age.algorithms package¶
Submodules¶
age.algorithms.scrypt module¶
-
age.algorithms.scrypt.
scrypt_decrypt_file_key
(password, salt, log_cost, encrypted_file_key)¶ - Parameters
password (
PasswordKey
) –salt (
bytes
) –log_cost (
int
) –encrypted_file_key (
bytes
) –
- Return type
age.algorithms.ssh_ed25519 module¶
-
age.algorithms.ssh_ed25519.
ssh_ed25519_decrypt_file_key
(ed25519_private_key, fingerprint, derived_secret, encrypted_file_key)¶ - Parameters
ed25519_private_key (
Ed25519PrivateKey
) –fingerprint (
bytes
) –encrypted_file_key (
bytes
) –
age.algorithms.ssh_rsa module¶
-
age.algorithms.ssh_rsa.
ssh_rsa_decrypt_file_key
(private_key, fingerprint, encrypted_file_key)¶ - Parameters
private_key (
RSAPrivateKey
) –fingerprint (
bytes
) –encrypted_file_key (
bytes
) –
- Return type
age.algorithms.x25519 module¶
-
age.algorithms.x25519.
x25519_decrypt_file_key
(private_key, derived_secret, encrypted_file_key)¶ Decrypt
file_key
using theprivate_key
and the two parameters returned byx25519_encrypt_file_key()
.The inversion of
x25519_encrypt_file_key()
is:file key = decrypt[hkdf[salt, label](x25519(private key, derived_secret), 32)](encrypted file key)
where
salt
isderived_secret
||public key
,label
isb"age-encryption.org/v1/X25519"
andderived_secret
is the first parameter returned byx25519_encrypt_file_key()
.- Parameters
private_key (
AgePrivateKey
) –encrypted_file_key (
bytes
) –
- Return type
-
age.algorithms.x25519.
x25519_encrypt_file_key
(public_key, file_key)¶ Encrypt
file_key
withpublic_key
From the specification from age-encryption.org/v1 :
-> X25519 encode(X25519(ephemeral secret, basepoint)) encode(encrypt[HKDF[salt, label](X25519(ephemeral secret, public key), 32)](file key))
where
ephemeral secret
isage.primitives.random()
(32) and MUST be new for every new file key,salt
isage.primitives.X25519()
(ephemeral secret
,basepoint
) ||public key
, andlabel
isb"age-encryption.org/v1/X25519"
.
Module contents¶
This module implements the recipient algorithms