkdf_sha256_extract_init(salt=b'') crypto_kdf_hkdf_sha256_extract_update(state, ikm=b'') crypto_kdf_hkdf_sha256_extract_final(state) crypto_kdf_hkdf_sha256_extract(salt=b'', ikm=b'') crypto_kdf_hkdf_sha256_keygen() crypto_kdf_hkdf_sha256_expand(outlen, prk, ctx=b'') crypto_kdf_hkdf_sha512_extract_init(salt=b'') crypto_kdf_hkdf_sha512_extract_update(state, ikm=b'') crypto_kdf_hkdf_sha512_extract_final(state) crypto_kdf_hkdf_sha512_extract(salt=b'', ikm=b'') crypto_kdf_hkdf_sha512_keygen() crypto_kdf_hkdf_sha512_expand(outlen, prk, ctx=b'') ``` Constants: ``` crypto_aead_chacha20poly1305_ABYTES crypto_aead_chacha20poly1305_KEYBYTES crypto_aead_chacha20poly1305_NPUBBYTES crypto_aead_chacha20poly1305_ietf_KEYBYTES crypto_aead_chacha20poly1305_ietf_NPUBBYTES crypto_aead_chacha20poly1305_ietf_ABYTES crypto_aead_xchacha20poly1305_ietf_KEYBYTES crypto_aead_xchacha20poly1305_ietf_NPUBBYTES crypto_aead_xchacha20poly1305_ietf_ABYTES crypto_auth_BYTES crypto_auth_KEYBYTES crypto_box_BEFORENMBYTES crypto_box_BOXZEROBYTES crypto_box_MACBYTES crypto_box_NONCEBYTES crypto_box_PUBLICKEYBYTES crypto_box_SEALBYTES crypto_box_SECRETKEYBYTES crypto_box_SEEDBYTES crypto_box_ZEROBYTES crypto_generichash_KEYBYTES_MAX crypto_generichash_BYTES crypto_generichash_BYTES_MAX crypto_generichash_BYTES_MIN crypto_generichash_STATEBYTES crypto_generichash_blake2b_BYTES crypto_generichash_blake2b_BYTES_MAX crypto_generichash_blake2b_BYTES_MIN crypto_generichash_blake2b_KEYBYTES_MAX crypto_generichash_blake2b_PERSONALBYTES crypto_generichash_blake2b_SALTBYTES crypto_hash_sha256_BYTES crypto_hash_sha512_BYTES crypto_hash_sha512_STATEBYTES crypto_kx_PUBLICKEYBYTES crypto_kx_SECRETKEYBYTES crypto_kx_SESSIONKEYBYTES crypto_pwhash_ALG_DEFAULT crypto_pwhash_ALG_ARGON2I13 crypto_pwhash_ALG_ARGON2ID13 crypto_pwhash_BYTES_MAX crypto_pwhash_BYTES_MIN crypto_pwhash_MEMLIMIT_MAX crypto_pwhash_MEMLIMIT_MIN crypto_pwhash_MEMLIMIT_INTERACTIVE crypto_pwhash_MEMLIMIT_MODERATE crypto_pwhash_MEMLIMIT_SENSITIVE crypto_pwhash_OPSLIMIT_MAX crypto_pwhash_OPSLIMIT_MIN crypto_pwhash_OPSLIMIT_INTERACTIVE crypto_pwhash_OPSLIMIT_MODERATE crypto_pwhash_OPSLIMIT_SENSITIVE crypto_pwhash_PASSWD_MAX crypto_pwhash_PASSWD_MIN crypto_pwhash_argon2i_MEMLIMIT_INTERACTIVE crypto_pwhash_argon2i_MEMLIMIT_MODERATE crypto_pwhash_argon2i_MEMLIMIT_SENSITIVE crypto_pwhash_argon2i_OPSLIMIT_INTERACTIVE crypto_pwhash_argon2i_OPSLIMIT_MODERATE crypto_pwhash_argon2i_OPSLIMIT_SENSITIVE crypto_pwhash_argon2id_MEMLIMIT_INTERACTIVE crypto_pwhash_argon2id_MEMLIMIT_MODERATE crypto_pwhash_argon2id_MEMLIMIT_SENSITIVE crypto_pwhash_argon2id_OPSLIMIT_INTERACTIVE crypto_pwhash_argon2id_OPSLIMIT_MODERATE crypto_pwhash_argon2id_OPSLIMIT_SENSITIVE crypto_pwhash_SALTBYTES crypto_pwhash_STRBYTES crypto_pwhash_scryptsalsa208sha256_BYTES_MAX crypto_pwhash_scryptsalsa208sha256_BYTES_MIN crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MAX crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_MIN crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_INTERACTIVE crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_SENSITIVE crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MAX crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_MIN crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_SENSITIVE crypto_pwhash_scryptsalsa208sha256_PASSWD_MAX crypto_pwhash_scryptsalsa208sha256_PASSWD_MIN crypto_pwhash_scryptsalsa208sha256_SALTBYTES crypto_pwhash_scryptsalsa208sha256_STRBYTES crypto_pwhash_scryptsalsa208sha256_STRPREFIX crypto_scalarmult_BYTES crypto_scalarmult_SCALARBYTES crypto_scalarmult_curve25519_BYTES crypto_secretbox_BOXZEROBYTES crypto_secretbox_KEYBYTES crypto_secretbox_KEYBYTES crypto_secretbox_MACBYTES crypto_secretbox_NONCEBYTES crypto_secretbox_ZEROBYTES crypto_secretstream_xchacha20poly1305_STATEBYTES crypto_secretstream_xchacha20poly1305_ABYTES crypto_secretstream_xchacha20poly1305_HEADERBYTES crypto_secretstream_xchacha20poly1305_KEYBYTES crypto_secretstream_xchacha20poly1305_MESSAGEBYTES_MAX crypto_secretstream_xchacha20poly1305_TAG_MESSAGE crypto_secretstream_xchacha20poly1305_TAG_PUSH crypto_secretstream_xchacha20poly1305_TAG_REKEY crypto_secretstream_xchacha20poly1305_TAG_FINAL crypto_sign_BYTES crypto_sign_PUBLICKEYBYTES crypto_sign_SECRETKEYBYTES crypto_sign_SEEDBYTES crypto_sign_ed25519_PUBLICKEYBYTES crypto_sign_ed25519_SECRETKEYBYTES crypto_stream_KEYBYTES crypto_stream_NONCEBYTES crypto_stream_chacha20_NONCEBYTES crypto_stream_chacha20_KEYBYTES crypto_stream_chacha20_ietf_NONCEBYTES crypto_stream_chacha20_ietf_KEYBYTES crypto_stream_xchacha20_NONCEBYTES crypto_stream_xchacha20_KEYBYTES crypto_core_ristretto255_BYTES crypto_core_ristretto255_HASHBYTES crypto_core_ristretto255_SCALARBYTES crypto_core_ristretto255_NONREDUCEDSCALARBYTES crypto_auth_hmacsha256_BYTES crypto_auth_hmacsha256_KEYBYTES crypto_auth_hmacsha512_BYTES crypto_auth_hmacsha512_KEYBYTES crypto_auth_hmacsha512256_BYTES crypto_auth_hmacsha512256_KEYBYTES crypto_kdf_BYTES_MIN crypto_kdf_BYTES_MAX crypto_kdf_CONTEXTBYTES crypto_kdf_KEYBYTES crypto_kdf_hkdf_sha256_KEYBYTES crypto_kdf_hkdf_sha256_BYTES_MIN crypto_kdf_hkdf_sha256_BYTES_MAX crypto_kdf_hkdf_sha256_STATEBYTES ``` Note most of the the `*_easy` functions are not implemented as the "non-easy" functions provide already the "easy" interface, which hides the placement of buffers in memory, which makes little sense in python, so this wrapper handles this. ././@PaxHeader0000000000000000000000000000002600000000000010213 xustar0022 mtime=1723031282.0 pysodium-0.7.18/pysodium.egg-info/SOURCES.txt0000644000175000017500000000035614654657362016263 0ustar00ssAUTHORS LICENSE.txt MANIFEST.in README.md setup.py pysodium/__init__.py pysodium.egg-info/PKG-INFO pysodium.egg-info/SOURCES.txt pysodium.egg-info/dependency_links.txt