def hydro_secretbox_decrypt(c, mid, ctx, key): assert (type(ctx) == str) and (len(ctx) == h.hydro_kdf_CONTEXTBYTES) assert (type(c) == bytes) clen = len(c) if clen <= h.hydro_secretbox_HEADERBYTES: return None buf = ffi.new('uint8_t[]', clen - h.hydro_secretbox_HEADERBYTES) if h.hydro_secretbox_decrypt(buf, c, clen, mid, ctx.encode('utf8'), key) != 0: return None return bytes(buf)
def hydro_hash_hash(outlen, d, ctx, key=None): assert (type(ctx) == str) and (len(ctx) == h.hydro_kdf_CONTEXTBYTES) assert (outlen >= h.hydro_hash_BYTES_MIN) and (outlen <= h.hydro_hash_BYTES_MAX) dlen = len(d) buf = ffi.new('uint8_t[]', outlen) if key is None: key = ffi.NULL if h.hydro_hash_hash(buf, outlen, d, dlen, ctx, key) == -1: return None return bytes(buf)
def hydro_secretbox_encrypt(m, mid, ctx, key): assert (type(ctx) == str) and (len(ctx) == h.hydro_kdf_CONTEXTBYTES) if type(m) == str: m = m.encode('utf-8') assert (type(m) == bytes) mlen = len(m) if not mlen: return bytes(0) buf = ffi.new('uint8_t[]', mlen + h.hydro_secretbox_HEADERBYTES) h.hydro_secretbox_encrypt(buf, m, mlen, mid, ctx.encode('utf8'), key) return bytes(buf)
def hydro_pwhash_deterministic(pw, ctx, master_key, ops_limit=10000, mem_limit=0, threads=1): buf = ffi.new('uint8_t[]', 32) pwlen = len(pw) h.hydro_pwhash_deterministic(buf, 32, pw.encode('utf8'), pwlen, ctx.encode('utf8'), master_key, ops_limit, mem_limit, threads) return bytes(buf)
def hydro_kx_kk_2(pkt1, client_pubkey, server_kp): pkt2 = ffi.new('uint8_t[]', h.hydro_kx_KK_PACKET2BYTES) session_kp_server = ffi.new('hydro_kx_session_keypair *') if (h.hydro_kx_kk_2(session_kp_server, pkt2, pkt1, client_pubkey, server_kp) != 0): return (None, None) return (session_kp_server, bytes(pkt2))
def hydro_kx_kk_1(st_client, server_pubkey, client_kp): pkt1 = ffi.new('uint8_t[]', h.hydro_kx_KK_PACKET1BYTES) if (h.hydro_kx_kk_1(st_client, pkt1, server_pubkey, client_kp) != 0): return None return bytes(pkt1)
def hydro_kx_keygen_deterministic(seed): pair = ffi.new('hydro_kx_keypair *') h.hydro_kx_keygen_deterministic(pair, seed) return pair
def hydro_kx_keygen(): pair = ffi.new('hydro_kx_keypair *') h.hydro_kx_keygen(pair) return pair
def __init__(self, ctx): """Creates a hydro_sign_state object with (required) ctx""" assert (type(ctx) == str) and (len(ctx) == h.hydro_kdf_CONTEXTBYTES) self.st = ffi.new('hydro_sign_state *') h.hydro_sign_init(self.st, ctx.encode('utf8'))
def hydro_random_buf(ct): assert ct > 0 buf = ffi.new('uint8_t[]', ct) h.hydro_random_buf(buf, ct) return bytes(buf)
def __init__(self, psk=None): self.psk = psk self.st = ffi.new('hydro_kx_state *')
def hydro_secretbox_keygen(): buf = ffi.new('uint8_t[]', h.hydro_secretbox_KEYBYTES) h.hydro_secretbox_keygen(buf) return bytes(buf)
def hydro_kdf_derive_from_key(subkey_len, id, ctx, master_key): assert ((subkey_len >= h.hydro_kdf_BYTES_MIN) and (subkey_len <= h.hydro_kdf_BYTES_MAX)) assert (type(ctx) == str) and (len(ctx) == h.hydro_kdf_CONTEXTBYTES) buf = ffi.new('uint8_t[]', subkey_len) h.hydro_kdf_derive_from_key(buf, subkey_len, id, ctx.encode('utf8'), master_key) return bytes(buf)
def hydro_kdf_master_keygen(): buf = ffi.new('uint8_t[]', h.hydro_kdf_KEYBYTES) h.hydro_kdf_keygen(buf) return bytes(buf)
def final(self): """use secret key to generate a signature""" buf = ffi.new('uint8_t[]', h.hydro_hash_BYTES) h.hydro_hash_final(self.st, buf, h.hydro_hash_BYTES) return bytes(buf)
def __init__(self, ctx, key): """Creates a hydro_hash_state object with ctx and key (both required)""" assert (type(ctx) == str) and (len(ctx) == h.hydro_kdf_CONTEXTBYTES) assert len(key) == h.hydro_hash_KEYBYTES self.st = ffi.new('struct hydro_hash_state *') h.hydro_hash_init(self.st, ctx.encode('utf8'), key)
def hydro_random_buf_deterministic(ct, seed): assert ct > 0 assert len(seed) == h.hydro_random_SEEDBYTES buf = ffi.new('uint8_t[]', ct) h.hydro_random_buf_deterministic(buf, ct, seed) return bytes(buf)
def hydro_kx_kk_3(st_client, pkt2, client_kp): session_kp_client = ffi.new('hydro_kx_session_keypair *') if (h.hydro_kx_kk_3(st_client, session_kp_client, pkt2, client_kp) != 0): return None return session_kp_client
def __init__(self): self.st = ffi.new('hydro_kx_state *')
def hydro_sign_create(m, ctx, secret_key): assert (type(ctx) == str) and (len(ctx) == h.hydro_kdf_CONTEXTBYTES) buf = ffi.new('uint8_t[]', h.hydro_sign_BYTES) mlen = len(m) h.hydro_sign_create(buf, m, mlen, ctx, secret_key) return bytes(buf)
def hydro_pwhash_keygen(): buf = ffi.new('uint8_t[]', h.hydro_pwhash_MASTERKEYBYTES) h.hydro_pwhash_keygen(buf) return bytes(buf)
def hydro_secretbox_probe_create(c, ctx, key): assert (type(ctx) == str) and (len(ctx) == h.hydro_kdf_CONTEXTBYTES) clen = len(c) buf = ffi.new('uint8_t[]', h.hydro_secretbox_PROBEBYTES) h.hydro_secretbox_probe_create(buf, c, clen, ctx.encode('utf8'), key) return bytes(buf)