amity/app/crypto.py

from cryptography.hazmat.primitives.asymmetric import ed25519
from cryptography.hazmat.primitives import serialization

PRIVATE_KEY_PATH = "ed25519_private_key.pem"
PUBLIC_KEY_PATH = "ed25519_public_key.pem"

def generate_and_save_keypair(private_key_path, public_key_path):
    private_key = ed25519.Ed25519PrivateKey.generate()
    public_key = private_key.public_key()

    # Serialize the private key to PEM format without encryption
    pem_private = private_key.private_bytes(
        encoding=serialization.Encoding.PEM,
        format=serialization.PrivateFormat.PKCS8,
        encryption_algorithm=serialization.NoEncryption(),
    )

    # Serialize the public key to PEM format
    pem_public = public_key.public_bytes(
        encoding=serialization.Encoding.PEM,
        format=serialization.PublicFormat.SubjectPublicKeyInfo,
    )

    for key in [{
            'path': private_key_path,
            'pem': pem_private
    }, {
            'path': public_key_path,
            'pem': pem_public
    }]:
        with open(key["path"], "wb") as f:
            f.write(key["pem"])


def load_keypair(private_key_path, public_key_path):
    # Load private key from PEM file
    with open(private_key_path, "rb") as f:
        private_key = serialization.load_pem_private_key(
            f.read(),
            password=None,
        )

    # Load public key from PEM file
    with open(public_key_path, "rb") as f:
        public_key = serialization.load_pem_public_key(f.read())

    # Type check (optional but good for Ed25519-specific code)
    if not isinstance(private_key, ed25519.Ed25519PrivateKey):
        raise TypeError("The private key is not an Ed25519 key")
    if not isinstance(public_key, ed25519.Ed25519PublicKey):
        raise TypeError("The public key is not an Ed25519 key")

    return private_key, public_key
first commit Signed-off-by: Micke Nordin <kano@sunet.se> 2025-06-24 11:06:10 +02:00			`from cryptography.hazmat.primitives.asymmetric import ed25519`
			`from cryptography.hazmat.primitives import serialization`

			`PRIVATE_KEY_PATH = "ed25519_private_key.pem"`
			`PUBLIC_KEY_PATH = "ed25519_public_key.pem"`

			`def generate_and_save_keypair(private_key_path, public_key_path):`
			`private_key = ed25519.Ed25519PrivateKey.generate()`
			`public_key = private_key.public_key()`

			`# Serialize the private key to PEM format without encryption`
			`pem_private = private_key.private_bytes(`
			`encoding=serialization.Encoding.PEM,`
			`format=serialization.PrivateFormat.PKCS8,`
			`encryption_algorithm=serialization.NoEncryption(),`
			`)`

			`# Serialize the public key to PEM format`
			`pem_public = public_key.public_bytes(`
			`encoding=serialization.Encoding.PEM,`
			`format=serialization.PublicFormat.SubjectPublicKeyInfo,`
			`)`

			`for key in [{`
			`'path': private_key_path,`
			`'pem': pem_private`
			`}, {`
			`'path': public_key_path,`
			`'pem': pem_public`
			`}]:`
			`with open(key["path"], "wb") as f:`
			`f.write(key["pem"])`


			`def load_keypair(private_key_path, public_key_path):`
			`# Load private key from PEM file`
			`with open(private_key_path, "rb") as f:`
			`private_key = serialization.load_pem_private_key(`
			`f.read(),`
			`password=None,`
			`)`

			`# Load public key from PEM file`
			`with open(public_key_path, "rb") as f:`
			`public_key = serialization.load_pem_public_key(f.read())`

			`# Type check (optional but good for Ed25519-specific code)`
			`if not isinstance(private_key, ed25519.Ed25519PrivateKey):`
			`raise TypeError("The private key is not an Ed25519 key")`
			`if not isinstance(public_key, ed25519.Ed25519PublicKey):`
			`raise TypeError("The public key is not an Ed25519 key")`

			`return private_key, public_key`