pysodium.egg-info/top_level.txt test/__init__.py test/test_pysodium.py././@PaxHeader0000000000000000000000000000002600000000000010213 xustar0022 mtime=1723031282.0 pysodium-0.7.18/pysodium.egg-info/dependency_links.txt0000644000175000017500000000000114654657362020441 0ustar00ss ././@PaxHeader0000000000000000000000000000002600000000000010213 xustar0022 mtime=1723031282.0 pysodium-0.7.18/pysodium.egg-info/top_level.txt0000644000175000017500000000001114654657362017115 0ustar00sspysodium ././@PaxHeader0000000000000000000000000000003400000000000010212 xustar0028 mtime=1723031282.8425572 pysodium-0.7.18/setup.cfg0000644000175000017500000000004614654657363012652 0ustar00ss[egg_info] tag_build = tag_date = 0 ././@PaxHeader0000000000000000000000000000002600000000000010213 xustar0022 mtime=1723031199.0 pysodium-0.7.18/setup.py0000644000175000017500000000167314654657237012552 0ustar00ssimport os from setuptools import setup, find_packages # Utility function to read the README file. # Used for the long_description. It's nice, because now 1) we have a top level # README file and 2) it's easier to type in the README file than to put a raw # string in below ... def read(fname): return open(os.path.join(os.path.dirname(__file__), fname)).read() setup( name="pysodium", version="0.7.18", author="Stefan Marsiske", author_email="s@ctrlc.hu", description="python libsodium wrapper", license="BSD", keywords="cryptography API NaCl libsodium", url="https://github.com/stef/pysodium", packages=find_packages(exclude=['test*']), long_description=read('README.md'), requires=["libsodium"], classifiers=["Development Status :: 4 - Beta", "License :: OSI Approved :: BSD License", "Topic :: Security :: Cryptography", "Topic :: Security"], ) ././@PaxHeader0000000000000000000000000000003400000000000010212 xustar0028 mtime=1723031282.8395572 pysodium-0.7.18/test/0000755000175000017500000000000014654657363012010 5ustar00ss././@PaxHeader0000000000000000000000000000002600000000000010213 xustar0022 mtime=1499799548.0 pysodium-0.7.18/test/__init__.py0000644000175000017500000000000113131217774014073 0ustar00ss ././@PaxHeader0000000000000000000000000000002600000000000010213 xustar0022 mtime=1723031109.0 pysodium-0.7.18/test/test_pysodium.py0000755000175000017500000013626114654657105015300 0ustar00ss#!/usr/bin/env python2 """ Wrapper for libsodium library Copyright (c) 2013-2014, Marsiske Stefan. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. """ import unittest import binascii import pysodium class TestPySodium(unittest.TestCase): def test_crypto_stream(self): pysodium.crypto_stream(8) pysodium.crypto_stream(16) pysodium.crypto_stream(32) def test_crypto_stream_xor(self): nonce = b'\x00' * pysodium.crypto_stream_NONCEBYTES key = b'\x00' * pysodium.crypto_stream_KEYBYTES pysodium.crypto_stream_xor(b'howdy', len(b'howdy'), nonce, key) pysodium.crypto_stream_xor(b'howdy' * 16, len(b'howdy') * 16, nonce, key) def test_crypto_generichash(self): r=pysodium.crypto_generichash(b'howdy') pysodium.crypto_generichash(b'howdy', outlen=4) r6=pysodium.crypto_generichash(b'howdy', outlen=6) pysodium.crypto_generichash(b'howdy', outlen=8) state = pysodium.crypto_generichash_init() pysodium.crypto_generichash_update(state, b'howdy') r1=pysodium.crypto_generichash_final(state) state = pysodium.crypto_generichash_init(outlen=6) pysodium.crypto_generichash_update(state, b'howdy') r61=pysodium.crypto_generichash_final(state, outlen=6) self.assertEqual(r, r1) self.assertEqual(r6, r61) self.assertNotEqual(pysodium.crypto_generichash( 'salt0'), pysodium.crypto_generichash( 'salt1')) self.assertNotEqual(pysodium.crypto_generichash(b'salt0'), pysodium.crypto_generichash(b'salt1')) def test_crypto_auth_hmac_256_512_512256(self): """Taken from https://www.rfc-editor.org/rfc/rfc4231#section-4""" vectors = [ { "k": b"\x0b" * 20 + b"\x00" * 12, "m": b"Hi There", "256": bytes.fromhex( "b0344c61d8db38535ca8afceaf0bf12b" "881dc200c9833da726e9376c2e32cff7" ), "512": bytes.fromhex( "87aa7cdea5ef619d4ff0b4241a1d6cb0" "2379f4e2ce4ec2787ad0b30545e17cde" "daa833b7d6b8a702038b274eaea3f4e4" "be9d914eeb61f1702e696c203a126854" ), "512256": bytes.fromhex( "87aa7cdea5ef619d4ff0b4241a1d6cb0" "2379f4e2ce4ec2787ad0b30545e17cde" ), }, { "k": b"Jefe" + b"\x00" * 28, "m": b"what do ya want for nothing?", "256": bytes.fromhex( "5bdcc146bf60754e6a042426089575c7" "5a003f089d2739839dec58b964ec3843" ), "512": bytes.fromhex( "164b7a7bfcf819e2e395fbe73b56e0a3" "87bd64222e831fd610270cd7ea250554" "9758bf75c05a994a6d034f65f8f0e6fd" "caeab1a34d4a6b4b636e070a38bce737" ), "512256": bytes.fromhex( "164b7a7bfcf819e2e395fbe73b56e0a3" "87bd64222e831fd610270cd7ea250554" ), }, ] for v in vectors: self.assertEqual(pysodium.crypto_auth_hmacsha256(v["m"], v["k"]), v["256"]) self.assertEqual(pysodium.crypto_auth_hmacsha512(v["m"], v["k"]), v["512"]) self.assertEqual( pysodium.crypto_auth_hmacsha512256(v["m"], v["k"]), v["512256"] ) try: pysodium.crypto_auth_hmacsha256_verify(v["256"], v["m"], v["k"]) pysodium.crypto_auth_hmacsha512_verify(v["512"], v["m"], v["k"]) pysodium.crypto_auth_hmacsha512256_verify(v["512256"], v["m"], v["k"]) except Exception as e: self.assertTrue(False, f"verification fail: {e}") msg = b"pull request plz" try: key = pysodium.crypto_auth_hmacsha256_keygen() hmac = pysodium.crypto_auth_hmacsha256(msg, key) pysodium.crypto_auth_hmacsha256_verify(hmac, msg, key) except Exception: self.assertTrue(False) try: key = pysodium.crypto_auth_hmacsha256_keygen() hmac = pysodium.crypto_auth_hmacsha256(msg, key) pysodium.crypto_auth_hmacsha256_verify(hmac, msg, key) except Exception: self.assertTrue(False) try: key = pysodium.crypto_auth_hmacsha256_keygen() hmac = pysodium.crypto_auth_hmacsha256(msg, key) pysodium.crypto_auth_hmacsha256_verify(hmac, msg, key) except