{
    "info": {
        "author": "Hugo Peres Castilho",
        "author_email": "hugo.p.castilho@telecom.pt",
        "bugtrack_url": null,
        "classifiers": [
            "Development Status :: 4 - Beta",
            "Intended Audience :: Developers",
            "License :: OSI Approved :: MIT License",
            "Operating System :: MacOS :: MacOS X",
            "Operating System :: Microsoft :: Windows",
            "Operating System :: Unix",
            "Programming Language :: Python :: 2",
            "Topic :: Security :: Cryptography"
        ],
        "description": "# SAPO Security Lib - Python\n\nThe SAPO Security Lib is a library whose purpose is to provide functions/classes\nthat solve common security related problems, while being easy to use even by\nthose who are not security experts. This repository contains the Python version\nof this library.\n\nOur design principles:\n\n- **Security** \u2014 This is an obvious one, but it is important to explain how it\n  is enforced.\n    - No security primitives were invented, all security sensitive code is based\n      on modern security best-practices (e.g. we use PBKDF2 to derive keys from\n      passwords, we didn't reinvent the wheel).\n    - Very high (near 100%) testing code coverage.\n    - Manual code review by security professionals.\n- **Security by default** \u2014 Using the library with the default parameters should\n  provide enough security for most cases (maybe not military grade top security,\n  but enough for an application like Gmail, for example). Flexibility was even\n  traded in some places for increased security, for example by making it hard\n  (i.e., impossible without messing with the lib code) for someone to use a weak\n  algorithm instead of the default one.\n- **Simple API** \u2014 Unfortunately, the acronyms AES, PBKDF2, HMAC, etc. are\n  cryptic for many developers, and many others know them but might have\n  difficulty knowing when and how to use them. As such, we decided to hide the\n  implementation details in the API function names, resulting in names such as\n  `generate_encryption_key`, `encrypt`, `prepare_password_for_storage`, etc.\n  which most developers are able to understand even if they are not security\n  experts.\n\n\n\nThere are currently 4 modules in this library:\n\n- **crypto** \u2014 Cryptographic functions library.\n- **advanced_crypto** \u2014 Advanced cryptographic functions library.\n- **random** \u2014 Secure generation of random numbers and strings.\n- **passwords** \u2014 Creation and validation of user passwords.\n\nSome examples of use cases for each of these modules are given below.\n\nFor the full documentation of the library, go [here](http://oss.sapo.pt/securitylib-python/).\n\n\n## Discussion\n\nPlease file any bugs you find in our [issue tracker](https://github.com/sapo/securitylib-python).\n\n\n## Installation\n\nOnly Python 2.7 is supported.\nThere are severall ways to install SAPO Security Lib.\n\n\n### Via PyPI\n\nJust run:\n`pip install securitylib`\n\n\n### Via a tarball release\n\n1. Dowload the [tarball](https://github.com/sapo/securitylib-python/archive/1.0.0.tar.gz)\n2. Unpack the tarball\n3. `python setup.py install`\n\n\n## Examples:\n\n### Crypto\n\nGenerating a key for encryption:\n\n```python\nimport securitylib\n\nencryption_key = securitylib.crypto.generate_encryption_key()\n\nprint(encryption_key)\n```\n\nGenerating a key for encryption based on a user's password:\n\n```python\nimport securitylib\n\npassword = 'this_is_the_users_password'\nsalt = securitylib.random.get_random_token()\nencryption_key = securitylib.crypto.generate_encryption_key_from_password(password, salt)\n\nprint(encryption_key)\n```\n\nEncrypting and decrypting data:\n\n```python\nimport securitylib\n\ndata = 'this_is_the_data_we_want_to_encrypt'\nencryption_key = securitylib.crypto.generate_encryption_key()\nauthenticator_key = securitylib.crypto.generate_authenticator_key()\nencrypted_data = securitylib.crypto.encrypt(data, encryption_key, authenticator_key)\ndecrypted_data = securitylib.crypto.decrypt(encrypted_data, encryption_key, authenticator_key)\nassert(decrypted_data == data)\n```\n\n### Advanced Crypto\n\nUsing a stream cipher to encrypt or decrypt a stream:\n\n```python\nimport securitylib\n\ndata_chunks = ['this_is_', 'the_data', '_we', '_want_to_', 'encrypt']\n\nencryption_key = securitylib.crypto.generate_encryption_key()\n\n# Data can be encrypted chunk by chunk\nstream_cipher = securitylib.advanced_crypto.StreamCipher(encryption_key)\nencrypted_data = ''.join(stream_cipher.encrypt(chunk) for chunk in data_chunks)\n\n# Decryption can also happen chunk by chunk. Here we are decrypting the whole\n# stream at once just to check that we get the original data back.