import os from base64 import b64decode, b64encode from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC from cryptography.hazmat.backends import default_backend _BACKEND = default_backend() def decrypt(pwd, json): iv = b64decode(json['iv']) ct = b64decode(json['ct']) salt = b64decode(json['salt']) ts = data['ts'] / 8 tag_start = len(ct) - ts tag = ct[tag_start:] ciphertext = ct[:tag_start] mode_class = getattr(modes, json['mode'].upper()) algo_class = getattr(algorithms, json['cipher'].upper()) kdf = _kdf(json['ks'], iters=json['iter'], salt=salt)[0] key = kdf.derive(pwd) cipher = Cipher(algo_class(key), mode_class(iv, tag, min_tag_length=ts), backend=_BACKEND) dec = cipher.decryptor() result = dec.update(ciphertext) + dec.finalize() return result def encrypt(pwd, plaintext, mode='gcm', algorithm='aes', keysize=256, tagsize=128, iters=10000): ts = tagsize / 8 mode_class = getattr(modes, mode.upper()) algo_class = getattr(algorithms, algorithm.upper()) iv = os.urandom(16) kdf, salt = _kdf(keysize, iters) key = kdf.derive(pwd) cipher = Cipher(algo_class(key), mode_class(iv, min_tag_length=ts), backend=_BACKEND) enc = cipher.encryptor() ciphertext = enc.update(plaintext) + enc.finalize() json = { "v": 1, "iv": b64encode(iv), "salt": b64encode(salt), "ct": b64encode(ciphertext + enc.tag[:ts]), "iter": iters, "ks": keysize, "ts": tagsize, "mode": mode, "cipher": algorithm, "adata": "" } return json def _kdf(keysize=256, iters=256000, salt=None, **kwargs): kdf_salt = salt or os.urandom(8) kdf = PBKDF2HMAC(algorithm=hashes.SHA256(), length=keysize / 8, salt=kdf_salt, iterations=iters, backend=_BACKEND) return kdf, kdf_salt if __name__ == "__main__": import json blob = '{"iv":"/6dKRRAOZ60oyumLMQsBtg==","v":1,"iter":256000,"ks":128,"ts":64,"mode":"gcm","adata":"","cipher":"aes","salt":"s8+LFcBmbcc=","ct":"wTapp5CWmD6SFA=="}' data = json.loads(blob) result = decrypt('pwd', data) assert result == "hi" print(decrypt('pwd', encrypt('pwd', result, tagsize=64)))