High-level Python3 cryptography library using cryptography with sensible configurable defaults and CLI scripts.
cryptopyutils
can be used to :
- encrypt ("derive") and verify passwords.
- generate, save and load Asymmetric encryption keys and certificates :
- private keys/public keys (RSA, ED25519, ECDSA, DSA, etc).
- generate, save and load x509 Certificate Signing Request (CSR).
- generate, save and load x509 Certificates, particularly self-signed certificates, to be used in SSL applications.
- encrypt or decrypt messages with RSA.
- sign and verify messages with asymetric encryption. It works with small messages or in digest mode.
- perform constant time comparisons between two series of bytes (prevents timing attacks).
Please provide feedback to @dheurtevent1.
Caution!
USE AT YOUR OWN RISK. Has been tested only on Ubuntu 20.04 (Linux) with python 3.9.12.
This library requires python cryptography
, distro
and pyaml
(for the CLI examples)
$ pip install cryptography distro pyaml
cryptography uses openSSL as its backend engine.
$ pip install cryptopyutils
cryptopyutils
is free open source software. It is released under the Apache 2.0 licence.- You are free to incorporate the library and/or its CLI in your open-source or proprietary projects.
To use the library
You can read the following how to guides:
You can also read the source code of other examples.
In addition, you can have a look at the API and at the source code in the Github repository.
To use the CLI examples
You can have a look at the CLI page.
- The code is documented, tested (>70 tests) and provided with examples.
- Defaults can be provided at run time by developers or can be modified in the config.py file.
- The default values use the NIST recommendations and recommendations of the cryptography packages, as well as :
- cryptopyutils has a goal of strong API stability policy:
- Public API shall not be removed or renamed without providing a compatibility alias.
- The behavior of existing APIs shall not change.
- Exceptions to API stability are for security purposes to resolve security issues or harden the library against a possible attack or underlying changes in cryptography.