skip to navigation
skip to content

Not Logged In

pytkdf 0.1.0

timestamp-based key derivation function for storing secrets.

Latest Version: 1.0.0

TKDF is a timestamp-based KDF for storing secrets

For more information, see the reference Go implementation:
https://godoc.org/github.com/cryptobox/tkdf

This package is designed for storing secrets in a software key storage system. A master key (a key encryption key) should be generated from a password:

>>> password = getpass.getpass("Password: ")
>>> key, salt = tkdf.generate_key(password, 32)

The salt should be saved in order to restore the key if the system is ever restarted:

>>> open("/mnt/usb/keystore.salt", "w").write(salt)

Messages can be encrypted using the encrypt function. encrypt returns a Box instance or None if an error occurred.

>>> msg = "This is a cryptographic key."
>>> box = tkdf.encrypt(key, msg)

For persistent storage, the box's data, timestamp, and tstag elements (the ciphertext, the timestamp used by the KDF, and the timestamp MAC) should be stored.

A box can be decrypted with the decrypt function:

>>> msg = tkdf.decrypt(key, box)
>>> print msg
"This is a cryptographic key."

If the system is restarted, the key can be restored:

>>> salt = open("/mnt/usb/keystore.salt").read()
>>> password = getpass.getpass("Password: ")
>>> key = tkdf.restore_key(password, salt)
 
File Type Py Version Uploaded on Size
pytkdf-0.1.0.tar.gz (md5) Source 2013-12-21 3KB
  • Downloads (All Versions):
  • 3 downloads in the last day
  • 35 downloads in the last week
  • 224 downloads in the last month