vantage6.common.encryption.RSACryptor#
- class RSACryptor(private_key_file)#
Bases:
CryptorBase
Wrapper class for the cryptography package.
It loads the private key, and has an interface to encrypt en decrypt messages. If no private key is found, it can generate one, and store it at the default location. The encrpytion can be done via a public key from another organization, make sure the key is in the right data-type.
Communication between node and server requires serialization (and deserialization) of the encrypted messages (which are in bytes). The API can not communicate bytes, therefore a base64 conversion needs to be executed (and also a utf-8 encoding needs to be applied because of the way python implemented base64). The same goes for sending and receiving the public_key.
- Parameters:
private_key_file (Path) – The path to the private key file.
- __init__(private_key_file)#
Create a new RSACryptor instance.
- Parameters:
private_key_file (Path) – The path to the private key file.
Methods
__init__
(private_key_file)Create a new RSACryptor instance.
bytes_to_str
(data)Encode bytes as base64 encoded string.
create_new_rsa_key
(path)Creates a new RSA key for E2EE.
create_public_key_bytes
(private_key)Create a public key from a private key.
decrypt_str_to_bytes
(data)Decrypt base64 encoded string data.
encrypt_bytes_to_str
(data, pubkey_base64s)Encrypt bytes in data using a (base64 encoded) public key.
str_to_bytes
(data)Decode base64 encoded string to bytes.
verify_public_key
(pubkey_base64)Verifies the public key.
Attributes
Returns the public key bytes from the organization.
Returns a JSON safe public key, used for the API.
- static bytes_to_str(data)#
Encode bytes as base64 encoded string.
- Parameters:
data (bytes) – The data to encode.
- Returns:
The base64 encoded string.
- Return type:
str
- static create_new_rsa_key(path)#
Creates a new RSA key for E2EE.
- Parameters:
path (Path) – The path to the private key file.
- Returns:
The newly created private key.
- Return type:
RSAPrivateKey
- static create_public_key_bytes(private_key)#
Create a public key from a private key.
- Parameters:
private_key (RSAPrivateKey) – The private key to use.
- Returns:
The public key as bytes.
- Return type:
bytes
- decrypt_str_to_bytes(data)#
Decrypt base64 encoded string data.
- Parameters:
data (str) – The data to decrypt.
- Returns:
The decrypted data.
- Return type:
bytes
- encrypt_bytes_to_str(data, pubkey_base64s)#
Encrypt bytes in data using a (base64 encoded) public key.
- Parameters:
data (bytes) – The data to encrypt.
pubkey_base64s (str) – The public key to use for encryption.
- Returns:
The encrypted data encoded as base64 string.
- Return type:
str
- property public_key_bytes: bytes#
Returns the public key bytes from the organization.
- Returns:
The public key as bytes.
- Return type:
bytes
- property public_key_str: str#
Returns a JSON safe public key, used for the API.
- Returns:
The public key as base64 encoded string.
- Return type:
str
- static str_to_bytes(data)#
Decode base64 encoded string to bytes.
- Parameters:
data (str) – The base64 encoded string.
- Returns:
The encoded string converted to bytes.
- Return type:
bytes
- verify_public_key(pubkey_base64)#
Verifies the public key.
Compare a public key with the generated public key from the private key that is stored in this instance. This is usefull for verifying that the public key stored on the server is derived from the currently used private key.
- Parameters:
pubkey_base64 (str) – The public key to verify as returned from the server.
- Returns:
True if the public key is valid, False otherwise.
- Return type:
bool