Drop-in replacement for ConfigParser with encryption support
Project description
configparser_crypt
Drop-In replacement for ConfigParser with encrypted ini file support
configparser_crypt is a drop-in replacement for configparser, that allows to read / write encrypted configuration files.
It is compatible with Python 3.5+/PyPy and is tested on both Linux and Windows.
Setup
pip install configparser_crypt
Usage
Just like configparser, except that we read/write binary files and have a AES key.
AES key generation is done using generate_key() which by default generates a 256-bit encryption key.
You may also generate a 128 or 192 bit key by giving the byte length as parameter (16, 24 or 32 bytes).
How to write en encrypted config file
from configparser_crypt import ConfigParserCrypt
file = 'config.encrypted'
conf_file = ConfigParsercrypt()
# Create new AES key
conf_file.generate_key()
# Don't forget to backup your key somewhere
aes_key = conf_file.aes_key
# Use like normal configparser class
conf_file.add_section('TEST')
conf_file['TEST']['foo'] = 'bar'
# Write encrypted config file
with open(file, 'wb') as file_handle:
conf_file.write_encrypted(file_handle)
How to read an encrypted config file
from configparser_crypt import ConfigParserCrypt
file = 'config.encrypted'
conf_file = ConfigParsercrypt()
# Set AES key
conf_file.aes_key = my_previously_backed_up_aes_key
# Read encrypted config file
conf_file.read_encrypted(file)
print(conf_file['TEST']['foo'])
The following is an example of drop-in-replacement for ConfigParser
-from configparser import ConfigParser
+from configparser_crypt import ConfigParserCrypt
file = 'config.ini'
-conf_file = ConfigParser()
+conf_file = ConfigParserCrypt()
+key = conf_file.generate_key()
# Add some values to the file
conf_file.add_section('TEST')
conf_file['TEST']['spam'] = 'eggs'
# Write config file
-with open(file, 'w') as file_handle:
- conf_file.write(file_handle)
+with open(file, 'wb') as file_handle:
+ conf_file.write_encrypted(file_handle)
# Read from config file
-conf_file = ConfigParser()
-conf_file.read(file)
+conf_file = ConfigParserCrypt()
+conf_file.aes_key = secure_key
+conf_file.read_encrypted(file)
# Check that config file contains 'spam = eggs'
assert conf_file['TEST']['spam'] == 'eggs'
Load an encryption key to open an encrypted config file
In order to open earlier written encrypted configuration files, you need to store the aes key generated with aes_key = conf_file.generate_key().
You can than later use it by loading it into the class:
file = 'my_encrypted.conf'
conf_file = ConfigParserCrypt()
conf_file.aes_key = 'PUT YOUR PREVIOUSLY GENERATED AES KEY HERE'
conf_file.read_encrypted(file)
Convert a plain ini file to encrypted version and vice-versa
It's pretty simple to encrypt an existing .ini file. You just need to read it as standard ini file, then write it as encrypted file.
original_file = 'config.ini'
target_encrypted_file = 'config.encrypted'
conf_file = ConfigParsercrypt()
# Create new AES key
conf_file.generate_key()
# Don't forget to backup your key somewhere for later usage
aes_key = conf_file.aes_key
# Read original file
config_file.read(original_file)
# Write encrypted config file
with open(target_encrypted_file, 'wb') as file_handle:
conf_file.write_encrypted(file_handle)
Just keep in mind that secure deletion of the original file is out of scope of ConfigParserCrypt. Of course, you can also read an encrypted file and save it as non encrypted.
Convert ConfigParser to dictionary and vice-versa
Just like ConfigParser, ConfigParserCrypt provides a ConfigParser object. It's sometimes useful to switch between those objects and a dictionary.
ConfigParserCrypt has configparser to dict and dict to configparser object functions included. Since ConfigParser stores all variables (int, float, bool) as strings, the converter functions try to recast the original type of the variable when rendering a dictionary.
The only drawback is that your dictionaries must not exceed more than two level depth, eg:
my_dict = {
'section_name':
{
'some_name': 'some_var'
},
'another_section':
{
'another_var': 'something',
'an int': 1,
'a bool': False
}
}
Note that these convert functions also work with vanilla ConfigPaser Example:
import ConfigParserCrypt
from configparser_crypt.dict_convert import configparser_to_dict, dict_to_configparser
my_dict = configparser_to_dict(configparser_object)
type(my_dict['some_int']) == True
my_config_parser_object = dict_to_configparser(some_dict)
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for configparser_crypt-1.1.0-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 08b1c3ea2a3c94c11092cc294b4cd3deaf2491209e96c9ea5968b65e8a551b51 |
|
| MD5 | 4d959c1b164595e3722c8b91bc6879f0 |
|
| BLAKE2b-256 | 8ceba522ac67489162ea2545bad6df554191505a1df0da5d14258e8aa959d5ab |
