Best Way to encrypt a file in python

It's only fair to share...Digg thisShare on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInFlattr the authorShare on TumblrShare on VKShare on YummlyShare on RedditShare on StumbleUpon

Best Way to encrypt a file in python

Best Way to encrypt a file in python. Given the popularity of Python, at first I was disappointed that there was no complete answer to this question to be found. It took me a fair amount of reading different answers, as well as other resources, to get it right. I thought I might share the result for future reference and perhaps review; I’m by no means a cryptography expert! However, the code below appears to work good:

 

<code><span class="kwd">from</span><span class="pln"> hashlib </span><span class="kwd">import</span><span class="pln"> md5
</span><span class="kwd">from</span> <span class="typ">Crypto</span><span class="pun">.</span><span class="typ">Cipher</span> <span class="kwd">import</span><span class="pln"> AES
</span><span class="kwd">from</span> <span class="typ">Crypto</span> <span class="kwd">import</span> <span class="typ">Random</span>

<span class="kwd">def</span><span class="pln"> derive_key_and_iv</span><span class="pun">(</span><span class="pln">password</span><span class="pun">,</span><span class="pln"> salt</span><span class="pun">,</span><span class="pln"> key_length</span><span class="pun">,</span><span class="pln"> iv_length</span><span class="pun">):</span><span class="pln">
    d </span><span class="pun">=</span><span class="pln"> d_i </span><span class="pun">=</span> <span class="str">''</span>
    <span class="kwd">while</span><span class="pln"> len</span><span class="pun">(</span><span class="pln">d</span><span class="pun">)</span> <span class="pun"><</span><span class="pln"> key_length </span><span class="pun">+</span><span class="pln"> iv_length</span><span class="pun">:</span><span class="pln">
        d_i </span><span class="pun">=</span><span class="pln"> md5</span><span class="pun">(</span><span class="pln">d_i </span><span class="pun">+</span><span class="pln"> password </span><span class="pun">+</span><span class="pln"> salt</span><span class="pun">).</span><span class="pln">digest</span><span class="pun">()</span><span class="pln">
        d </span><span class="pun">+=</span><span class="pln"> d_i
    </span><span class="kwd">return</span><span class="pln"> d</span><span class="pun">[:</span><span class="pln">key_length</span><span class="pun">],</span><span class="pln"> d</span><span class="pun">[</span><span class="pln">key_length</span><span class="pun">:</span><span class="pln">key_length</span><span class="pun">+</span><span class="pln">iv_length</span><span class="pun">]</span>