\nstream_cipher2 = securitylib.advanced_crypto.StreamCipher(encryption_key)\ndecrypted_data = stream_cipher2.decrypt(encrypted_data)\n\noriginal_data = ''.join(data_chunks)\n\nassert(decrypted_data == original_data)\n```\n\n### Random\n\nGenerating random values using a secure source of randomness:\n\n```python\nimport securitylib\n\nrandom_bytes = securitylib.random.get_random_bytes(length=16)\nrandom_integer = securitylib.random.get_random_integer(min_result=1000, max_result=9999)\nrandom_string = securitylib.random.get_random_string(length=100, charset='abcdefghijklmnopqrstuvwxyz')\nrandom_GUID = securitylib.random.get_random_GUID()\n\nprint(random_bytes, random_integer, random_string, random_GUID)\n```\n\n### Passwords\n\nGenerating a random password:\n\n```python\nimport securitylib\n\npassword = securitylib.passwords.generate_password(length=12, lower=True, upper=True, digits=True, special=True, ambig=True)\n\nprint(password)\n```\n\nGetting a password's strength (between 0 and 100):\n\n```python\nimport securitylib\n\nprint(securitylib.passwords.get_password_strength('123456'))\nprint(securitylib.passwords.get_password_strength('thisismypassword'))\nprint(securitylib.passwords.get_password_strength('this is my password'))\nprint(securitylib.passwords.get_password_strength('u6fm08xw@RLs'))\nprint(securitylib.passwords.get_password_strength('This 1s My P4ssword...'))\n```\n\nValidate a user's password against a list of rules:\n\n```python\nimport securitylib\n\npassword = 'this_is_the_users_password'\nerror_list = securitylib.passwords.validate_password(password, min_length=12, min_lower=1, min_upper=1, min_digits=1, min_special=1, min_strength=50)\n\nprint(error_list)\n```",
        "description_content_type": null,
        "docs_url": null,
        "download_url": "UNKNOWN",
        "downloads": {
            "last_day": -1,
            "last_month": -1,
            "last_week": -1
        },
        "home_page": "http://oss.sapo.pt/securitylib-python/",
        "keywords": "security,crypto,securitylib",
        "license": "MIT",
        "maintainer": null,
        "maintainer_email": null,
        "name": "securitylib",
        "package_url": "https://pypi.org/project/securitylib/",
        "platform": "UNKNOWN",
        "project_url": "https://pypi.org/project/securitylib/",
        "project_urls": {
            "Download": "UNKNOWN",
            "Homepage": "http://oss.sapo.pt/securitylib-python/"
        },
        "release_url": "https://pypi.org/project/securitylib/1.0.2/",
        "requires_dist": null,
        "requires_python": null,
        "summary": "The SAPO Security Lib is a library whose purpose is to provide functions/classes that solve common security related problems, while being easy to use even by those who are not security experts.",
        "version": "1.0.2"
    },
    "last_serial": 1391061,
    "releases": {
        "1.0.2": [
            {
                "comment_text": "",
                "digests": {
                    "md5": "8f622fb586c4f3d2027b69dd68ce9526",
                    "sha256": "44bcec205f5076807ca58dcca093557a2becf5bf8af71aae8ec19e9fae4df7f2"
                },
                "downloads": -1,
                "filename": "securitylib-1.0.2.tar.gz",
                "has_sig": false,
                "md5_digest": "8f622fb586c4f3d2027b69dd68ce9526",
                "packagetype": "sdist",
                "python_version": "source",
                "requires_python": null,
                "size": 258259,
                "upload_time": "2015-01-21T21:05:20",
                "url": "https://files.pythonhosted.org/packages/95/a2/1ef1b4546c84151f9d7636aeef16223eac12e9bf8e401ce6cb506d0c2c72/securitylib-1.0.2.tar.gz"
            }
        ]
    },
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "md5": "8f622fb586c4f3d2027b69dd68ce9526",
                "sha256": "44bcec205f5076807ca58dcca093557a2becf5bf8af71aae8ec19e9fae4df7f2"
            },
            "downloads": -1,
            "filename": "securitylib-1.0.2.tar.gz",
            "has_sig": false,
            "md5_digest": "8f622fb586c4f3d2027b69dd68ce9526",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": null,
            "size": 258259,
            "upload_time": "2015-01-21T21:05:20",
            "url": "https://files.pythonhosted.org/packages/95/a2/1ef1b4546c84151f9d7636aeef16223eac12e9bf8e401ce6cb506d0c2c72/securitylib-1.0.2.tar.gz"
        }
    ]
}