This was a study project I started to explore cryptography using Python.
crypto_store is a simple command line utility that can encrypt/decrypt flat files given a password. It uses PBKDF2 to derive a key that's then used to encrypt a file with AES256.
Primitives are provided by the cryptography library.
python main.py <password> <filename> encrypt|decrypt
python main.py <password> <filename> encrypt will produce a file with the extension .secret, which can then be passed, with the password, to decrypt.
- Encryption and decryption need the same initialization vector otherwise it won't work correctly. You'll get garbage when you try to decrypt something using a different IV.
- PBKDF2 will only produce the same key given an input IF you use the same salt.
- Given the above two points, you need to save the salt and the initialization vector to get file encryption / decryption to work the way you'd expect