Easily accessible encryption & decryption algorithms, implementations and commands.
- File encrypt-decrypt: AES-256 using GPG on Ubuntu: encryption_aes_gpg.md
- Text encrypt-decrypt: Fernet (AES-128 CBC) in Python: encryption_fernet.py
Easily accessible encryption & decryption algorithms, implementations and commands.
Commands on Ubuntu/Linux on encrypting and decrypting files using AES-256
# Encrypt
$ gpg --cipher-algo AES256 --symmetric filename.zip
# Decrypt
$ gpg --output filename.zip --decrypt filename.zip.gpg
"""Fernet Encryption and Decryption. | |
WARNING: The implementation here does not use the encryption key as is. Instead | |
a base64 encoding of a 256-bit hash of the encryption key is used as the key for | |
the Fernet algorithm. The exact conversion can be seen in the function | |
`generate_b64_32byte_hash_from_string`. | |
""" | |
import base64 | |
import hashlib | |
from cryptography.fernet import Fernet | |
def generate_b64_32byte_hash_from_string(string): | |
"""Generate a base64 encoding of 32-byte hash of a string. | |
The result of this function is used as the key for fernet encryption. | |
What this function does: | |
* Encode string to bytes. | |
* Convert bytes to 256-bit (32-byte) hash. | |
* Encode 32-byte hash to base64. | |
Args: | |
string (str, bytes): The string key of any length. | |
Returns: | |
bytes: Base64 encoding of a 32-byte hash of a string. | |
""" | |
byte_string = string.encode('utf-8') | |
hasher = hashlib.sha256() | |
hasher.update(byte_string) | |
hash_32bytes = hasher.digest() | |
b64_hash = base64.b64encode(hash_32bytes) | |
return b64_hash | |
def get_fernet_encrypted_text(text_to_encrypt, encryption_key): | |
"""Encrypt string text using the Fernet method. | |
What this function does: | |
* Obtain base64 encoding of 32-byte hash of the encryption_key. | |
* Obtain Fernet cipher from the base64 encoded encryption_key. | |
* Encode the string text_to_encrypt to bytes. | |
* Obtain the encrypted_bytes using the Fernet cipher. | |
* Decode the encrypted_bytes to string. | |
Args: | |
text_to_encrypt (str): The string to encrypt. | |
encryption_key (str): The string key used to encrypt the text. | |
Returns: | |
str: Encrypted string of text_to_encrypt using the encryption_key. | |
""" | |
b64_hash_key = generate_b64_32byte_hash_from_string(encryption_key) | |
fernet_cipher = Fernet(b64_hash_key) | |
bytes_to_encrypt = text_to_encrypt.encode("utf-8") | |
encrypted_bytes = fernet_cipher.encrypt(bytes_to_encrypt) | |
encrypted_text = encrypted_bytes.decode("utf-8") | |
return encrypted_text | |
def get_fernet_decrypted_text(text_to_decrypt, encryption_key): | |
"""Decrypt string text using the Fernet method. | |
What this function does: | |
* Obtain base64 encoding of 32-byte hash of the encryption_key. | |
* Obtain Fernet cipher from the base64 encoded encryption_key. | |
* Encode the string text_to_decrypt to bytes. | |
* Obtain the decrypted_bytes using the Fernet cipher. | |
* Decode the decrypted_bytes to string. | |
Args: | |
text_to_decrypt (str): The string to decrypt. | |
encryption_key (str): The string key used to decrypt the text. | |
Returns: | |
str: Decrypted string of text_to_decrypt using the encryption_key. | |
""" | |
b64_hash_key = generate_b64_32byte_hash_from_string(encryption_key) | |
fernet_cipher = Fernet(b64_hash_key) | |
bytes_to_decrypt = text_to_decrypt.encode('utf-8') | |
decrypted_bytes = fernet_cipher.decrypt(bytes_to_decrypt) | |
decrypted_text = decrypted_bytes.decode('utf-8') | |
return decrypted_text |