Utility functions supporting the Cape encrypt functionality.
- pycape.cape_encrypt.encrypt(message, key)#
messagewith a Cape
This function uses envelope encryption. The message is first AES-encrypted with an ephemeral AES key, and then this key is itself encrypted with a given RSA public key.
bytes) – Bytes to encrypt.
bytes) – Bytes representing the Cape key. Needs to be a valid, DEM-encoded RSA public key.
- Return type:
Bytes represeting the encryption of
message. The bytes are a concatenation of the AES-ciphertext of
message, an AES nonce, and the RSA-ciphertext of the AES key.
ValueError – if the
keyis not a valid DEM-encoded RSA public key.