56 lines
1.6 KiB
Python
56 lines
1.6 KiB
Python
|
import os
|
||
|
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
|
||
|
from cryptography.hazmat.primitives import hashes
|
||
|
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
|
||
|
from cryptography.hazmat.backends import default_backend
|
||
|
|
||
|
# Function to derive a 256-bit key from a password and salt
|
||
|
def derive_key(passwd, salt):
|
||
|
kdf = PBKDF2HMAC(
|
||
|
algorithm=hashes.SHA256(),
|
||
|
length=32,
|
||
|
salt=salt,
|
||
|
iterations=10000,
|
||
|
backend=default_backend()
|
||
|
)
|
||
|
key = kdf.derive(passwd.encode())
|
||
|
return key.hex()
|
||
|
|
||
|
|
||
|
# Function to encrypt a file using a password
|
||
|
def encrypt_file(passwd, input_file, output_file):
|
||
|
salt = os.urandom(16)
|
||
|
key = derive_key(passwd, salt)
|
||
|
iv = os.urandom(16)
|
||
|
cipher = Cipher(algorithms.AES(key), modes.CFB(iv), backend=default_backend())
|
||
|
encryptor = cipher.encryptor()
|
||
|
|
||
|
with open(input_file, 'rb') as f:
|
||
|
plaintext = f.read()
|
||
|
|
||
|
ciphertext = encryptor.update(plaintext) + encryptor.finalize()
|
||
|
|
||
|
with open(output_file, 'wb') as f:
|
||
|
f.write(salt + iv + ciphertext)
|
||
|
|
||
|
|
||
|
# Function to decrypt a file using a password
|
||
|
def decrypt_file(passwd, input_file, output_file=None):
|
||
|
with open(input_file, 'rb') as f:
|
||
|
encrypted_data = f.read()
|
||
|
|
||
|
salt = encrypted_data[:16]
|
||
|
iv = encrypted_data[16:32]
|
||
|
ciphertext = encrypted_data[32:]
|
||
|
key = derive_key(passwd, salt)
|
||
|
cipher = Cipher(algorithms.AES(key), modes.CFB(iv), backend=default_backend())
|
||
|
decryptor = cipher.decryptor()
|
||
|
|
||
|
plaintext = decryptor.update(ciphertext) + decryptor.finalize()
|
||
|
|
||
|
if output_file is None:
|
||
|
return plaintext
|
||
|
else:
|
||
|
with open(output_file, 'wb') as f:
|
||
|
f.write(plaintext)
|