Exception: self.assertTrue(False) def test_crypto_box_pk_from_sk(self): pk1, sk = pysodium.crypto_box_keypair() pk2 = pysodium.crypto_scalarmult_curve25519_base(sk) self.assertEqual(pk1, pk2) def test_crypto_box_seal(self): if not pysodium.sodium_version_check(1, 0, 3): return pk, sk = pysodium.crypto_box_keypair() c = pysodium.crypto_box_seal(b"howdy", pk) self.assertEqual(pysodium.crypto_box_seal_open(c, pk, sk), b'howdy') def test_crypto_box_open(self): m = b"howdy" pk, sk = pysodium.crypto_box_keypair() n = pysodium.randombytes(pysodium.crypto_box_NONCEBYTES) c = pysodium.crypto_box(m, n, pk, sk) plaintext = pysodium.crypto_box_open(c, n, pk, sk) self.assertEqual(m, plaintext) def test_crypto_box_open_afternm(self): m = b"howdy" pk, sk = pysodium.crypto_box_keypair() k = pysodium.crypto_box_beforenm(pk, sk) n = pysodium.randombytes(pysodium.crypto_box_NONCEBYTES) c = pysodium.crypto_box_afternm(m, n, k) self.assertEqual(c, c) plaintext = pysodium.crypto_box_open_afternm(c, n, k) self.assertEqual(m, plaintext) def test_crypto_secretbox_open_detached(self): m = b"howdy" n = pysodium.randombytes(pysodium.crypto_secretbox_NONCEBYTES) k = pysodium.randombytes(pysodium.crypto_secretbox_KEYBYTES) c, mac = pysodium.crypto_secretbox_detached(m, n, k) mplain = pysodium.crypto_secretbox_open_detached(c, mac, n, k) self.assertEqual(m, mplain) changed = b"\0"*len(c) self.assertRaises(ValueError, pysodium.crypto_secretbox_open_detached, changed, mac, n, k) def test_crypto_box_open_detached(self): pk, sk = pysodium.crypto_box_keypair() n = pysodium.randombytes(pysodium.crypto_box_NONCEBYTES) c, mac = pysodium.crypto_box_detached(b"howdy", n, pk, sk) r = pysodium.crypto_box_open_detached(c, mac, n, pk, sk) self.assertEqual(r, b"howdy") changed = b"\0"*len(c) self.assertRaises(ValueError, pysodium.crypto_box_open_detached,changed, mac, n, pk, sk) def test_crypto_secretbox_open(self): k = pysodium.randombytes(pysodium.crypto_secretbox_KEYBYTES) n = pysodium.randombytes(pysodium.crypto_secretbox_NONCEBYTES) c = pysodium.crypto_secretbox(b"howdy", n, k) pysodium.crypto_secretbox_open(c, n, k) def test_crypto_secretstream_xchacha20poly1305_keygen(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() self.assertEqual(len(key), 32) # The following 3 tests verify that no exceptions are raised. Cannot check these # in any more detail as doing so would require internal knowledge of the state and # header structures, which may change. This can be assumed to be correct as long # as 'pull' test passes, it's decrypted values matches the original plain text. def test_crypto_secretstream_xchacha20poly1305_init_push(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key) def test_crypto_secretstream_xchacha20poly1305_init_pull(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key) state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key) def test_crypto_secretstream_xchacha20poly1305_push(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key) ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, 0) #---- def test_crypto_secretstream_xchacha20poly1305_pull(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key) ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL) state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key) msg, tag = pysodium.crypto_secretstream_xchacha20poly1305_pull(state2, ciphertext, None) self.assertEqual(msg, b"howdy") self.assertEqual(tag, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL) def test_crypto_secretstream_xchacha20poly1305_pull_changed_ad(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key) ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", b"some data", pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL) state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key) self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext, b"different data") def test_crypto_secretstream_xchacha20poly1305_pull_incorrect_key(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key) ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL) bad_key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, bad_key) self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext, None) def test_crypto_secretstream_xchacha20poly1305_pull_multiple(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key) ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"Correct Horse Battery Staple", None, 0) ciphertext2 = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL) # Verify decryption state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key) msg, tag = pysodium.crypto_secretstream_xchacha20poly1305_pull(state2, ciphertext, None) msg2, tag2 = pysodium.crypto_secretstream_xchacha20poly1305_pull(state2, ciphertext2, None) self.assertEqual(msg, b"Correct Horse Battery Staple") self.assertEqual(tag, 0) self.assertEqual(msg2, b"howdy") self.assertEqual(tag2, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL) def test_crypto_secretstream_xchacha20poly1305_pull_corrupted(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key) ad = 'additional data' ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"Correct Horse Battery Staple", ad, 0) # Verify error is raised if cypher text is changed state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key) self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext + 'this is a corruption'.encode(), ad) # Verify error is raised if additional data is changed ad2 = 'this is not the same' state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key) self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext, ad2) def test_crypto_secretstream_xchacha20poly1305_rekey(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key) # Encrypt two messages with intermediate re-key ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"Correct