-
Notifications
You must be signed in to change notification settings - Fork 0
/
file-encryption.py
145 lines (115 loc) · 4.7 KB
/
file-encryption.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
#!/usr/bin/env python3
import os
import argparse
import getpass # Hide the password
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes, padding
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.backends import default_backend
# Ansi color code
RED = '\033[31m' # RED color
GREEN = '\033[32m' # GREEN color
RESET = '\033[0m' # RESET all color
BLINK = '\033[5m' # Blink content
# Banner
banner = f"""{GREEN}{BLINK}
+-----------+
| File.txt |
+-----------+
|
V
+------------------+
| Encryption Key |
+------------------+
|
V
+---------------+
| Encrypted |
| File.txt.enc |
+---------------+
{RESET}
Author : Naresh
Github : https://github.com/theNareshofficial
Youtube : https://www.youtube.com/@nareshtechweb930
{RESET}{RED}
"""
print(banner)
def encrypt_file(file_path, algorithm, key): # Encrypt function
salt = os.urandom(16) # Generate a random salt
kdf = PBKDF2HMAC(
algorithm=hashes.SHA256(),
length=32, # Key length for AES
salt=salt,
iterations=100000,
backend=default_backend(),
)
derived_key = kdf.derive(key.encode()) # Derive the key from the password
# AES-256 in CBC mode with a random IV
iv = os.urandom(16) # iv mean Initialization Vector
cipher = Cipher(algorithms.AES(derived_key), modes.CBC(iv), backend=default_backend())
encryptor = cipher.encryptor()
# Read and encrypt the file
with open(file_path, 'rb') as f:
plaintext = f.read()
# Apply PKCS7 padding to ensure the plaintext is a multiple of the block size
padder = padding.PKCS7(algorithms.AES.block_size).padder()
padded_data = padder.update(plaintext) + padder.finalize()
cipher_text = encryptor.update(padded_data) + encryptor.finalize()
# Save the encrypted data to a new file with .enc extension
encrypted_file_path = file_path + ".enc"
with open(encrypted_file_path, 'wb') as f:
f.write(salt + iv + cipher_text) # Store the salt and IV in the beginning of the file for later decryption
# Enable for remove original file
#os.remove(file_path) # remove original file
print(f"File '{file_path}' encrypted successfully as '{encrypted_file_path}'")
def decrypt_file(file_path, key): # Decrypt function
# Read the encrypted data
with open(file_path, 'rb') as f:
salt = f.read(16) # Extract the salt
iv = f.read(16) # Extract the IV
cipher_text = f.read() # The rest is cipher text
# Derive the key from the password and salt
kdf = PBKDF2HMAC(
algorithm=hashes.SHA256(),
length=32,
salt=salt,
iterations=100000,
backend=default_backend(),
)
# If the password is incorrect, an exception will be thrown
try:
derived_key = kdf.derive(key.encode())
except Exception as e:
print("Incorrect password.")
pass
except KeyboardInterrupt:
pass
cipher = Cipher(algorithms.AES(derived_key),
modes.CBC(iv),
backend=default_backend())
decryptor = cipher.decryptor()
# Decrypt the cipher_text and remove padding
padded_data = decryptor.update(cipher_text) + decryptor.finalize()
unpadder = padding.PKCS7(algorithms.AES.block_size).unpadder()
plaintext = unpadder.update(padded_data) + unpadder.finalize()
print("File decrypted successfully. Here is the content:")
print(plaintext.decode('utf-8'))
if __name__ == "__main__":
parser = argparse.ArgumentParser(
description=
"Encrypt or Decrypt a file with a specified algorithm and key.")
parser.add_argument("--file", type=str, required=True, help="Path to the file to encrypt or decrypt.")
parser.add_argument("--mode", choices=["encrypt", "decrypt"], required=True, help="Whether to encrypt or decrypt.")
parser.add_argument("--algorithm", type=str, default="AES", help="Encryption algorithm to use. Default is AES.")
args = parser.parse_args()
# Get the secret key (password) from the user
key = getpass.getpass("Enter your password: ")
if args.algorithm != "AES":
print("Currently, only AES encryption is supported.")
exit(1)
if args.mode == "encrypt":
encrypt_file(args.file, args.algorithm, key)
elif args.mode == "decrypt":
decrypt_file(args.file, key)