add crypto_box_easy to main branch

libnacl/__init__.py

@@ -644,6 +644,37 @@ def crypto_secretbox_open(ctxt, nonce, key):
         raise ValueError('Failed to decrypt message')
     return msg.raw[crypto_secretbox_ZEROBYTES:]
 
+# Authenticated Symmetric Encryption improved version
+
+
+def crypto_secretbox_easy(cmessage, nonce, key):
+    if len(key) != crypto_secretbox_KEYBYTES:
+        raise ValueError('Invalid key')
+
+    if len(nonce) != crypto_secretbox_NONCEBYTES:
+        raise ValueError('Invalid nonce')
+
+
+    ctxt = ctypes.create_string_buffer(crypto_secretbox_MACBYTES + len(cmessage))
+    ret = nacl.crypto_secretbox_easy(ctxt, cmessage, ctypes.c_ulonglong(len(cmessage)), nonce, key)
+    if ret:
+        raise ValueError('Failed to encrypt message')
+    return ctxt.raw[0:]
+
+def crypto_secretbox_open_easy(ctxt, nonce, key):
+
+    if len(key) != crypto_secretbox_KEYBYTES:
+        raise ValueError('Invalid key')
+
+    if len(nonce) != crypto_secretbox_NONCEBYTES:
+        raise ValueError('Invalid nonce')
+
+    msg = ctypes.create_string_buffer(len(ctxt))
+    ret = nacl.crypto_secretbox_open_easy(msg, ctxt, ctypes.c_ulonglong(len(ctxt)), nonce, key)
+    if ret:
+        raise ValueError('Failed to decrypt message')
+    return msg.raw[0:len(ctxt) - crypto_secretbox_MACBYTES]    
+
 # Authenticated Symmetric Encryption with Additional Data
 
 

libnacl/secret_easy.py

@@ -0,0 +1,47 @@
+# -*- coding: utf-8 -*-
+'''
+Utilities to make secret box easy encryption simple
+'''
+# Import libnacl
+import libnacl
+import libnacl.utils
+import libnacl.base
+
+
+class SecretBoxEasy(libnacl.base.BaseKey):
+    '''
+    Manage symetric encryption using the salsa20 algorithm
+    '''
+    def __init__(self, key=None):
+        if key is None:
+            key = libnacl.utils.salsa_key()
+        if len(key) != libnacl.crypto_secretbox_KEYBYTES:
+            raise ValueError('Invalid key')
+        self.sk = key
+
+    def encrypt(self, msg, nonce=None, pack_nonce=True):
+        '''
+        Encrypt the given message. If a nonce is not given it will be
+        generated via the rand_nonce function
+        '''
+        if nonce is None:
+            nonce = libnacl.utils.rand_nonce()
+        if len(nonce) != libnacl.crypto_secretbox_NONCEBYTES:
+            raise ValueError('Invalid nonce size')
+        ctxt = libnacl.crypto_secretbox_easy(msg, nonce, self.sk)
+        if pack_nonce:
+            return nonce + ctxt
+        else:
+            return nonce, ctxt
+
+    def decrypt(self, ctxt, nonce=None):
+        '''
+        Decrypt the given message, if no nonce is given the nonce will be
+        extracted from the message
+        '''
+        if nonce is None:
+            nonce = ctxt[:libnacl.crypto_secretbox_NONCEBYTES]
+            ctxt = ctxt[libnacl.crypto_secretbox_NONCEBYTES:]
+        if len(nonce) != libnacl.crypto_secretbox_NONCEBYTES:
+            raise ValueError('Invalid nonce')
+        return libnacl.crypto_secretbox_open_easy(ctxt, nonce, self.sk)

tests/unit/test_raw_auth_sym_easy.py

@@ -0,0 +1,20 @@
+# Import nacl libs
+import libnacl
+import libnacl.utils
+
+# Import python libs
+import unittest
+
+
+class TestSecretBox(unittest.TestCase):
+    '''
+    Test sign functions
+    '''
+    def test_secret_box_easy(self):
+        msg = b'Are you suggesting coconuts migrate?'
+        sk1 = libnacl.utils.salsa_key()
+        nonce1 = libnacl.utils.rand_nonce()
+        enc_msg = libnacl.crypto_secretbox_easy(msg, nonce1, sk1)
+        self.assertNotEqual(msg, enc_msg)
+        clear_msg = libnacl.crypto_secretbox_open_easy(enc_msg, nonce1, sk1)
+        self.assertEqual(msg, clear_msg)

tests/unit/test_raw_secret_easy.py

@@ -0,0 +1,33 @@
+# Import libnacl libs
+import libnacl
+import libnacl.utils
+
+# Import python libs
+import unittest
+
+
+class TestSecret(unittest.TestCase):
+    """
+    Test secret functions
+    """
+    def test_secretbox_easy(self):
+        msg = b'Are you suggesting coconuts migrate?'
+
+        nonce = libnacl.utils.rand_nonce()
+        key = libnacl.utils.salsa_key()
+
+        c = libnacl.crypto_secretbox_easy(msg, nonce, key)
+        m = libnacl.crypto_secretbox_open_easy(c, nonce, key)
+        self.assertEqual(msg, m)
+
+        with self.assertRaises(ValueError):
+            libnacl.crypto_secretbox_easy(msg, b'too_short', key)
+
+        with self.assertRaises(ValueError):
+            libnacl.crypto_secretbox_easy(msg, nonce, b'too_short')
+
+        with self.assertRaises(ValueError):
+            libnacl.crypto_secretbox_open_easy(c, b'too_short', key)
+
+        with self.assertRaises(ValueError):
+            libnacl.crypto_secretbox_open_easy(c, nonce, b'too_short')

tests/unit/test_secret_easy.py

@@ -0,0 +1,22 @@
+# Import libnacl libs
+import libnacl.secret_easy
+# Import python libs
+import unittest
+
+class TestSecretEasy(unittest.TestCase):
+    '''
+    '''
+    def test_secret(self):
+        msg = b'But then of course African swallows are not migratory.'
+        box = libnacl.secret_easy.SecretBoxEasy()
+        ctxt = box.encrypt(msg)
+        self.assertNotEqual(msg, ctxt)
+        box2 = libnacl.secret_easy.SecretBoxEasy(box.sk)
+        clear1 = box.decrypt(ctxt)
+        self.assertEqual(msg, clear1)
+        clear2 = box2.decrypt(ctxt)
+        self.assertEqual(clear1, clear2)
+        ctxt2 = box2.encrypt(msg)
+        clear3 = box.decrypt(ctxt2)
+        self.assertEqual(clear3, msg)
+