Cape Encrypt functionality for use within functions deployed to run in a Cape Enclave.
This provides the ability to be able to encrypt or decrypt information solely within a Cape Enclave using the Cape Key associated with the function owner. Functions can then encrypt data generated during the execution of the function or have fine grained control over decrypting inputs.
- exception cape_encrypt.cape_encrypt.ConnectionError#
An issue arose in the communication with the server.
- exception cape_encrypt.cape_encrypt.ExecutionError#
Server reports an error.
Decrypt a plaintext with a Cape Key within a Cape Enclave.
This function is intended only for use within a function deployed in a Cape Enclave. This function utilizes the Cape Key associated to the function’s owner to decrypt previously Cape Encrypted input.
b64ciphertext – Base64 encoded bytes of a previously Cape Encrypted plaintext, prefixed with
- Return type:
Bytes represeting the plaintext result of the decrypted ciphertext
Encrypt a plaintext with a Cape Key within a Cape Enclave.
This function is intended only for use within a function deployed in a Cape Enclave. It uses envelope encryption. The plaintext is first AES-encrypted with anephemeral AES key, and then this key is itself encrypted with the Cape Key associated with the Cape account that owns the function.
bytes) – bytes to encrypt.
- Return type:
Bytes representing the base64 encoded encryption of the
plaintext. The bytes are a concatenation of the AES-ciphertext of the
plaintext, an AES nonce, and the RSA-ciphertext of the AES key prefixed by