sio-2425/delivery1/lib/symmetric_encryption.py

61 lines
1.6 KiB
Python

import os
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.backends import default_backend
# Function to derive a 256-bit key from a password and salt
def derive_key(salt):
kdf = PBKDF2HMAC(
algorithm=hashes.SHA256(),
length=32,
salt=salt,
iterations=10000,
backend=default_backend()
)
return kdf.derive(b'')
# Function to encrypt a file using a salt
def encrypt_file(input_file, output_file=None):
salt = os.urandom(16)
key = derive_key(salt)
iv = os.urandom(16)
nonce = os.urandom(16)
cipher = Cipher(algorithms.AES(key), modes.CFB(iv), backend=default_backend())
encryptor = cipher.encryptor()
with open(input_file, 'rb') as f:
plaintext = f.read()
ciphertext = encryptor.update(plaintext) + encryptor.finalize()
if output_file is not None:
with open(output_file, 'wb') as f:
f.write(salt + iv + ciphertext)
return salt + iv + ciphertext, nonce
# Function to decrypt a file
def decrypt_file(input_file, output_file=None):
with open(input_file, 'rb') as f:
encrypted_data = f.read()
salt = encrypted_data[:16]
iv = encrypted_data[16:32]
ciphertext = encrypted_data[32:]
key = derive_key(salt)
cipher = Cipher(algorithms.AES(key), modes.CFB(iv), backend=default_backend())
decryptor = cipher.decryptor()
plaintext = decryptor.update(ciphertext) + decryptor.finalize()
if output_file is None:
return plaintext
else:
with open(output_file, 'wb') as f:
f.write(plaintext)