Secure Data Utility

Utility library for generating secure tokens, verifying integrity, deriving keys, and authenticating messages.

Capabilities

Session tokens

• Requesting a token with 24 bytes of entropy returns a URL-safe string at least 32 characters long, and two sequential calls return different values. @test

File integrity digest

• Given a text file containing "integrity\ncheck", the default digest routine produces the hexadecimal value 60486135c66ee03828fe29f8a10a01bda6d74dc8047b21dd9988374840a0cbc4. @test

Password-derived keys

• Deriving a 32-byte key from password "tr0ub4dor&3" with salt b"NaClNaCl" and 150000 iterations yields hexadecimal f780361f88a320cf7af1f7589a98cfb138d067e8dbdb18918c2b3006b339da6d, repeating the derivation with the same inputs returns the identical bytes, and verifying with "wrongpass" reports failure. @test

Message authentication

• Signing b"validate me" with key b"supersecretkey" produces signature bytes c4e2f980ad5ceffaef7099f861197a48b8d524607724f8bf42ceb8304ccd41d6; verification succeeds for the original message and fails when the message is changed to b"validate ne". @test

Implementation

@generates

API

from pathlib import Path


def generate_session_token(bytes_of_entropy: int = 32) -> str: ...


def file_hex_digest(path: str | Path, algorithm: str = 'sha256') -> str: ...


def derive_key_from_password(password: str, salt: bytes, iterations: int, key_length: int) -> bytes: ...


def verify_password_key(password: str, salt: bytes, iterations: int, expected_key: bytes) -> bool: ...


def sign_message(key: bytes, message: bytes, algorithm: str = 'sha256') -> bytes: ...


def verify_message(key: bytes, message: bytes, signature: bytes, algorithm: str = 'sha256') -> bool: ...

Dependencies { .dependencies }

Python security primitives { .dependency }

Cryptographic hashing, key derivation, secure randomness, and constant-time comparisons for integrity and authentication workflows. @satisfied-by