virgil_crypto.crypto module

class virgil_crypto.crypto.VirgilCrypto(default_key_pair_type=<virgil_crypto.keys.key_pair_type.KeyPairType.KeyType object>, use_sha256_fingerprints=False)[source]

Bases: object

Wrapper for cryptographic operations.

Class provides a cryptographic operations in applications, such as hashing, signature generation and verification, and encryption and decryption

CUSTOM_PARAM_KEY_SIGNATURE = bytearray(b'VIRGIL-DATA-SIGNATURE')
CUSTOM_PARAM_KEY_SIGNER_ID = bytearray(b'VIRGIL-DATA-SIGNER-ID')
exception SignatureIsNotValid[source]

Bases: Exception

Exception raised when Signature is not valid

static compute_hash(data, algorithm=3)[source]

Computes the hash of specified data.

Parameters

  • data – data bytes for fingerprint calculation.

  • algorithm – hashing algorithm. The possible values can be found in HashAlgorithm enum.

Returns

Hash bytes.

compute_public_key_identifier(public_key)[source]

Computes public key identifier.

Note: Takes first 8 bytes of SHA512 of public key DER if use_sha256_fingerprints=False

and SHA256 of public key der if use_sha256_fingerprints=True

Parameters

public_key – public key for compute.

Returns

Public key identifier.

static decrypt(data, private_key)[source]

Decrypts the specified data using Private key.

Parameters

  • data – encrypted data bytes for decryption.

  • private_key – private key for decryption.

Returns

Decrypted data bytes.

decrypt_and_verify(data, private_key, signers_public_keys)[source]

Decrypts and verifies the data.

Parameters

  • data – encrypted data bytes.

  • private_key – private key for decryption.

  • signers_public_keys – List of possible signers public keys. WARNING: data should have signature of ANY public key from list.

Returns

Decrypted data bytes.

Raises

VirgilCryptoError – if signature is not verified.

decrypt_stream(input_stream, output_stream, private_key)[source]

Decrypts the specified stream using Private key.

Parameters

  • input_stream – readable stream containing input data.

  • output_stream – writable stream for output.

  • private_key – private key for decryption.

encrypt(data, *recipients)[source]

Encrypts the specified data using recipients Public keys.

Parameters

  • data – raw data bytes for encryption.

  • recipients – list of recipients’ public keys.

Returns

Encrypted data bytes.

encrypt_stream(input_stream, output_stream, *recipients)[source]

Encrypts the specified stream using recipients Public keys.

Parameters

  • input_stream – readable stream containing input data.

  • output_stream – writable stream for output.

  • recipients – list of recipients’ public keys.

static export_private_key(private_key)[source]

Exports private key to DER format

Parameters

private_key – private key for export.

Returns

Private key in DER format

static export_public_key(public_key)[source]

Exports the Public key into material representation.

Parameters

public_key – public key for export.

Returns

Key material representation bytes.

static extract_public_key(private_key)[source]

Extracts the Public key from Private key.

Parameters

private_key – source private key for extraction.

Returns

Exported public key.

generate_key_pair(key_type=<virgil_crypto.keys.key_pair_type.KeyPairType.KeyType object>, seed=None)[source]

Generates asymmetric key pair that is comprised of both public and private keys by specified type.

Parameters

  • key_type – type of the generated keys. The possible values can be found in KeyPairType enum.

  • seed – random value used to generate key

Returns

Generated key pair.

generate_random_data(data_size)[source]

Generates cryptographically secure random bytes. Uses CTR DRBG

Parameters

data_size – size needed

Returns

Random data

static generate_signature(data, private_key)[source]

Generates digital signature of data using private key

Parameters

  • data – raw data bytes for signing.

  • private_key – private key for signing.

Returns

Signature bytes.

generate_stream_signature(input_stream, private_key)[source]

Signs the specified stream using Private key.

Parameters

  • input_stream – readable stream containing input data.

  • private_key – private key for signing.

Returns

Signature bytes.

import_private_key(key_data)[source]

Imports private key from DER or PEM format

Parameters

key_data – Private key in DER or PEM format.

Returns

VirgilKeyPair.

import_public_key(key_data)[source]

Imports the Public key from material representation.

Parameters

key_data – key material representation bytes.

Returns

Imported public key.

sign_and_encrypt(data, private_key, *recipients)[source]

Signs and encrypts the data.

Parameters

  • data – data bytes for signing and encryption.

  • private_key – sender private key

  • recipients – list of recipients’ public keys. Used for data encryption.

Returns

Signed and encrypted data bytes.

static strtobytes(source)[source]

Convert string to bytes tuple used for all crypto methods.

Parameters

source – String for conversion.

Returns

Tuple containing bytes from converted source string.

static verify_signature(data, signature, public_key)[source]

Verifies the specified signature using original data and signer’s public key.

Parameters

  • data – original data bytes for verification.

  • signature – signature bytes for verification.

  • public_key – signer public key for verification.

Returns

True if signature is valid, False otherwise.

verify_stream_signature(input_stream, signature, signer_public_key)[source]

Verifies the specified signature using original stream and signer’s Public key.

Parameters

  • input_stream – readable stream containing input data.

  • signature – signature bytes for verification.

  • signer_public_key – signer public key for verification.

Returns

True if signature is valid, False otherwise.