Socket
Socket
Sign inDemoInstall

fileenc-openssl

Package Overview
Dependencies
0
Maintainers
1
Alerts
File Explorer

Install Socket

Detect and block malicious and high-risk dependencies

Install

fileenc-openssl

allows one to easily encrypt and decrypt files symmetrically using openssl and python3


Maintainers
1

Readme

fileenc-openssl

This code allows one to easily encrypt and decrypt files symmetrically using openssl and python3.

  • Uses aes-256-cbc for file encryption (as implemented by openssl)
  • Uses a salt when encrypting (to avoid pre-computation or rainbow tables).
  • Uses sha256 key stretching (with <0.1s) to make brute force prohibitively expensive.
  • Uses sha256 checksum to check file integrity.

Installation

You can install using

.. code-block:: bash

pip install fileenc-openssl

If you want fileenc and filedec available system-wide, use sudo or equivalent.

Usage

From command line:

.. code-block:: bash

fileenc --key 'password123' --input '*.png' --check --overwrite
filedec --key 'password123' --input '*.png.enc' --check --overwrite --remove
# the quotes around wildcards are important

From python:

.. code-block:: python

from fileenc_openssl import stretch_key, encrypt_file, decrypt_file
stretched_key = stretch_key('password123')
enc_pth = encrypt_file(raw_pth, key=stretched_key)
res_pth = decrypt_file(enc_pth, key=stretched_key)

Testing (needs py.test):

.. code-block:: bash

py.test

Options

You can find all options using fileenc --help::

-h, --help               show this help message and exit
-k KEY, --key KEY        the key to use for encryption; you will be prompted for one if this is not provided (more secure)
-i INP, --input INP      input file, directory or pattern (as a single string) (.enc will be appended)
-o OUTP, --output OUTP   optionally, output file or directory (.enc will be stripped if available)
-d, --decrypt            decrypt the input file(s) (as opposed to encrypt, which is the default)
-f, --overwrite          overwrite existing files when decrypting (encrypting always overwrites)
-r, --remove             remove the input file after en/decrypting (after --check)
-c, --check              test the encryption by reversing it (abort on failure) (only for ENcryption due to salting)
-1, --once               prompt for the key only once (when encrypting without -k)
-j N, --process-count N  number of parallel processes to use for en/decryption; `0` for auto (default), `1` for serial

optional arguments: -h, --help show this help message and exit -k KEY, --key KEY the key to use for encryption; you will be prompted for one if this is not provided (more secure) -i INP, --input INP input file, directory or pattern as a single string (required for encrypting; defaults to *.enc when decrypting) -o OUTP, --output OUTP optionally, output file or directory; .enc will be appended to each file -d, --decrypt decrypt the input file(s) (as opposed to encrypt, which is the default) -f, --overwrite overwrite existing files when decrypting (encrypting always overwrites) -r, --remove shred the input file after en/decrypting (after --check) -c, --check test the encryption by reversing it (abort on failure) (only for ENcryption due to salting) -1, --once prompt for the key only once (only applicable if --key and --decrypt are not set) -j PROC_CNT, --process-count PROC_CNT number of parallel processes to use for en/decryption; 0 for auto (default), 1 for serial

License

Revised BSD License; at your own risk, you can mostly do whatever you want with this code, just don't use my name for promotion and do keep the license file.

Keywords

FAQs


Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc