Newer
Older
from __future__ import absolute_import
from __future__ import division
from . import six
from . import nacl, encoding
from .exceptions import CryptoError
class SecretBox(encoding.Encodable, six.StringFixer, object):
"""
The SecretBox class encrypted and decrypts messages using the given secret
key.
The ciphertexts generated by :class:`~nacl.secret.Secretbox` include a 16
byte authenticator which is checked as part of the decryption. An invalid
authenticator will cause the decrypt function to raise an exception. The
authenticator is not a signature. Once you've decrypted the message you've
demonstrated the ability to create arbitrary valid message, so messages you
send are repudiable. For non-repudiable messages, sign them after
encryption.
:param key: The secret key used to encrypt and decrypt messages
:param encoder: The encoder class used to decode the given key
:cvar KEY_SIZE: The size that the key is required to be.
:cvar NONCE_SIZE: The size that the nonce is required to be.
"""
KEY_SIZE = nacl.lib.crypto_secretbox_KEYBYTES
NONCE_SIZE = nacl.lib.crypto_secretbox_NONCEBYTES
def __init__(self, key, encoder=encoding.RawEncoder):
key = encoder.decode(key)
if len(key) != self.KEY_SIZE:
raise ValueError("The key must be exactly %s bytes long" %
nacl.lib.crypto_secretbox_KEYBYTES)
self._key = key
def __bytes__(self):
return self._key
def encrypt(self, plaintext, nonce, encoder=encoding.RawEncoder):
"""
Encrypts the plaintext message using the given nonce and returns the
ciphertext encoded with the encoder.
.. warning:: It is **VITALLY** important that the nonce is a nonce,
i.e. itis a number used only once for any given key. If you fail to
do this, you compromise the privacy of the messages encrypted. Give
your nonces a different prefix, or have one side use an odd counter
and one an even counter. Just make sure they are different.
:param plaintext: [:class:`bytes`] The plaintext message to encrypt
:param nonce: [:class:`bytes`] The nonce to use in the encryption
:param encoder: The encoder to use to encode the ciphertext
:rtype: [:class:`bytes`]
"""
if len(nonce) != self.NONCE_SIZE:
raise ValueError("The nonce must be exactly %s bytes long" %
nacl.lib.crypto_secretbox_NONCEBYTES)
padded = b"\x00" * nacl.lib.crypto_secretbox_ZEROBYTES + plaintext
ciphertext = nacl.ffi.new("unsigned char[]", len(padded))
if not nacl.lib.crypto_secretbox(
ciphertext, padded, len(padded), nonce, self._key,
):
raise CryptoError("Encryption failed")
box_zeros = nacl.lib.crypto_secretbox_BOXZEROBYTES
ciphertext = nacl.ffi.buffer(ciphertext, len(padded))[box_zeros:]
return encoder.encode(ciphertext)
def decrypt(self, ciphertext, nonce, encoder=encoding.RawEncoder):
"""
Decrypts the ciphertext using the given nonce and returns the plaintext
message.
:param ciphertext: [:class:`bytes`] The encrypted message to decrypt
:param nonce: [:class:`bytes`] The nonce used when encrypting the
ciphertext
:param encoder: The encoder used to decode the ciphertext.
:rtype: [:class:`bytes`]
"""
if len(nonce) != self.NONCE_SIZE:
raise ValueError("The nonce must be exactly %s bytes long" %
nacl.lib.crypto_secretbox_NONCEBYTES)
ciphertext = encoder.decode(ciphertext)
padded = b"\x00" * nacl.lib.crypto_secretbox_BOXZEROBYTES + ciphertext
plaintext = nacl.ffi.new("unsigned char[]", len(padded))
if not nacl.lib.crypto_secretbox_open(
plaintext, padded, len(padded), nonce, self._key,
):
raise CryptoError(
"Decryption failed. Ciphertext failed verification")
box_zeros = nacl.lib.crypto_secretbox_ZEROBYTES
plaintext = nacl.ffi.buffer(plaintext, len(padded))[box_zeros:]
return plaintext