def test_symm_encrypt(self):
key = api.secure_random(32)
plaintext = b'this is a test'
ciphertext = api.symm_encrypt(key, plaintext)
self.assertEqual(EncryptedMessage, type(ciphertext))
self.assertNotEqual(plaintext, ciphertext)
def _ecies_gen_ephemeral_key(
recp_pubkey: Union[bytes, elliptic_curve.ec_element]
) -> Tuple[bytes, Tuple[bytes, bytes]]:
"""
Generates and encrypts an ephemeral key for the `recp_pubkey`.
:param recp_pubkey: Recipient's pubkey
:return: Tuple of the eph_privkey, and a tuple of the encrypted symmetric
key, and encrypted ephemeral privkey
"""
symm_key, enc_symm_key = API.ecies_encapsulate(recp_pubkey)
eph_privkey = API.ecies_gen_priv()
enc_eph_privkey = API.symm_encrypt(symm_key, eph_privkey)
return (eph_privkey, (enc_symm_key, enc_eph_privkey))
def encrypt(self,
data: bytes,
pubkey: bytes = None) -> Tuple[bytes, bytes]:
"""
Encrypts data with Public key encryption
:param data: Data to encrypt
:param pubkey: publc key to encrypt for
:return: (Encrypted Key, Encrypted data)
"""
pubkey = pubkey or self.pub_key
key, enc_key = API.ecies_encapsulate(pubkey)
enc_data = API.symm_encrypt(key, data)
return (enc_data, API.elliptic_curve.serialize(enc_key.ekey))
def _encrypt_key(self,
key: bytes,
pubkey: bytes = None) -> Tuple[bytes, bytes]:
"""
Encrypts the `key` provided for the provided `pubkey` using the ECIES
schema. If no `pubkey` is provided, it uses `self.pub_key`.
:param key: Key to encrypt
:param pubkey: Public Key to encrypt the `key` for
:return (encrypted key, encapsulated ECIES key)
"""
pubkey = pubkey or self.pub_key
symm_key, enc_symm_key = API.ecies_encaspulate(pubkey)
enc_key = API.symm_encrypt(symm_key, key)
return (enc_key, enc_symm_key)