<span class="kwd">def</span><span class="pln"> encrypt</span><span class="pun">(</span><span class="pln">in_file</span><span class="pun">,</span><span class="pln"> out_file</span><span class="pun">,</span><span class="pln"> password</span><span class="pun">,</span><span class="pln"> key_length</span><span class="pun">=</span><span class="lit">32</span><span class="pun">):</span><span class="pln">
    bs </span><span class="pun">=</span><span class="pln"> AES</span><span class="pun">.</span><span class="pln">block_size
    salt </span><span class="pun">=</span> <span class="typ">Random</span><span class="pun">.</span><span class="pln">new</span><span class="pun">().</span><span class="pln">read</span><span class="pun">(</span><span class="pln">bs </span><span class="pun">-</span><span class="pln"> len</span><span class="pun">(</span><span class="str">'Salted__'</span><span class="pun">))</span><span class="pln">
    key</span><span class="pun">,</span><span class="pln"> iv </span><span class="pun">=</span><span class="pln"> derive_key_and_iv</span><span class="pun">(</span><span class="pln">password</span><span class="pun">,</span><span class="pln"> salt</span><span class="pun">,</span><span class="pln"> key_length</span><span class="pun">,</span><span class="pln"> bs</span><span class="pun">)</span><span class="pln">
    cipher </span><span class="pun">=</span><span class="pln"> AES</span><span class="pun">.</span><span class="pln">new</span><span class="pun">(</span><span class="pln">key</span><span class="pun">,</span><span class="pln"> AES</span><span class="pun">.</span><span class="pln">MODE_CBC</span><span class="pun">,</span><span class="pln"> iv</span><span class="pun">)</span><span class="pln">
    out_file</span><span class="pun">.</span><span class="pln">write</span><span class="pun">(</span><span class="str">'Salted__'</span> <span class="pun">+</span><span class="pln"> salt</span><span class="pun">)</span><span class="pln">
    finished </span><span class="pun">=</span> <span class="kwd">False</span>
    <span class="kwd">while</span> <span class="kwd">not</span><span class="pln"> finished</span><span class="pun">:</span><span class="pln">
        chunk </span><span class="pun">=</span><span class="pln"> in_file</span><span class="pun">.</span><span class="pln">read</span><span class="pun">(</span><span class="lit">1024</span> <span class="pun">*</span><span class="pln"> bs</span><span class="pun">)</span>
        <span class="kwd">if</span><span class="pln"> len</span><span class="pun">(</span><span class="pln">chunk</span><span class="pun">)</span> <span class="pun">==</span> <span class="lit">0</span> <span class="kwd">or</span><span class="pln"> len</span><span class="pun">(</span><span class="pln">chunk</span><span class="pun">)</span> <span class="pun">%</span><span class="pln"> bs </span><span class="pun">!=</span> <span class="lit">0</span><span class="pun">:</span><span class="pln">
            padding_length </span><span class="pun">=</span> <span class="pun">(</span><span class="pln">bs </span><span class="pun">-</span><span class="pln"> len</span><span class="pun">(</span><span class="pln">chunk</span><span class="pun">)</span> <span class="pun">%</span><span class="pln"> bs</span><span class="pun">)</span> <span class="kwd">or</span><span class="pln"> bs
            chunk </span><span class="pun">+=</span><span class="pln"> padding_length </span><span class="pun">*</span><span class="pln"> chr</span><span class="pun">(</span><span class="pln">padding_length</span><span class="pun">)</span><span class="pln">
            finished </span><span class="pun">=</span> <span class="kwd">True</span><span class="pln">
        out_file</span><span class="pun">.</span><span class="pln">write</span><span class="pun">(</span><span class="pln">cipher</span><span class="pun">.</span><span class="pln">encrypt</span><span class="pun">(</span><span class="pln">chunk</span><span class="pun">))</span>

<span class="kwd">def</span><span class="pln"> decrypt</span><span class="pun">(</span><span class="pln">in_file</span><span class="pun">,</span><span class="pln"> out_file</span><span class="pun">,</span><span class="pln"> password</span><span class="pun">,</span><span class="pln"> key_length</span><span class="pun">=</span><span class="lit">32</span><span class="pun">):</span><span class="pln">
    bs </span><span class="pun">=</span><span class="pln"> AES</span><span class="pun">.</span><span class="pln">block_size
    salt </span><span class="pun">=</span><span class="pln"> in_file</span><span class="pun">.</span><span class="pln">read</span><span class="pun">(</span><span class="pln">bs</span><span class="pun">)[</span><span class="pln">len</span><span class="pun">(</span><span class="str">'Salted__'</span><span class="pun">):]</span><span class="pln">
    key</span><span class="pun">,</span><span class="pln"> iv </span><span class="pun">=</span><span class="pln"> derive_key_and_iv</span><span class="pun">(</span><span class="pln">password</span><span class="pun">,</span><span class="pln"> salt</span><span class="pun">,</span><span class="pln"> key_length</span><span class="pun">,</span><span class="pln"> bs</span><span class="pun">)</span><span class="pln">
    cipher </span><span class="pun">=</span><span class="pln"> AES</span><span class="pun">.</span><span class="pln">new</span><span class="pun">(</span><span class="pln">key</span><span class="pun">,</span><span class="pln"> AES</span><span class="pun">.</span><span class="pln">MODE_CBC</span><span class="pun">,</span><span class="pln"> iv</span><span class="pun">)</span><span class="pln">
    next_chunk </span><span class="pun">=</span> <span class="str">''</span><span class="pln">
    finished </span><span class="pun">=</span> <span class="kwd">False</span>
    <span class="kwd">while</span> <span class="kwd">not</span><span class="pln"> finished</span><span class="pun">:</span><span class="pln">
        chunk</span><span class="pun">,</span><span class="pln"> next_chunk </span><span class="pun">=</span><span class="pln"> next_chunk</span><span class="pun">,</span><span class="pln"> cipher</span><span class="pun">.</span><span class="pln">decrypt</span><span class="pun">(</span><span class="pln">in_file</span><span class="pun">.</span><span class="pln">read</span><span class="pun">(</span><span class="lit">1024</span> <span class="pun">*</span><span class="pln"> bs</span><span class="pun">))</span>
        <span class="kwd">if</span><span class="pln"> len</span><span class="pun">(</span><span class="pln">next_chunk</span><span class="pun">)</span> <span class="pun">==</span> <span class="lit">0</span><span class="pun">:</span><span class="pln">
            padding_length </span><span class="pun">=</span><span class="pln"> ord</span><span class="pun">(</span><span class="pln">chunk</span><span class="pun">[-</span><span class="lit">1</span><span class="pun">])</span><span class="pln">
            chunk </span><span class="pun">=</span><span class="pln"> chunk</span><span class="pun">[:-</span><span class="pln">padding_length</span><span class="pun">]</span><span class="pln">
            finished </span><span class="pun">=</span> <span class="kwd">True</span><span class="pln">
        out_file</span><span class="pun">.</span><span class="pln">write</span><span class="pun">(</span><span class="pln">chunk</span><span class="pun">)</span></code>
Encrypt

