Menu
Sep 08, 2014 16 random bytes of salt are extracted from the system's secure random number generator (usually /dev/urandom) The given master key is stretched and expanded by PKBDF2-HMAC(SHA256) using the salt from 1), to generate the AES key, HMAC key and IV (initialization vector for CBC).
Encrypt & Decrypt using PyCrypto AES 256 From http://stackoverflow.com/a/12525165/119849
AESCipher.py
#!/usr/bin/env python |
importbase64 |
fromCryptoimportRandom |
fromCrypto.CipherimportAES |
BS=16 |
pad=lambdas: s+ (BS-len(s) %BS) *chr(BS-len(s) %BS) |
unpad=lambdas : s[0:-ord(s[-1])] |
classAESCipher: |
def__init__( self, key ): |
self.key=key |
defencrypt( self, raw ): |
raw=pad(raw) |
iv=Random.new().read( AES.block_size ) |
cipher=AES.new( self.key, AES.MODE_CBC, iv ) |
returnbase64.b64encode( iv+cipher.encrypt( raw ) ) |
defdecrypt( self, enc ): |
enc=base64.b64decode(enc) |
iv=enc[:16] |
cipher=AES.new(self.key, AES.MODE_CBC, iv ) |
returnunpad(cipher.decrypt( enc[16:] )) |
cipher=AESCipher('mysecretpassword') |
encrypted=cipher.encrypt('Secret Message A') |
decrypted=cipher.decrypt(encrypted) |
printencrypted |
printdecrypted |
requirements.txt
- Sep 26, 2019 This only works because the 'mysecretpassword' is 16 bytes. If it were a different (not dividable by 16) amount of bytes you'd get 'ValueError: AES key.
- Sep 26, 2019 an example of symmetric encryption in python using a single known secret key - utilizes AES from PyCrypto library - AESexample.py. # generate a random secret key with the decided key length. # use the decoded secret key to create a AES cipher: cipher = AES. New (secretkey).
- Random key generation; Key based encryption of a string; Installation. Install cryptography with pip: pip install cryptorgraphy. Supported Python versions. Python 2.7; Python 3.6; Python 3.7; Example Code for Python based symmetric encryption using AES-GCM and generation of keys.
commented Jan 13, 2014
AWESOMESAUCE. |
commented Sep 16, 2016
This only works because the 'mysecretpassword' is 16 bytes. If it were a different (not dividable by 16) amount of bytes you'd get 'ValueError: AES key must be either 16, 24, or 32 bytes long' To avoid this the key may be hashed: self.key = hashlib.sha256(key.encode('utf-8')).digest() |
commented Dec 22, 2016
Very minor changes to make it python 3 compatible https://gist.github.com/mguezuraga/257a662a51dcde53a267e838e4d387cd |
commented Dec 19, 2017 • edited
edited
lambda removed(pep 8 support) ord removed(python 3 support) |
commented Jan 20, 2018 • edited
edited
In Python 3 using the modifications of Craz1k0ek it still doesn't work with Unicode. For example the input Hello, 你好 raises ValueError: Input strings must be a multiple of 16 in length Edit: found a working version: https://stackoverflow.com/a/44212550 |
commented Apr 26, 2018
i think this is aes 128, we have a standard blocksize of 16 bytes (128bit) |
commented Apr 26, 2018
i can't seem to find how to do aes256 |
commented Jun 5, 2018
Please provide the JAVA code equivalent to above which is in python. |
Sign up for freeto join this conversation on GitHub. Already have an account? Sign in to comment
Encrypt & Decrypt using PyCrypto AES 256 (6)
Another take on this (heavily derived from solutions above) but
- uses null for padding
- does not use lambda (never been a fan)
- tested with python 2.7 and 3.6.5
I'm trying to build two functions using PyCrypto that accept two parameters: the message and the key, and then encrypt/decrypt the message.
I found several links on the web to help me out, but each one of them has flaws:
This one at codekoala uses os.urandom, which is discouraged by PyCrypto.
Moreover, the key I give to the function is not guaranteed to have the exact length expected. What can I do to make that happen ?
Also, there are several modes, which one is recommended? I don't know what to use :/
Random Numbers Python
Finally, what exactly is the IV? Can I provide a different IV for encrypting and decrypting, or will this return in a different result?
Generate Random Aes Key Python
Here's what I've done so far:
How To Add Random Numbers In Python
For someone who would like to use urlsafe_b64encode and urlsafe_b64decode, here are the version that're working for me (after spending some time with the unicode issue)