Home > Article > Backend Development > How to Safely Encrypt and Obscure Strings Using Passwords in Python?
How to Safely Encrypt and Obscure Strings Using Passwords in Python?
- DDDOriginal
- 2024-10-22 21:47:30486browse
Encrypting Strings with a Password in Python
Disclaimer:
Encryption is a critical aspect of data security, and it should be handled with utmost care. Implementing encryption incorrectly can leave your data vulnerable to attack. Consider using well-established libraries and following best practices for secure encryption.
Using a Cryptography Library: Fernet
Python's cryptography library provides a user-friendly and secure solution for encrypting strings using a password. Fernet is a built-in recipe within cryptography that simplifies the encryption process.
Generating a Key:
To use Fernet, you first need to generate a secret key. It is crucial to keep this key a secret.
<code class="python">from cryptography.fernet import Fernet key = Fernet.generate_key() # Store this securely</code>
Encrypting:
<code class="python">from cryptography.fernet import Fernet
def encrypt(message: bytes, key: bytes) -> bytes:
return Fernet(key).encrypt(message)</code>
Decrypting:
<code class="python">from cryptography.fernet import Fernet
def decrypt(token: bytes, key: bytes) -> bytes:
return Fernet(key).decrypt(token)</code>
Example Usage:
<code class="python">message = "John Doe" encrypted_token = encrypt(message.encode(), key) decrypted_message = decrypt(encrypted_token, key).decode() print(decrypted_message) # Output: John Doe</code>
Obscuring Data
If you need to obscure data rather than encrypt it, you can use base64 encoding:
<code class="python">import base64
def obscure(data: bytes) -> bytes:
return base64.b64encode(data)
def unobscure(obscured: bytes) -> bytes:
return base64.b64decode(obscured)</code>
Example Usage:
<code class="python">data = b"Hello world!" obscured = obscure(data) unobscured = unobscure(obscured) print(unobscured.decode()) # Output: Hello world!</code>
Verifying Data Integrity
If you need to ensure data integrity without encryption, you can use HMAC signatures:
<code class="python">import hmac
import hashlib
def sign(data: bytes, key: bytes) -> bytes:
return hmac.new(key, data, hashlib.sha256).digest()
def verify(signature: bytes, data: bytes, key: bytes) -> bool:
return hmac.compare_digest(hmac.new(key, data, hashlib.sha256).digest(), signature)</code>
Example Usage:
<code class="python">data = b"Hello world!"
key = secrets.token_bytes(32)
signature = sign(data, key)
if verify(signature, data, key):
print("Signature is valid")
else:
print("Signature is invalid")</code>The above is the detailed content of How to Safely Encrypt and Obscure Strings Using Passwords in Python?. For more information, please follow other related articles on the PHP Chinese website!