ALSO READ  Best Way to create a TCP client in python

<span class="kwd">with</span><span class="pln"> open</span><span class="pun">(</span><span class="pln">in_filename</span><span class="pun">,</span> <span class="str">'rb'</span><span class="pun">)</span> <span class="kwd">as</span><span class="pln"> in_file</span><span class="pun">,</span><span class="pln"> open</span><span class="pun">(</span><span class="pln">out_filename</span><span class="pun">,</span> <span class="str">'wb'</span><span class="pun">)</span> <span class="kwd">as</span><span class="pln"> out_file</span><span class="pun">:</span><span class="pln">
    encrypt</span><span class="pun">(</span><span class="pln">in_file</span><span class="pun">,</span><span class="pln"> out_file</span><span class="pun">,</span><span class="pln"> password</span><span class="pun">)</span>
<span class="kwd">with</span><span class="pln"> open</span><span class="pun">(</span><span class="pln">in_filename</span><span class="pun">,</span> <span class="str">'rb'</span><span class="pun">)</span> <span class="kwd">as</span><span class="pln"> in_file</span><span class="pun">,</span><span class="pln"> open</span><span class="pun">(</span><span class="pln">out_filename</span><span class="pun">,</span> <span class="str">'wb'</span><span class="pun">)</span> <span class="kwd">as</span><span class="pln"> out_file</span><span class="pun">:</span><span class="pln">
    decrypt</span><span class="pun">(</span><span class="pln">in_file</span><span class="pun">,</span><span class="pln"> out_file</span><span class="pun">,</span><span class="pln"> password</span><span class="pun">)</span>

What is Python? Executive Summary

Python is an interpreted, object-oriented, high-level programming language with dynamic semantics. Its high-level built in data structures, combined with dynamic typing and dynamic binding, make it very attractive for Rapid Application Development, as well as for use as a scripting or glue language to connect existing components together. Python’s simple, easy to learn syntax emphasizes readability and therefore reduces the cost of program maintenance. Python supports modules and packages, which encourages program modularity and code reuse. The Python interpreter and the extensive standard library are available in source or binary form without charge for all major platforms, and can be freely distributed. Best Way to encrypt a file in python.

ALSO READ  Write A Remote Buffer Overflow Exploit Using Python

Often, programmers fall in love with Python because of the increased productivity it provides. Since there is no compilation step, the edit-test-debug cycle is incredibly fast. Debugging Python programs is easy: a bug or bad input will never cause a segmentation fault. Instead, when the interpreter discovers an error, it raises an exception. When the program doesn’t catch the exception, the interpreter prints a stack trace. A source level debugger allows inspection of local and global variables, evaluation of arbitrary expressions, setting breakpoints, stepping through the code a line at a time, and so on. The debugger is written in Python itself, testifying to Python’s introspective power. On the other hand, often the quickest way to debug a program is to add a few print statements to the source: the fast edit-test-debug cycle makes this simple approach very effective. Best Way to encrypt a file in python.

It's only fair to share...Digg thisShare on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInFlattr the authorShare on TumblrShare on VKShare on YummlyShare on RedditShare on StumbleUpon