Python Modules¶

The legacryptor package is an implementation to handle the GA4GH cryptographic file format.

`legacryptor.cli`	LocalEGA utilities for the cryptographic GA4GH standard.
`legacryptor.crypt4gh`	Crypt4GH Encryption/Decryption
`legacryptor.pubring`	Pubring operations.
`legacryptor.exceptions`	Exceptions

Command Line¶

LocalEGA utilities for the cryptographic GA4GH standard.

Usage:

lega-cryptor [-hv] [–log <file>] list [-s <URL> | -p <path>] lega-cryptor [-hv] [–log <file>] encrypt [-r <recipient>] -s <URL> [-i <input>] [-o <output>] lega-cryptor [-hv] [–log <file>] encrypt [-r <recipient>] [-p <path>] [-i <input>] [-o <output>] lega-cryptor [-hv] [–log <file>] encrypt –pk <path> [-i <input>] [-o <output>] lega-cryptor [-hv] [–log <file>] decrypt –sk <path> [-i <input>] [-o <output>] lega-cryptor [-hv] [–log <file>] reencrypt –sk <path> –pk <path> [-i <input>] [-o <output>] lega-cryptor [-hv] [–log <file>] reencrypt –server <url> –keyid <secret> [-i <input>] [-o <output>]

Options:

`-h, --help`	Prints this help and exit
`-v, --version`	Prints the version and exits
`--log <file>`	Path to the logger file (in YML format)
`-s <URL>, --server <URL>`
	Lists information about all keys in the keyserver
`-p <file>, --pubring <file>`
	Lists information about all keys in the pubring. If not specified, a default pubring is used either from the LEGA_PUBRING environment variable (if it exists) or as the one supplied within this package.
`-r RECIPIENT`	Encrypt for the given recipient [default: ega@crg.eu]
`--pk <keyfile>`	Public PGP key to be used for encryption
`--sk <keyfile>`	Private PGP key to be used for decryption
`--keyid <id>`	Key ID used to retrieve the key material from the keyserver
`-i <file>, --input <file>`
	Input file. If not specified, it uses stdin
`-o <file>, --output <file>`
	Output file. If not specified, it uses stdout

Environment variables:

LEGA_LOG If defined, it will be used as the default logger LEGA_PUBRING If defined, it will be used as the default pubring

Crypt4gh¶

Crypt4GH Encryption/Decryption

class legacryptor.crypt4gh.Header[source]¶

A header is composed of unencrypted part and an encrypted part. The unencrypted part is ‘crypt4gh’ + 4 bytes for the version + the length of the encrypted and unencrypted parts. The encrypted part is:

4 bytes for the number <n> of files contained in the encrypted part
<n> record, where a record is:
- 8 bytes for the plaintext_start
- 8 bytes for the plaintext_end
- 8 bytes for the ciphertext_start
- 8 bytes for the counter_offset (in case several files are concatenated)
then
- 4 bytes for the method: here only 0 (for AES-256-CTR).
- 32 bytes for the session key
- 16 bytes for the IV

legacryptor.crypt4gh.encrypt(pubkey, infile, infilesize, outfile, chunk_size=4096)[source]¶: Encrypt.

legacryptor.crypt4gh.get_header(infile)[source]¶: Extract header and advance file position to AES block.

legacryptor.crypt4gh.decrypt(privkey, infile, process_output=<function do_nothing>, chunk_size=4096)[source]¶: Decrypt.

legacryptor.crypt4gh.reencrypt(pubkey, privkey, infile, process_output=<function do_nothing>, chunk_size=4096)[source]¶: Extract header and update with another one The AES encrypted part is only copied

legacryptor.crypt4gh.get_key_id(header)[source]¶: Retrieve KeyID.

legacryptor.crypt4gh.header_to_records(privkey, header, passphrase)[source]¶: Extracting header from record.

Pubring¶

Pubring operations.

Index | Module Index