-
Notifications
You must be signed in to change notification settings - Fork 0
Python Cryptography Library
Python Cryptography is a library that allows developers to improve the security of their programs through the use of various types of cryptographic algorithms such as RSA encryption, OpenSSL Key Generation, and other important functions.
When organizations want to pass information between platforms without third-party intercepting the message, they often use key authentication. The general idea behind it utilizing two different keys, a public and private one to prevent outside interference. Both keys are generated by the user, but only the public key is known to the platform, while the private key remains known only to the user. When sending data to the platform, the user's private key is used to encrypt it, at which point it is sent to the server. This process is also known as signing, as it generates a unique signature using the private key. Once the server receives it, the message will be referenced with the public key assigned to the user to see if it can be decrypted. Without both keys, it is functionally impossible to decrypt and read the message.
Ed25519 encryption is another encryption algorithm similar to RSA encryption. The Shuttle Tracker server utilizes this type of encryption, hence the focus on it. The functions that are generally important are the Ed25519PrivateKey.generate() function, the .public_key() function the .sign() function, and the .verify(key, authentication message in bytes) function.
In order to use these functions, the following line must be added to the top of the .py file:
from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey
The Ed25519PrivateKey.generate(), as can be guessed, randomly generates a secure private key using Ed25519 encryption. This is not a requirement for a user, but can certainly be helpful for new users of a developer's platform.
The .public_key() function generates a public key that can be used along with the private key to authenticate users.
The .sign() function uses the previously generated or imported private key to encrypt specific messages that a user wants to send securely.
The .verify() function allows the developer to match the signed message with the original byte-string message to see if they are similar.
Since this is a Python library, it is required to have the 'pip' package manager, which allows developers to install various programs. The specific pip command is as follows: pip install cryptography
Developers trying to decrypt a private key that has been assigned a passphrase will encounter a code-stopping bug caused by the private keys' interactions with the bcrypt function. The issue is not something a developer can solve without refactoring the cryptography library itself.