{ "info": { "author": "Lukhnos Liu", "author_email": "lukhnos@lukhnos.org", "bugtrack_url": null, "classifiers": [ "Development Status :: 4 - Beta", "Environment :: Console", "Intended Audience :: Developers", "Intended Audience :: Education", "Intended Audience :: System Administrators", "License :: OSI Approved :: MIT License", "Operating System :: Unix", "Programming Language :: Python :: 2", "Programming Language :: Python :: 3", "Topic :: Security :: Cryptography" ], "description": "# protectedblob\n\n[![Build Status](https://travis-ci.org/lukhnos/protectedblob-py.svg?branch=master)](https://travis-ci.org/lukhnos/protectedblob-py)\n\nprotectedblob is a library and a utility that can create a\npassphrase-protected blob from a plaintext as well as decrypt it.\n\nThis is still a work in progress. I am working on\n[a mobile password manager](https://github.com/lukhnos/PocketPasswords)\nthat depends on it. This project is also an exercise in creating a library\nthat supports both Python 2.7 and 3.4, among many other library development\ndrills.\n\nAlso please be warned that this code has not been through any security\nreview. Use this at your own risk.\n\n\n## Supported Platforms\n\nThis is currently tested only on OS X, but it should work on general *NIX.\nThere's currently no Windows support.\n\nThe code can be used with Python 2.6.9, 2.7, and 3.4.\n\n\n## Usage\n\nTo install:\n\n python setup.py install\n\nIt's very likely that you'll need `sudo`:\n\n sudo python setup.py install\n\nThis library depends on [PyCrypto](https://www.dlitz.net/software/pycrypto/),\nwhich in turn requires a C compiler to build. For OS X users, this means you\nhave to have Xcode or Xcode Command Line Tools installed (so that you have the\nClang C/C++ compiler). On Linux, you'll need gcc, and, on a lot of\ndistributions, a corresponding Python development package, such as\n`python-devel` on CentOS or `python-dev` on Debian or Ubuntu.\n\nAlternatively, install the code in development mode:\n\n python setup.py develop\n\nTo encrypt a file:\n\n protectedblob encrypt --input --output \n\nYou'll be prompted for the passphrase twice. There's also an optional\n`--rounds` argument to override the default number of rounds.\n\nTo decrypt:\n\n protectedblob decrypt --input --output \n\n\n## High-Level Description\n\nA passphrased-protected blob has two types of data: An encrypted key, and the\nactual ciphertext. Before encrypting the plaintext, we generate a random key.\nThis makes it possible to change passphrase later.\n\nThe random key is encrypted with another key derived from the supplied\npassphrase. A key-derivation function (KDF) is used. To increase the strength\nof the derived key, many rounds are used.\n\nThe key derivation function is PBKDF2 with the underlying PDF being SHA-256. A\nrandom salt is also generated. The default number of rounds is 65536, although\nmore should be used on fast computers.\n\nThe real encryption key is encrypted using AES-256 (128-bit block, 256-bit\nkey) in ECB mode. We actually don't use the encryption key directly. Rather,\nwe derive two more keys from it: One for the AES-256 cipher, another for the\nHMAC function. The two keys are derived by using an AES-256 in ECB mode to\nencrypt 32 bytes of 0x00's and 32 bytes of 0x01's, respectively. The plaintext\nis then encrypted using AES-256 in CBC mode with a 128-bit IV (initialization\nvector).\n\nThe library implements authenticated encryption. The HMAC function is SHA-256,\nand the HMAC is created from the ciphertext (so encrypt-then-mac).", "description_content_type": null, "docs_url": null, "download_url": "UNKNOWN", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/lukhnos/protectedblob-py", "keywords": null, "license": "MIT", "maintainer": null, "maintainer_email": null, "name": "protectedblob", "package_url": "https://pypi.org/project/protectedblob/", "platform": "UNKNOWN", "project_url": "https://pypi.org/project/protectedblob/", "project_urls": { "Download": "UNKNOWN", "Homepage": "https://github.com/lukhnos/protectedblob-py" }, "release_url": "https://pypi.org/project/protectedblob/0.9.5/", "requires_dist": null, "requires_python": null, "summary": "Create passphrase-protected blobs", "version": "0.9.5" }, "last_serial": 1572968, "releases": { "0.9.2": [ { "comment_text": "", "digests": { "md5": "c207df5ef5172fe6a0ab45968e82b889", "sha256": "6ccedcb643021a44f0c0eb4c57e8680255acb60ecd654326780c758e06e873d3" }, "downloads": -1, "filename": "protectedblob-0.9.2.tar.gz", "has_sig": false, "md5_digest": "c207df5ef5172fe6a0ab45968e82b889", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 5749, "upload_time": "2015-05-10T06:35:16", "url": "https://files.pythonhosted.org/packages/d2/05/a21e5e1b9596bd946b526b741ad40f415c7f69cf6d9ae38a5189ba834d4c/protectedblob-0.9.2.tar.gz" } ], "0.9.3": [ { "comment_text": "", "digests": { "md5": "3bfa6b234263a84e64330796fae4673c", "sha256": "340e36ba845374892795ffcbe729aee8046415cb6f43ce5dd52e5ac1837501f8" }, "downloads": -1, "filename": "protectedblob-0.9.3.tar.gz", "has_sig": false, "md5_digest": "3bfa6b234263a84e64330796fae4673c", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 6721, "upload_time": "2015-05-10T06:41:10", "url": "https://files.pythonhosted.org/packages/35/33/26da2c982dbcd88cbe924a796d6bcc95eed258c07ffbc645b8ae26c77056/protectedblob-0.9.3.tar.gz" } ], "0.9.4": [ { "comment_text": "", "digests": { "md5": "a5e2aabf7b809ce97c75f875caaca046", "sha256": "75c69d2b6e4d81d4172a0ae1d27fdecee661a7a4055b347cab7bff2e69a9134d" }, "downloads": -1, "filename": "protectedblob-0.9.4.tar.gz", "has_sig": false, "md5_digest": "a5e2aabf7b809ce97c75f875caaca046", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 6724, "upload_time": "2015-05-10T07:07:33", "url": "https://files.pythonhosted.org/packages/ea/85/67bf6fcc083e44b95f1d08fa67373a9fe9e8af6d63b119a9e3b61c9b3ecb/protectedblob-0.9.4.tar.gz" } ], "0.9.5": [ { "comment_text": "", "digests": { "md5": "40583247b7096e07ceabaaa2000d2680", "sha256": "396412b516424f11bcb773306d630f9de3e196b7ba83c495b1922cba9bcc5894" }, "downloads": -1, "filename": "protectedblob-0.9.5.tar.gz", "has_sig": false, "md5_digest": "40583247b7096e07ceabaaa2000d2680", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 6855, "upload_time": "2015-06-01T06:14:47", "url": "https://files.pythonhosted.org/packages/10/71/e244b9364bc0266a76476acb053d75940807664c560ab47dfa6e74293034/protectedblob-0.9.5.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "40583247b7096e07ceabaaa2000d2680", "sha256": "396412b516424f11bcb773306d630f9de3e196b7ba83c495b1922cba9bcc5894" }, "downloads": -1, "filename": "protectedblob-0.9.5.tar.gz", "has_sig": false, "md5_digest": "40583247b7096e07ceabaaa2000d2680", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 6855, "upload_time": "2015-06-01T06:14:47", "url": "https://files.pythonhosted.org/packages/10/71/e244b9364bc0266a76476acb053d75940807664c560ab47dfa6e74293034/protectedblob-0.9.5.tar.gz" } ] }