Horse Battery Staple", None, 0) pysodium.crypto_secretstream_xchacha20poly1305_rekey(state) ciphertext2 = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL) # Verify by decrypting them state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key) msg, tag = pysodium.crypto_secretstream_xchacha20poly1305_pull(state2, ciphertext, None) pysodium.crypto_secretstream_xchacha20poly1305_rekey(state2) msg2, tag2 = pysodium.crypto_secretstream_xchacha20poly1305_pull(state2, ciphertext2, None) self.assertEqual(msg, b"Correct Horse Battery Staple") self.assertEqual(tag, 0) self.assertEqual(msg2, b"howdy") self.assertEqual(tag2, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL) def test_crypto_secretstream_xchacha20poly1305_missing_rekey(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key) # Encrypt two messages with intermediate re-key ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"Correct Horse Battery Staple", None, 0) pysodium.crypto_secretstream_xchacha20poly1305_rekey(state) ciphertext2 = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL) state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key) msg, tag = pysodium.crypto_secretstream_xchacha20poly1305_pull(state2, ciphertext, None) # re-key should be here, so following call should fail self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext2, None) def test_crypto_secretstream_xchacha20poly1305_out_of_order_messeges(self): if not pysodium.sodium_version_check(1, 0, 15): return key = pysodium.crypto_secretstream_xchacha20poly1305_keygen() state, header = pysodium.crypto_secretstream_xchacha20poly1305_init_push(key) ciphertext = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"Correct Horse Battery Staple", None, 0) ciphertext2 = pysodium.crypto_secretstream_xchacha20poly1305_push(state, b"howdy", None, pysodium.crypto_secretstream_xchacha20poly1305_TAG_FINAL) # Decrypting the second message first should fail state2 = pysodium.crypto_secretstream_xchacha20poly1305_init_pull(header, key) self.assertRaises(ValueError, pysodium.crypto_secretstream_xchacha20poly1305_pull, state2, ciphertext2, None) def test_crypto_scalarmult_base(self): # In the C code, crypto_scalarmult_base just delegates to # crypto_scalarmult_curve25519_base. If libsodium changes the preferred # algorithm, this answer will change. k = binascii.unhexlify(b"e38e290880cee71a0cbb7b09328fd034c1fe4bd8838b19ab303a64a8c6b01456") expected = binascii.unhexlify(b"4aa82c2514ed88eb46085369a45ddd0db997e53bfee877c4556ab49a1581e545") actual = pysodium.crypto_scalarmult_base(k) self.assertEqual(expected, actual) def test_crypto_scalarmult_curve25519_base(self): s = pysodium.crypto_scalarmult_curve25519_base(pysodium.randombytes(pysodium.crypto_scalarmult_BYTES)) r = pysodium.crypto_scalarmult_curve25519_base(pysodium.randombytes(pysodium.crypto_scalarmult_BYTES)) pysodium.crypto_scalarmult_curve25519(s, r) def test_crypto_sign_open(self): pk, sk = pysodium.crypto_sign_keypair() signed = pysodium.crypto_sign(b'howdy', sk) changed = signed[:pysodium.crypto_sign_BYTES] + b'0' + signed[pysodium.crypto_sign_BYTES + 1:] pysodium.crypto_sign_open(signed, pk) self.assertRaises(ValueError, pysodium.crypto_sign_open, changed, pk) def test_crypto_sign_seed_keypair(self): seed = pysodium.crypto_generichash(b'howdy', outlen=pysodium.crypto_sign_SEEDBYTES) pk, sk = pysodium.crypto_sign_seed_keypair(seed) pk2, sk2 = pysodium.crypto_sign_seed_keypair(seed) self.assertEqual(pk, pk2) self.assertEqual(sk, sk2) def test_aead_aegis128l(self): if not pysodium.sodium_version_check(1, 0, 19): return key = binascii.unhexlify(b"4290bcb154173531f314af57f3be3b50") input_ = binascii.unhexlify(b"86d09974840bded2a5ca") nonce = binascii.unhexlify(b"087b5f9fadfb515388394f8035482608") ad = binascii.unhexlify(b"87e229d4500845a079c0") ct = binascii.unhexlify(b"a4fa71e3508259ff98e9e2874d98f97b7b3e14a033b835f25e335735385f604afe227394ad9032c1bcea") output = pysodium.crypto_aead_aegis128l_encrypt(input_, ad, nonce, key) self.assertEqual(bytes.hex(ct), bytes.hex(output)) output = pysodium.crypto_aead_aegis128l_decrypt(output, ad, nonce, key) self.assertEqual(output, input_) def test_aead_aegis256(self): if not pysodium.sodium_version_check(1, 0, 19): return key = binascii.unhexlify(b"4290bcb154173531f314af57f3be3b5006da371ece272afa1b5dbdd1100a1007") input_ = binascii.unhexlify(b"86d09974840bded2a5ca") nonce = binascii.unhexlify(b"087b5f9fadfb515388394f8035482608e17b07153e560e301406cfad9f12c164") ad = binascii.unhexlify(b"87e229d4500845a079c0") ct = binascii.unhexlify(b"5b0b85a1a45a52e0950b2336fa9df3aacd14862fc4e7f670eafd04d6697be30973fa0f6c82cdfbfb1b7a") output = pysodium.crypto_aead_aegis256_encrypt(input_, ad, nonce, key) self.assertEqual(bytes.hex(ct), bytes.hex(output)) output = pysodium.crypto_aead_aegis256_decrypt(output, ad, nonce, key) self.assertEqual(output, input_) def test_aead_chacha20poly1305(self): key = binascii.unhexlify(b"4290bcb154173531f314af57f3be3b5006da371ece272afa1b5dbdd1100a1007") input_ = binascii.unhexlify(b"86d09974840bded2a5ca") nonce = binascii.unhexlify(b"cd7cf67be39c794a") ct_common = b"e3e446f7ede9a19b62a4" for ad, ct in [ (binascii.unhexlify(b"87e229d4500845a079c0"), b"677dabf4e3d24b876bb284753896e1d6"), (None, b"69e7789bcd954e658ed38423e23161dc"), ]: output = pysodium.crypto_aead_chacha20poly1305_encrypt(input_, ad, nonce, key) self.assertEqual(binascii.unhexlify(ct_common + ct), output) output = pysodium.crypto_aead_chacha20poly1305_decrypt(output, ad, nonce, key) self.assertEqual(output, input_) def test_aead_chacha20poly1305_detached(self): if not pysodium.sodium_version_check(1, 0, 9): return key = binascii.unhexlify(b"4290bcb154173531f314af57f3be3b5006da371ece272afa1b5dbdd1100a1007") input_ = binascii.unhexlify(b"86d09974840bded2a5ca") nonce = binascii.unhexlify(b"cd7cf67be39c794a") for ad, ct in [ (binascii.unhexlify(b"87e229d4500845a079c0"), b"677dabf4e3d24b876bb284753896e1d6"), (None, b"69e7789bcd954e658ed38423e23161dc"), ]: output, mac = pysodium.crypto_aead_chacha20poly1305_encrypt_detached(input_, ad, nonce, key) self.assertEqual(binascii.unhexlify(b"e3e446f7ede9a19b62a4"), output) self.assertEqual(binascii.unhexlify(ct), mac) output = pysodium.crypto_aead_chacha20poly1305_decrypt_detached(output, mac, ad, nonce, key) self.assertEqual(output, input_) def test_aead_chacha20poly1305_ietf(self): if not pysodium.sodium_version_check(1, 0, 4): return key = binascii.unhexlify(b"4290bcb154173531f314af57f3be3b5006da371ece272afa1b5dbdd1100a1007") input_ = binascii.unhexlify(b"86d09974840bded2a5ca") nonce = binascii.unhexlify(b"cd7cf67be39c794acd7cf67b") for ad in [binascii.unhexlify(b"87e229d4500845a079c0"), None]: output = pysodium.crypto_aead_chacha20poly1305_ietf_encrypt(input_, ad, nonce, key) output = pysodium.crypto_aead_chacha20poly1305_ietf_decrypt(output, ad, nonce, key) self.assertEqual(output, input_) def test_aead_chacha20poly1305_ietf_detached(self): if not pysodium.sodium_version_check(1, 0, 9): return key = binascii.unhexlify(b"4290bcb154173531f314af57f3be3b5006da371ece272afa1b5dbdd1100a1007") input_ = binascii.unhexlify(b"86d09974840bded2a5ca") nonce = binascii.unhexlify(b"cd7cf67be39c794acd7cf67b") for ad, ct in [ (binascii.unhexlify(b"87e229d4500845a079c0"), b"09394ed41cf16d3c0820c5e0caf8a7bf"), (None, b"07bf99e3c0d8aaac48c04e1f93b12a63"), ]: output, mac = pysodium.crypto_aead_chacha20poly1305_ietf_encrypt_detached(input_, ad, nonce, key) self.assertEqual(binascii.unhexlify(b"eef4c561bdda5ef7e044"), output) self.assertEqual(binascii.unhexlify(ct), mac) output = pysodium.crypto_aead_chacha20poly1305_ietf_decrypt_detached(output, mac, ad, nonce, key) self.assertEqual(output, input_) def test_aead_xchacha20poly1305_ietf(self): if not pysodium.sodium_version_check(1, 0, 12): return key = binascii.unhexlify(b"4290bcb154173531f314af57f3be3b5006da371ece272afa1b5dbdd1100a1007") input_ = binascii.unhexlify(b"86d09974840bded2a5ca") nonce = binascii.unhexlify(b"cd7cf67be39c794acd7cf67bcd7cf67be39c794acd7cf67b") for ad in [binascii.unhexlify(b"87e229d4500845a079c0"), None]: output = pysodium.crypto_aead_xchacha20poly1305_ietf_encrypt(input_, ad, nonce, key) output = pysodium.crypto_aead_xchacha20poly1305_ietf_decrypt(output, ad, nonce, key) self.assertEqual(output, input_) def test_crypto_stream_chacha20_xor(self): key = binascii.unhexlify(b"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f") nonce = binascii.unhexlify(b"0001020304050607") input_ = b'\x00' * 256 output = pysodium.crypto_stream_chacha20_xor(input_, nonce, key) self.assertEqual(binascii.unhexlify(b"f798a189f195e66982105ffb640bb7757f579da31602fc93ec01ac56f85ac3c134a4547b733b46413042c9440049176905d3be59ea1c53f15916155c2be8241a38008b9a26bc35941e2444177c8ade6689de95264986d95889fb60e84629c9bd9a5acb1cc118be563eb9b3a4a472f82e09a7e778492b562ef7130e88dfe031c79db9d4f7c7a899151b9a475032b63fc385245fe054e3dd5a97a5f576fe064025d3ce042c566ab2c507b138db853e3d6959660996546cc9c4a6eafdc777c040d70eaf46f76dad3979e5c5360c3317166a1c894c94a371876a94df7628fe4eaaf2ccb27d5aaae0ad7ad0f9d4b6ad3b54098746d4524d38407a6deb3ab78fab78c9"), output) def test_crypto_stream_chacha20_xor_ic(self): key = binascii.unhexlify(b"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f") nonce = binascii.unhexlify(b"0001020304050607") input_ = b'\x00' * 128 ic = 2 output = pysodium.crypto_stream_chacha20_xor_ic(input_, nonce, ic, key) self.assertEqual(binascii.unhexlify(b"9db9d4f7c7a899151b9a475032b63fc385245fe054e3dd5a97a5f576fe064025d3ce042c566ab2c507b138db853e3d6959660996546cc9c4a6eafdc777c040d70eaf46f76dad3979e5c5360c3317166a1c894c94a371876a94df7628fe4eaaf2ccb27d5aaae0ad7ad0f9d4b6ad3b54098746d4524d38407a6deb3ab78fab78c9"), output) def test_crypto_stream_chacha20_ietf_xor(self): key = binascii.unhexlify(b"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f") nonce = binascii.unhexlify(b"000000090000004a00000000") input_ = b'\x00' * 256 output = pysodium.crypto_stream_chacha20_ietf_xor(input_, nonce, key) self.assertEqual(binascii.unhexlify(b"8adc91fd9ff4f0f51b0fad50ff15d637e40efda206cc52c783a74200503c1582cd9833367d0a54d57d3c9e998f490ee69ca34c1ff9e939a75584c52d690a35d410f1e7e4d13b5915500fdd1fa32071c4c7d1f4c733c068030422aa9ac3d46c4ed2826446079faa0914c2d705d98b02a2b5129cd1de164eb9cbd083e8a2503c4e0a88837739d7bf4ef8ccacb0ea2bb9d69d56c394aa351dfda5bf459f0a2e9fe8e721f89255f9c486bf21679c683d4f9c5cf2fa27865526005b06ca374c86af3bdcbfbdcb83be65862ed5c20eae5a43241d6a92da6dca9a156be25297f51c27188a861e93cc3aeb129a76598baccd27453ac6941b4b4e1e5153a9fee95d1ba00e"), output) def test_crypto_stream_chacha20_ietf_xor_ic(self): key = binascii.unhexlify(b"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f") nonce = binascii.unhexlify(b"000000090000004a00000000") input_ = b'\x00' * 128 ic = 2 output = pysodium.crypto_stream_chacha20_ietf_xor_ic(input_, nonce, ic, key) self.assertEqual(binascii.unhexlify(b"0a88837739d7bf4ef8ccacb0ea2bb9d69d56c394aa351dfda5bf459f0a2e9fe8e721f89255f9c486bf21679c683d4f9c5cf2fa27865526005b06ca374c86af3bdcbfbdcb83be65862ed5c20eae5a43241d6a92da6dca9a156be25297f51c27188a861e93cc3aeb129a76598baccd27453ac6941b4b4e1e5153a9fee95d1ba00e"), output) def test_crypto_stream_xchacha20_xor(self): # test vectors taken from: # https://github.com/jedisct1/libsodium/blob/609e42be75589f91179d218e24f5e35a7124abfd/test/default/xchacha20.c#L102 key = binascii.unhexlify("9d23bd4149cb979ccf3c5c94dd217e9808cb0e50cd0f67812235eaaf601d6232") nonce = binascii.unhexlify("c047548266b7c370d33566a2425cbf30d82d1eaf5294109e") out = binascii.unhexlify("a21209096594de8c5667b1d13ad93f744106d054df210e4782cd396fec692d3515a20bf351eec011a92c367888bc464c32f0807acd6c203a247e0db854148468e9f96bee4cf718d68d5f637cbd5a376457788e6fae90fc31097cfc") output = pysodium.crypto_stream_xchacha20_xor(out, nonce, key) self.assertEqual(b'\x00'*len(output), output) def test_crypto_stream_xchacha20_xor_ic(self): key = binascii.unhexlify("9d23bd4149cb979ccf3c5c94dd217e9808cb0e50cd0f67812235eaaf601d6232") nonce = binascii.unhexlify("c047548266b7c370d33566a2425cbf30d82d1eaf5294109e") out = binascii.unhexlify("a21209096594de8c5667b1d13ad93f744106d054df210e4782cd396fec692d3515a20bf351eec011a92c367888bc464c32f0807acd6c203a247e0db854148468e9f96bee4cf718d68d5f637cbd5a376457788e6fae90fc31097cfc") output = pysodium.crypto_stream_xchacha20_xor_ic(out, nonce, 0, key) self.assertEqual(b'\x00'*len(output), output) def test_crypto_blake2b(self): message = binascii.unhexlify(b'54686520717569636b2062726f776e20666f78206a756d7073206f76657220746865206c617a7920646f67') key = binascii.unhexlify(b'000102030405060708090a0b0c0d0e0f') # Test vectors generated from the blake2b reference implementation self.assertEqual(pysodium.crypto_generichash_blake2b_salt_personal(message, key = key), binascii.unhexlify(b'0f44eda51dba98442425d486b89962647c1a6e0e8b98a93e7090bf849a5156da')) self.assertEqual(pysodium.crypto_generichash_blake2b_salt_personal(message, personal = key), binascii.unhexlify(b'8c68aecca4b50e91aebaf8c53bde15b68c01b13d571a772fcb8b432affa52a7c')) self.assertEqual(pysodium.crypto_generichash_blake2b_salt_personal(message, salt = key), binascii.unhexlify(b'43b7feaa91019d0d5b492357fb923211af827d6126af28ccc1874e70bc2177f8')) self.assertEqual(pysodium.crypto_generichash_blake2b_salt_personal(message, personal = key[0:8]), binascii.unhexlify(b'31353589b3f179cda74387fbe1deca94f004661f05cde2295a16c0a8d8ead79b')) self.assertEqual(pysodium.crypto_generichash_blake2b_salt_personal(message, salt = key[0:8]), binascii.unhexlify(b'11c29bf7b91b8500a463f27e215dc83afdb71ed5e959f0847e339769c4835fc7')) self.assertEqual(pysodium.crypto_generichash_blake2b_salt_personal(message, personal = key, key = key), binascii.unhexlify(b'5a0b3db4bf2dab71485211447fc2014391228cc6c1acd2f3031050a9a32ca407')) def test_crypto_pwhash(self): if not pysodium.sodium_version_check(1, 0, 9): return pw = "Correct Horse Battery Staple" salt = binascii.unhexlify(b'0f58b94c7a369fd8a9a7083e4cd75266') out = pysodium.crypto_pwhash(pysodium.crypto_auth_KEYBYTES, pw, salt, pysodium.crypto_pwhash_argon2i_OPSLIMIT_INTERACTIVE, pysodium.crypto_pwhash_argon2i_MEMLIMIT_INTERACTIVE, pysodium.crypto_pwhash_ALG_ARGON2I13) self.assertEqual(binascii.hexlify(out), b'79db3095517c7358449d84ee3b2f81f0e9907fbd4e0bae4e0bcc6c79821427dc') def test_crypto_pwhash_storage(self): if not pysodium.sodium_version_check(1, 0, 9): return pw = "Correct Horse Battery Staple" pstr = pysodium.crypto_pwhash_str(pw, pysodium.crypto_pwhash_OPSLIMIT_INTERACTIVE, pysodium.crypto_pwhash_MEMLIMIT_INTERACTIVE) self.assertTrue(pysodium.crypto_pwhash_str_verify(pstr, pw)) def test_crypto_pwhash_scryptsalsa208sha256(self): passwd = b'Correct Horse Battery Staple' other_passwd = b'correct horse battery staple' salt = binascii.unhexlify(b'4206baae5578933d7cfb315b1c257cc7af162965a91a74ccbb1cfa1d747eb691') other_salt = binascii.unhexlify(b'4206baae5578933d7cfb315b1c257cc7af162965a91a74ccbb1cfa1d747eb692') # Use very small limits to avoid burning resources in CI mem_limit = 16777216 ops_limit = 32768 key16 = pysodium.crypto_pwhash_scryptsalsa208sha256(16, passwd, salt, ops_limit, mem_limit) self.assertEqual(len(key16), 16) self.assertEqual(key16, b'U\x18aL\xcf\xc9\xa3\xf6(\x8f\xed)\xeej8\xdf') key = pysodium.crypto_pwhash_scryptsalsa208sha256(32, passwd, salt, ops_limit, mem_limit) self.assertEqual(len(key), 32) self.assertEqual(key, b'U\x18aL\xcf\xc9\xa3\xf6(\x8f\xed)\xeej8\xdfG\x82hf+vu\xcd\x9c\xdb\xbcmt\xf7\xf1\x10') self.assertNotEqual(key, pysodium.crypto_pwhash_scryptsalsa208sha256(32, passwd, other_salt, ops_limit, mem_limit)) self.assertNotEqual(key, pysodium.crypto_pwhash_scryptsalsa208sha256(32, other_passwd, salt, ops_limit, mem_limit)) def test_crypto_pwhash_scryptsalsa208sha256_str(self): passwd = b'Correct Horse Battery Staple' # Use very small limits to avoid burning resources in CI mem_limit = 16777216 ops_limit = 32768 storage_string = pysodium.crypto_pwhash_scryptsalsa208sha256_str(passwd, ops_limit, mem_limit) self.assertTrue(storage_string.startswith(pysodium.crypto_pwhash_scryptsalsa208sha256_STRPREFIX)) self.assertNotEqual(storage_string, pysodium.crypto_pwhash_scryptsalsa208sha256_str(passwd, ops_limit, mem_limit), "Each call should compute a new random salt.") def test_crypto_pwhash_scryptsalsa208sha256_str_verify(self): passwd = b'Correct Horse Battery Staple' other_passwd = b'correct horse battery staple' # Use very small limits to avoid burning resources in CI mem_limit = 16777216 ops_limit = 32768 storage_string = pysodium.crypto_pwhash_scryptsalsa208sha256_str(passwd, ops_limit, mem_limit) pysodium.crypto_pwhash_scryptsalsa208sha256_str_verify(storage_string, passwd) self.assertRaises(ValueError, pysodium.crypto_pwhash_scryptsalsa208sha256_str_verify, storage_string, other_passwd) self.assertRaises(ValueError, pysodium.crypto_pwhash_scryptsalsa208sha256_str_verify, storage_string[:-1], passwd) self.assertRaises(ValueError, pysodium.crypto_pwhash_scryptsalsa208sha256_str_verify, storage_string + b'a', passwd) def test_crypto_sign_sk_to_pk(self): pk, sk = pysodium.crypto_sign_keypair() pk2 = pysodium.crypto_sign_sk_to_pk(sk) self.assertEqual(pk, pk2) def test_crypto_sign_sk_to_seed(self): seed1 = pysodium.crypto_generichash(b'howdy', outlen=pysodium.crypto_sign_SEEDBYTES) _, sk = pysodium.crypto_sign_seed_keypair(seed1) seed2 = pysodium.crypto_sign_sk_to_seed(sk) self.assertEqual(seed1, seed2) def test_AsymCrypto_With_Seeded_Keypair(self): msg = b"correct horse battery staple" nonce = pysodium.randombytes(pysodium.crypto_box_NONCEBYTES) pk, sk = pysodium.crypto_box_seed_keypair(b"\x00" * pysodium.crypto_box_SEEDBYTES) c = pysodium.crypto_box(msg, nonce, pk, sk) m = pysodium.crypto_box_open(c, nonce, pk, sk) self.assertEqual(msg, m) def test_crypto_hash_sha256(self): self.assertEqual(self.byteHashToString(pysodium.crypto_hash_sha256(b"test")), "9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08") self.assertEqual(self.byteHashToString(pysodium.crypto_hash_sha256(b"howdy")), "0f1128046248f83dc9b9ab187e16fad0ff596128f1524d05a9a77c4ad932f10a") self.assertEqual(self.byteHashToString(pysodium.crypto_hash_sha256(b"Correct Horse Battery Staple")), "af139fa284364215adfa49c889ab7feddc5e5d1c52512ffb2cfc9baeb67f220e") self.assertEqual(self.byteHashToString(pysodium.crypto_hash_sha256(b"pysodium")), "0a53ef9bc1bea173118a42bbbe8300abb6bbef83139046940e9593d9559a5df7") self.assertEqual(self.byteHashToString(pysodium.crypto_hash_sha256(b"\x80")), "76be8b528d0075f7aae98d6fa57a6d3c83ae480a8469e668d7b0af968995ac71") def test_crypto_hash_sha512(self): self.assertEqual(self.byteHashToString(pysodium.crypto_hash_sha512(b"test")), "ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff") self.assertEqual(self.byteHashToString(pysodium.crypto_hash_sha512(b"howdy")), "905caca5c4685f296c5491d38660d7720ee87bef08f829332e905593522907674de8490de46c969d2c585b40af40439b387562d6f776023507753d1a9554ebbb") self.assertEqual(self.byteHashToString(pysodium.crypto_hash_sha512(b"Correct Horse Battery Staple")), "0675070bda47bef936f0b65ae721d90f82ca137841df4d7cae27776501ae4b446ab926d64dc1d282c8758ac0eb02cc4aa11b2452d4f8ffeb795023b797fe2b80") self.assertEqual(self.byteHashToString(pysodium.crypto_hash_sha512(b"pysodium")), "ecbc6f4ffdb6e6dcbe6e6beecf0b8e05c11b0cc8a56f2b4098cd613585749fcca5ed1cfda3518e33a5d2c63746ee2857ff6857b9a2eeda4cc208c1e7fd89cc17") self.assertEqual(self.byteHashToString(pysodium.crypto_hash_sha512(b"\x80")), "dfe8ef54110b3324d3b889035c95cfb80c92704614bf76f17546ad4f4b08218a630e16da7df34766a975b3bb85b01df9e99a4ec0a1d0ec3de6bed7b7a40b2f10") def test_crypto_hash_sha512_steps(self): s = pysodium.crypto_hash_sha512_init() pysodium.crypto_hash_sha512_update(s, b"Correct Horse ") pysodium.crypto_hash_sha512_update(s, b"Battery Staple") self.assertEqual(self.byteHashToString(pysodium.crypto_hash_sha512_final(s)), "0675070bda47bef936f0b65ae721d90f82ca137841df4d7cae27776501ae4b446ab926d64dc1d282c8758ac0eb02cc4aa11b2452d4f8ffeb795023b797fe2b80") def byteHashToString(self, input): return binascii.hexlify(input).decode('utf8') def test_crypto_auth(self): sk = pysodium.randombytes(pysodium.crypto_auth_KEYBYTES) tag = pysodium.crypto_auth("howdy", sk) pysodium.crypto_auth_verify(tag, "howdy", sk) def test_crypto_kdf_keygen(self): key = pysodium.crypto_kdf_keygen() self.assertEqual(pysodium.crypto_kdf_KEYBYTES, len(key)) def test_crypto_kdf_derive_from_key(self): # https://github.com/jedisct1/libsodium/blob/master/test/default/kdf.exp expected_subkey = bytes.fromhex("a0c724404728c8bb95e5433eb6a9716171144d61efb23e74b873fcbeda51d8071b5d70aae12066dfc94ce943f145aa176c055040c3dd73b0a15e36254d450614") subkey_id = 0 ctx = b'KDF test' key = bytes.fromhex("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f") self.assertEqual(expected_subkey, pysodium. crypto_kdf_derive_from_key(pysodium.crypto_kdf_BYTES_MAX, subkey_id, ctx, key)) expected_subkey = bytes.fromhex("02507f144fa9bf19010bf7c70b235b4c2663cc00e074f929602a5e2c10a780757d2a3993d06debc378a90efdac196dd841817b977d67b786804f6d3cd585bab5") subkey_id = 1 ctx = b'KDF test' key = bytes.fromhex("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f") self.assertEqual(expected_subkey, pysodium.crypto_kdf_derive_from_key(pysodium.crypto_kdf_BYTES_MAX, subkey_id, ctx, key)) def test_crypto_kdf_hkdf_sha256(self): # test vectors: https://datatracker.ietf.org/doc/html/rfc5869 if not pysodium.sodium_version_check(1, 0, 19): return expected_prk = bytes.fromhex("077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5") expected_out = bytes.fromhex("3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865") ikm = bytes.fromhex("0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b") salt = bytes.fromhex("000102030405060708090a0b0c") ctx = bytes.fromhex("f0f1f2f3f4f5f6f7f8f9") outlen = 42 self.assertEqual(expected_prk, pysodium.crypto_kdf_hkdf_sha256_extract(salt, ikm)) self.assertEqual(expected_out, pysodium.crypto_kdf_hkdf_sha256_expand(outlen, expected_prk, ctx)) expected_prk = bytes.fromhex("06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244") expected_out = bytes.fromhex("b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87") ikm = bytes.fromhex("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f") salt = bytes.fromhex("606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf") ctx = bytes.fromhex("b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff") outlen = 82 self.assertEqual(expected_prk, pysodium.crypto_kdf_hkdf_sha256_extract(salt, ikm)) self.assertEqual(expected_out, pysodium.crypto_kdf_hkdf_sha256_expand(outlen, expected_prk, ctx)) expected_prk = bytes.fromhex("19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04") expected_out = bytes.fromhex("8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8") ikm = bytes.fromhex("0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b") salt = bytes.fromhex("") ctx = bytes.fromhex("") outlen = 42 state = pysodium.crypto_kdf_hkdf_sha256_extract_init(salt) state = pysodium.crypto_kdf_hkdf_sha256_extract_update(state, ikm) self.assertEqual(expected_prk, pysodium.crypto_kdf_hkdf_sha256_extract_final(state)) self.assertEqual(expected_out, pysodium.crypto_kdf_hkdf_sha256_expand(outlen, expected_prk, ctx)) def