Aes Key Generation Python Code
Posted By admin On 13.12.20This is one of my first Python scripts and I was wondering if it meets the correct conventions. Also are there things that you would write different? I am looking for some good comments so I can start to improve my Python code from the start. (I was not supposed to use imports here) Here's my implementation of Simplified DES. Sep 20, 2017 Supports all AES key sizes; Supports all AES common modes; Pure-Python (no external dependencies) BlockFeeder API allows streams to easily be encrypted and decrypted; Python 2.x and 3.x support (make sure you pass in bytes, not strings for Python 3) API. All keys may be 128 bits (16 bytes), 192 bits (24 bytes) or 256 bits (32 bytes) long.
Python Aes Doc
Encrypt & Decrypt using PyCrypto AES 256 (6)
Another take on this (heavily derived from solutions above) but
- uses null for padding
- does not use lambda (never been a fan)
tested with python 2.7 and 3.6.5
I'm trying to build two functions using PyCrypto that accept two parameters: the message and the key, and then encrypt/decrypt the message.
I found several links on the web to help me out, but each one of them has flaws:
This one at codekoala uses os.urandom, which is discouraged by PyCrypto.
Moreover, the key I give to the function is not guaranteed to have the exact length expected. What can I do to make that happen ?
Key Generator
Also, there are several modes, which one is recommended? I don't know what to use :/ Generate key from crt and csr.
Aes Key Generation Python Code Pdf
Finally, what exactly is the IV? Can I provide a different IV for encrypting and decrypting, or will this return in a different result?
Here's what I've done so far:
For someone who would like to use urlsafe_b64encode and urlsafe_b64decode, here are the version that're working for me (after spending some time with the unicode issue)
| # Inspired from https://pythonprogramming.net/encryption-and-decryption-in-python-code-example-with-explanation/ |
| # PyCrypto docs available at https://www.dlitz.net/software/pycrypto/api/2.6/ |
| fromCrypto.CipherimportAES |
| importbase64, os |
| defgenerate_secret_key_for_AES_cipher(): |
| # AES key length must be either 16, 24, or 32 bytes long |
| AES_key_length=16# use larger value in production |
| # generate a random secret key with the decided key length |
| # this secret key will be used to create AES cipher for encryption/decryption |
| secret_key=os.urandom(AES_key_length) |
| # encode this secret key for storing safely in database |
| encoded_secret_key=base64.b64encode(secret_key) |
| returnencoded_secret_key |
| defencrypt_message(private_msg, encoded_secret_key, padding_character): |
| # decode the encoded secret key |
| secret_key=base64.b64decode(encoded_secret_key) |
| # use the decoded secret key to create a AES cipher |
| cipher=AES.new(secret_key) |
| # pad the private_msg |
| # because AES encryption requires the length of the msg to be a multiple of 16 |
| padded_private_msg=private_msg+ (padding_character* ((16-len(private_msg)) %16)) |
| # use the cipher to encrypt the padded message |
| encrypted_msg=cipher.encrypt(padded_private_msg) |
| # encode the encrypted msg for storing safely in the database |
| encoded_encrypted_msg=base64.b64encode(encrypted_msg) |
| # return encoded encrypted message |
| returnencoded_encrypted_msg |
| defdecrypt_message(encoded_encrypted_msg, encoded_secret_key, padding_character): |
| # decode the encoded encrypted message and encoded secret key |
| secret_key=base64.b64decode(encoded_secret_key) |
| encrypted_msg=base64.b64decode(encoded_encrypted_msg) |
| # use the decoded secret key to create a AES cipher |
| cipher=AES.new(secret_key) |
| # use the cipher to decrypt the encrypted message |
| decrypted_msg=cipher.decrypt(encrypted_msg) |
| # unpad the encrypted message |
| unpadded_private_msg=decrypted_msg.rstrip(padding_character) |
| # return a decrypted original private message |
| returnunpadded_private_msg |
| ####### BEGIN HERE ####### |
| private_msg='' |
| Lorem ipsum dolor sit amet, malis recteque posidonium ea sit, te vis meliore verterem. Duis movet comprehensam eam ex, te mea possim luptatum gloriatur. Modus summo epicuri eu nec. Ex placerat complectitur eos. |
| '' |
| padding_character='{' |
| secret_key=generate_secret_key_for_AES_cipher() |
| encrypted_msg=encrypt_message(private_msg, secret_key, padding_character) |
| decrypted_msg=decrypt_message(encrypted_msg, secret_key, padding_character) |
| print' Secret Key: %s - (%d)'% (secret_key, len(secret_key)) |
| print'Encrypted Msg: %s - (%d)'% (encrypted_msg, len(encrypted_msg)) |
| print'Decrypted Msg: %s - (%d)'% (decrypted_msg, len(decrypted_msg)) |
commented Jan 18, 2019 • edited
edited
See also https://gist.github.com/btoueg/f71b62f456550da42ea9f4a4bd907d21 for an example using cryptography |