------------------------------------------------------------------------------- Using Fernet For a multi-language encrypted data format... See info/crypto/fernet_encryption.txt Requires extra installation pip install cryptography Also installs cffi and pycparser (which is not needed!) This seemed to be designed for small data encryptions! and is perfect for encrypted messages between say a PHP front end and python backend (via redis message queues) ------------------------------------------------------------------------------- PyCrypto Requires extra installation (older legacy install) pip3 install pycrypto This installs module named "Crypto" It also requires compilation on Windows AES encryption of files in Python with PyCrypto https://eli.thegreenplace.net/2010/06/25/aes-encryption-of-files-in-python-with-pycrypto/ Basic Raw (over simplistic) Example... https://stackoverflow.com/questions/16761458/ =======8<--------CUT HERE---------- from Crypto.Cipher import AES cypher = AES.new('This is a key123', AES.MODE_CBC, 'This is an IV456') message = "The answer is no" ciphertext = cypher.encrypt(message) ciphertext # => b'\xd6\x83\x8dd!VT\x92\xaa`A\x05\xe0\x9b\x8b\xf1' cypher = AES.new('This is a key123', AES.MODE_CBC, 'This is an IV456') cypher.decrypt(ciphertext) # => b'The answer is no' # =======8<--------CUT HERE---------- Decrypting OpenSSL encrypted text... =======8<--------CUT HERE---------- import base64 import hashlib from Crypto.Cipher import AES #requires pycrypto # decoding the result of... # echo -n 'Hello World!' | openssl aes-256-cbc -e -a -salt -pbkdf2 -iter 10000 # openssloutputb64='U2FsdGVkX1/Kf8Yo6JjBh+qELWhirAXr78+bbPQjlxE=' password='p4$$w0rd' pbkdf2iterations=100000 # convert inputs to bytes openssloutputbytes = base64.b64decode(openssloutputb64) passwordbytes = password.encode('utf-8') # salt is bytes 8 through 15 of openssloutputbytes salt = openssloutputbytes[8:16] # derive a 48-byte key using pbkdf2 given the password and salt # with 10,000 iterations of sha256 hashing derivedkey = hashlib.pbkdf2_hmac( 'sha256', passwordbytes, salt, pbkdf2iterations, 48 ) # key is bytes 0-31 of derivedkey, iv is bytes 32-47 of derivedkey key = derivedkey[0:32] iv = derivedkey[32:48] # ciphertext is bytes 16-end of openssloutputbytes ciphertext = openssloutputbytes[16:] # decrypt ciphertext using aes-cbc, given key, iv, and ciphertext decryptor = AES.new(key, AES.MODE_CBC, iv) plaintext = decryptor.decrypt(ciphertext) # Remove PKCS#7 padding. # Last byte of plaintext indicates the number of padding bytes appended # to end. This is the number of bytes to be removed. plaintext = plaintext[:-plaintext[-1]] # output results print('openssloutputb64:', openssloutputb64) print('password:', password) print('salt:', salt.hex()) print('key: ', key.hex()) print('iv: ', iv.hex()) print('ciphertext: ', ciphertext.hex()) print('plaintext: ', plaintext.decode('utf-8')) =======8<--------CUT HERE---------- Results... openssloutputb64: U2FsdGVkX1/Kf8Yo6JjBh+qELWhirAXr78+bbPQjlxE= password: p4$$w0rd salt: ca7fc628e898c187 key: 444ab886d5721fc87e58f86f3e7734659007bea7fbe790541d9e73c481d9d983 iv: 7f4597a18096715d7f9830f0125be8fd ciphertext: ea842d6862ac05ebefcf9b6cf4239711 plaintext: Hello World! ------------------------------------------------------------------------------- SimplyCrypt https://github.com/andrewcooke/simple-crypt https://pypi.org/project/simple-crypt/ Uses PyCrypto with a AES256 cypher Extra Installation pip install simple-crypt Password is hashed using PBKDF2 with SHA256, a 256 bit random salt =======8<--------CUT HERE---------- from simplecrypt import encrypt, decrypt f = open('file.csv','r').read() ciphertext = encrypt('USERPASSWORD',f.encode('utf8')) e = open('file.enc','wb') e.write(ciphertext) e.close # return to a utf8 string # plaintext = decrypt('password', ciphertext).decode('utf8') =======8<--------CUT HERE---------- ------------------------------------------------------------------------------- Hashing import hashlib data="abc" hashlib.algorithms_available # sha256 hexadecimal hash = hashlib.sha256(data.encode()).hexdigest() # => 'ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad' # sha256 base64 import base64 hash = hashlib.sha256(data.encode()).digest() # as a byte string hash_b64 = base64.b64encode(hash).decode() # decode to utf-8 # => 'ungWv48Bz+pBQUDeXa4iI7ADYaOWF3qctBD/YfIAFa0=' # sha1 hexadecimal hash hashlib.sha1(data.encode()).hexdigest() # => 'a9993e364706816aba3e25717850c26c9cd0d89d' # md5 hexadecimal hash = hashlib.md5(data.encode()).hexdigest() # => '900150983cd24fb0d6963f7d28e17f72' # openssl 'ripemd160' h = hashlib.new('ripemd160') h.update(data.encode()) hash = h.hexdigest() Key Derivation NOTE: this is about 3 times slower than "openssl" pbkdf2_hmac() for the same result key = hashlib.pbkdf2_hmac('sha256', b'password', b'salt', 100000) binascii.hexlify(key) -------------------------------------------------------------------------------