test_crypto_kdf_hkdf_sha512(self): if not pysodium.sodium_version_check(1, 0, 19): return expected_prk = bytes.fromhex("665799823737ded04a88e47e54a5890bb2c3d247c7a4254a8e61350723590a26c36238127d8661b88cf80ef802d57e2f7cebcf1e00e083848be19929c61b4237") expected_out = bytes.fromhex("832390086cda71fb47625bb5ceb168e4c8e26a1a16ed34d9fc7fe92c1481579338da362cb8d9f925d7cb") ikm = bytes.fromhex("0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b") salt = bytes.fromhex("000102030405060708090a0b0c") ctx = bytes.fromhex("f0f1f2f3f4f5f6f7f8f9") outlen = 42 self.assertEqual(expected_prk, pysodium.crypto_kdf_hkdf_sha512_extract(salt, ikm)) self.assertEqual(expected_out, pysodium.crypto_kdf_hkdf_sha512_expand(outlen, expected_prk, ctx)) def test_crypto_kx(self): if not pysodium.sodium_version_check(1, 0, 12): return client_pk, client_sk = pysodium.crypto_kx_keypair() server_pk, server_sk = pysodium.crypto_kx_keypair() crx, ctx = pysodium.crypto_kx_client_session_keys(client_pk, client_sk, server_pk) srx, stx = pysodium.crypto_kx_server_session_keys(server_pk, server_sk, client_pk) self.assertEqual(crx, stx) self.assertEqual(ctx, srx) def test_sodium_inc(self): r = b'A' * 32 pysodium.sodium_increment(r) self.assertEqual(r, b'BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA') def test_crypto_core_ristretto255_scalar_random(self): if not pysodium.sodium_version_check(1, 0, 18): return a = pysodium.crypto_core_ristretto255_scalar_random() b = pysodium.crypto_core_ristretto255_scalar_random() # stupid check that random returns different values... self.assertNotEqual(a,b) def test_crypto_core_ristretto255_random(self): if not pysodium.sodium_version_check(1, 0, 18): return a = pysodium.crypto_core_ristretto255_random() b = pysodium.crypto_core_ristretto255_random() # same stupid check that random returns different values... self.assertNotEqual(a,b) def test_crypto_core_ristretto255_is_valid_point(self): if not pysodium.sodium_version_check(1, 0, 18): return invalid = binascii.unhexlify(b"ecffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f") self.assertEqual(False, pysodium.crypto_core_ristretto255_is_valid_point(invalid)) invalid = binascii.unhexlify(b"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f") self.assertEqual(False, pysodium.crypto_core_ristretto255_is_valid_point(invalid)) def test_crypto_core_ristretto255_from_hash(self): if not pysodium.sodium_version_check(1, 0, 18): return h = pysodium.crypto_generichash(b'howdy', outlen=pysodium.crypto_core_ristretto255_HASHBYTES) p = pysodium.crypto_core_ristretto255_from_hash(h) pysodium.crypto_core_ristretto255_is_valid_point(p) def test_crypto_scalarmult_ristretto255_base(self): if not pysodium.sodium_version_check(1, 0, 18): return p = pysodium.crypto_scalarmult_ristretto255_base(pysodium.crypto_core_ristretto255_scalar_random()) pysodium.crypto_core_ristretto255_is_valid_point(p) def test_crypto_scalarmult_ristretto255(self): if not pysodium.sodium_version_check(1, 0, 18): return n = pysodium.crypto_scalarmult_ristretto255_base(pysodium.crypto_core_ristretto255_scalar_random()) p = pysodium.crypto_scalarmult_ristretto255_base(pysodium.crypto_core_ristretto255_scalar_random()) r = pysodium.crypto_scalarmult_ristretto255(n, p) pysodium.crypto_core_ristretto255_is_valid_point(r) def test_crypto_core_ristretto255_scalar_invert(self): if not pysodium.sodium_version_check(1, 0, 18): return s = pysodium.crypto_core_ristretto255_scalar_random() r = pysodium.crypto_core_ristretto255_scalar_invert(s) p = pysodium.crypto_scalarmult_ristretto255_base(pysodium.crypto_core_ristretto255_scalar_random()) q = pysodium.crypto_scalarmult_ristretto255(s, p) p_ = pysodium.crypto_scalarmult_ristretto255(r, q) self.assertEqual(p,p_) def test_crypto_core_ristretto255_add_sub(self): if not pysodium.sodium_version_check(1, 0, 18): return p = pysodium.crypto_core_ristretto255_random() q = pysodium.crypto_core_ristretto255_random() p_q = pysodium.crypto_core_ristretto255_add(p, q) r = pysodium.crypto_core_ristretto255_sub(p_q,q) self.assertEqual(p,r) def test_crypto_core_ristretto255_scalar_add_sub(self): if not pysodium.sodium_version_check(1, 0, 18): return x = pysodium.crypto_core_ristretto255_scalar_random() y = pysodium.crypto_core_ristretto255_scalar_random() x_y = pysodium.crypto_core_ristretto255_scalar_add(x,y) r = pysodium.crypto_core_ristretto255_scalar_sub(x_y,y) p1 = pysodium.crypto_scalarmult_ristretto255_base(x) p2 = pysodium.crypto_scalarmult_ristretto255_base(r) self.assertEqual(p1,p2) def test_crypto_core_ristretto255_scalar_negate(self): if not pysodium.sodium_version_check(1, 0, 18): return s = pysodium.crypto_core_ristretto255_scalar_random() r = pysodium.crypto_core_ristretto255_scalar_negate(s) # s + neg(s) = 0 mod L s_r = pysodium.crypto_core_ristretto255_scalar_add(s,r) self.assertEqual(s_r,b"\x00"*32) def test_crypto_core_ristretto255_scalar_complement(self): if not pysodium.sodium_version_check(1, 0, 18): return x = pysodium.crypto_core_ristretto255_scalar_random() x_ = pysodium.crypto_core_ristretto255_scalar_complement(x) # x + complement(x) = 1 mod L one = pysodium.crypto_core_ristretto255_scalar_add(x,x_) self.assertEqual(one,b'\x01'+b"\x00"*31) def test_crypto_core_ristretto255_scalar_mul(self): if not pysodium.sodium_version_check(1, 0, 18): return two = b'\x02' + b'\x00' * 31 four_mul = pysodium.crypto_core_ristretto255_scalar_mul(two,two) four_add = pysodium.crypto_core_ristretto255_scalar_add(two,two) self.assertEqual(four_mul,four_add) x = pysodium.crypto_core_ristretto255_scalar_random() one = b'\x01' + b'\x00' * 31 r = pysodium.crypto_core_ristretto255_scalar_mul(x,one) self.assertEqual(x,r) if __name__ == '__main__': unittest.main()