search

hirosystems / stacks.js

JavaScript libraries for identity, auth, storage and transactions on the Stacks blockchain.
https://stacks.js.org
MIT License
954 stars 312 forks source link

switch from pycrypto to python cryptography #53

Closed shea256 closed 7 years ago

shea256 commented 8 years ago

Hey!

We discussed earlier the switch from pycrypto to python cryptography (https://github.com/pyca/cryptography).

As I mentioned, I've worked with both before and the latter is the best, IMO. Really well-written, documented, and tested.

Here's the documentation for symmetric encryption with a password:

https://cryptography.io/en/latest/fernet/?highlight=password

>>> import base64
>>> import os
>>> from cryptography.fernet import Fernet
>>> from cryptography.hazmat.backends import default_backend
>>> from cryptography.hazmat.primitives import hashes
>>> from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
>>> password = b"password"
>>> salt = os.urandom(16)
>>> kdf = PBKDF2HMAC(
...     algorithm=hashes.SHA256(),
...     length=32,
...     salt=salt,
...     iterations=100000,
...     backend=default_backend()
... )
>>> key = base64.urlsafe_b64encode(kdf.derive(password))
>>> f = Fernet(key)
>>> token = f.encrypt(b"Secret message!")
>>> token
'...'
>>> f.decrypt(token)
'Secret message!'

It's simple yet extensible and only uses high-level functions, so there's no need to deal with padding and such.

coldacid commented 8 years ago

How similar are the pycrypto and Python cryptology APIs?

jcnelson commented 7 years ago

Need to keep PyCrypto for legacy compatibility for now. Otherwise this codebase is moved off of it.