from cryptography.fernet import Fernet
import sys

# Encrypt and decrypt using cryptography.fernet:
# - AES MODE_CBC symmetric cypher
# - 128 bit encryption key + 128 bit signing key, urlsafe_base64 encoded
# - random 128 bit nonce
# - PKCS7 padding
# - unencrypted timestamp
# - HMAC SHA-256 authenticator
# - cyphertext is returned urlsafe_base64 encoded
# - somewhat standard and compatible
# - fast, fairly compact

def gen_key():
	key = Fernet.generate_key()
	return key

def encrypt(plaintext, key):
	f = Fernet(key)
	ciphertext = f.encrypt(plaintext)
	return ciphertext
	
def decrypt(ciphertext, key):
	f = Fernet(key)
	plaintext = f.decrypt(ciphertext)
	return plaintext

def test(n=2):
	crypto = sys.modules[__name__]
	key = crypto.gen_key()
	print "key", key

	text = "hello \0 world, this is a little crypto test\0"
	print "text, len", repr(text), len(text)
	for i in range(0, int(n)):
		enc = crypto.encrypt(text, key)
		print "encrypted", enc
		dec = crypto.decrypt(enc, key)
		assert dec == text, "crypto.test"
		print "decrypted OK"

if __name__ == "__main__":
	op = sys.argv[1]
	print globals()[op](*sys.argv[2:])