py-seccure
Simple Elliptic Curve Cryptography for Python compatible with the excellent SECCURE command line utility (version 0.5). It's licensed under LGPLv3. See LICENSE.
Do not use ``py-seccure`` when its operation can be timed by an attacker. See timing attack.
Usage
Public key from private
To get the public key from the private, you can use the original commandline utility:
$ seccure-key Assuming curve p160. Enter private key: my private key The public key is: 8W;>i^H0qi|J&$coR5MFpR*Vn
In Python:
>>> import seccure
>>> str(seccure.passphrase_to_pubkey(b'my private key'))
'8W;>i^H0qi|J&$coR5MFpR*Vn'
Encrypting a string
To encrypt for a public key, one would use the original commandline utility as follows.
$ seccure-encrypt -o private.msg '8W;>i^H0qi|J&$coR5MFpR*Vn' Assuming MAC length of 80 bits. Go ahead and type your message ... This is a very very secret message! ^D
In Python:
>>> ciphertext = seccure.encrypt(b'This is a very secret message\n', b'8W;>i^H0qi|J&$coR5MFpR*Vn')
>>> ciphertext
'\x00\x146\x17\xe9\xc1\x1a\x7fkX\xec\xa0n,h\xb4\xd0\x98\xeaO[\xf8\xfa\x85\xaa\xb37!\xf0j\x0e\xd4\xd0\x8b\xfe}\x8a\xd2+\xf2\xceu\x07\x90K2E\x12\x1d\xf1\xd8\x8f\xc6\x91\t<w\x99\x1b9\x98'
There is a shorthand to encrypt a file:
>>> seccure.encrypt_file('/path/to/file', '/path/to/file.enc', '8W;>i^H0qi|J&$coR5MFpR*Vn')
Decrypting
To decrypt the message with the original utility:
$ seccure-decrypt -i private.msg Assuming MAC length of 80 bits. Assuming curve p160. Enter private key: my private key This is a very very secret message! Integrity check successful, message unforged!
In Python:
>>> seccure.decrypt(ciphertext, b'my private key')
'This is a very secret message\n'
And to decrypt a file:
>>> seccure.decrypt_file('/path/to/file.enc', '/path/to/file', b'my private key')
Creating a signature
To create a signature:
$ seccure-sign Assuming curve p160. Enter private key: my private key Go ahead and type your message ... This message will be signed ^D Signature: $HPI?t(I*1vAYsl$|%21WXND=6Br*[>k(OR9B!GOwHqL0s+3Uq
In Python:
>>> seccure.sign(b'This message will be signed\n', b'my private key')
'$HPI?t(I*1vAYsl$|%21WXND=6Br*[>k(OR9B!GOwHqL0s+3Uq'
Verifying a signature
To verify a signature:
$ seccure-verify '8W;>i^H0qi|J&$coR5MFpR*Vn' '$HPI?t(I*1vAYsl$|%21WXND=6Br*[>k(OR9B!GOwHqL0s+3Uq' Go ahead and type your message ... This message will be signed ^D Signature successfully verified!
In Python:
>>> seccure.verify(b'This message will be signed\n', b'$HPI?t(I*1vAYsl$|%21WXND=6Br*[>k(OR9B!GOwHqL0s+3Uq', b'8W;>i^H0qi|J&$coR5MFpR*Vn')
True
Installation
On Debian Wheezy
$ apt-get install libgmp3-dev build-essential python-dev python-pip libmpfr-dev libmpc-dev $ pip install seccure
On Ubuntu
$ apt-get install libgmp-dev build-essential python-dev python-pip libmpfr-dev libmpc-dev $ pip install seccure
On Mac with MacPorts
$ port install py27-gmpy2 $ pip install seccure
Please contribute!
To help out, you could:
- Test and report any bugs or other difficulties.
- Implement missing features, such as
seccure-dh
,seccure-veridec
andseccure-signcrypt
. - Package py-seccure (or the original SECCURE itself) for your platform.
- Write more unit tests.