Skip to main content
Help us improve PyPI by participating in user testing. All experience levels needed!

Class for pickling and encrypting data

Project description

EncryptedPickle is Python class for encrypting and signing data with support for versions, serialization, compression, and passphrase generations (rotation).

It’s partly inspired by iron but isn’t compatible with.

Example Usage

from encryptedpickle import encryptedpickle

passphrases = {
    0: 'Change me! CHange me! CHAnge me! CHANge me!'
       'CHANGe me! CHANGE ME! CHANGE Me! CHANGE ME!'
}

data = {'example': 123, 'test': 'testing'}

encoder = encryptedpickle.EncryptedPickle(signature_passphrases=passphrases,
                                          encryption_passphrases=passphrases)

print("* data: %s" % data)

sealed = encoder.seal(data)
print("* sealed: %s" % sealed)

unsealed = encoder.unseal(sealed)
print("* unsealed: %s" % unsealed)

Customization Example

from encryptedpickle import encryptedpickle

# You can use different passphrases for signature and encryption
signature_passphrases = {
    0: 'change me! change me! change me! change me!'
       'change me! change me! change me! change me!'
}

encryption_passphrases = {
    0: 'Change me! CHange me! CHAnge me! CHANge me!'
       'CHANGe me! CHANGE ME! CHANGE Me! CHANGE ME!'
}

data = {'example': 123, 'test': 'testing'}

encoder = encryptedpickle.EncryptedPickle(signature_passphrases,
                                          encryption_passphrases)

encryption = {
    # Add new encryption algorithm specification with id = 255.
    # Default algorithms can not be overridden so we must use some other
    # id, maybe best starting with 255 (maximum id) and decreasing by one
    # for next added algorithm.
    255: {
        # Algorithm name defined in EncryptedPickle.ALGORITHMS.
        'algorithm': 'aes-256-cbc',

        # Salt size for PBKDF2 key.
        'salt_size': 32,

        # Digest mode for PBKDF2 key.
        'pbkdf2_algorithm': 'sha256',

        # Use 10 iterations in PBKDF2 key generation.
        'pbkdf2_iterations': 10,
    },
}
encoder.set_algorithms(encryption=encryption)

options = {
    # Use above defined encryption algorithm (id = 255).
    'encryption_algorithm_id': 255,

    # Use "gzip-deflate" (id = 1) algorithm for compression.
    #
    # Be carefull with this option, because compression is applied before
    # encryption and "Crime" attack is possible if third party can modify
    # data that is encrypted. For more info see:
    #
    # https://www.isecpartners.com/news-events/news/2012/september/details-on-the-crime-attack.aspx
    #
    'compression_algorithm_id': 1,

    # Add timestamp to header (unencrypted).
    'flags': {
        'timestamp': True,
    },
}
encoder.set_options(options)

sealed = encoder.seal(data)
print("* sealed: %s" % sealed)

unsealed, unsealed_options = encoder.unseal(sealed, return_options=True)
print("* unsealed: %s" % unsealed)
if unsealed_options['info']['timestamp']:
    print("* timestamp: %d" % unsealed_options['info']['timestamp'])

Project details


Release history Release notifications

This version
History Node

0.1.4

History Node

0.1.3

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date
EncryptedPickle-0.1.4.linux-x86_64.exe (72.7 kB) Copy SHA256 hash SHA256 Windows Installer any Feb 18, 2013
EncryptedPickle-0.1.4.tar.gz (7.6 kB) Copy SHA256 hash SHA256 Source None Feb 18, 2013

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging CloudAMQP CloudAMQP RabbitMQ AWS AWS Cloud computing Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page