No project description provided
Project description
CRYPT_DIR
- Encrypt all your files and write into another directory if there is update
- Clean the encrypted directory if files or directories have been deleted
- Restore
- Minimize writing to SSDs
USAGE
- encrypt
# User maintains two directories plain_dir and encrypted_dir
import crypt_dir
plain_dir = "plain"
encrypted_dir = "encrypted"
restored_dir = "restored"
key = crypt_dir.make_key_from_passphrase(b"passphrase1234")
# Delete all files, directories in encrypted_dir that don't exist in the plain_dir
crypt_dir.clean_encrypted_dir(
plain_dir=plain_dir,
encrypted_dir=encrypted_dir,
)
# read files in plain_dir, encrypt and write files into encrypted_dir if needed using 12 workers
crypt_dir.update_encrypted_dir(
key=key,
plain_dir=plain_dir,
encrypted_dir=encrypted_dir,
max_workers=12,
)
- restore
import crypt_dir
plain_dir = "plain"
encrypted_dir = "encrypted"
restored_dir = "restored"
key = crypt_dir.make_key_from_passphrase(b"passphrase1234")
# restore all files in encrypted_dir using 12 workers
crypt_dir.restore_encrypted_dir(
key=key,
encrypted_dir=encrypted_dir,
restored_dir=restored_dir,
max_workers=12,
)
- certificate
import crypt_dir
correct_passphrase = b"passphrase123"
cert = crypt_dir.make_certificate(correct_passphrase)
print("cert", cert)
try:
wrong_passphrase = b"passphrase456"
_ = crypt_dir.verify_certificate(cert, wrong_passphrase)
except AssertionError as e:
print("expected assertion error: ", e)
key = crypt_dir.verify_certificate(cert, correct_passphrase)
print("generated key from correct passphrase", key)
INSTALLATION
pip install --upgrade crypt-dir
DECRYPT IT YOURSELF
SPECIFICATION 1.*
You don't need to know the specification. For some folks who want to know exactly what happened with their files, here
is the specification for key_file
and .enc1
files:
-
if
key_file
does not exist,crypt_dir
will create a random key of 32 bytes usingos.urandom
encoded intohex
-
two algorithms are used in
crypt_dir
:SHA1
andAES-256
inCBC
mode -
encrypted files are updated only if file is modified (mtime changes)
-
file is decrypt-able if
signature
matcheskey
-
.enc1
file-
header
:file_sig
: little-endian encoded mtime of file in uint64key_sig
:SHA1
bytes of keyfile_size
: little-endian encoded file size in uint64init_vec
:AES256
initialization vector
-
file encrypted
:AES256
file encrypted bytes with chunk size of2^30
-
__________________________________________________________________________________
| header | encrypted_data |
|___________________________________________________________|____________________|
| file_sig | key_sig | file_size | init_vec | encrypted_data |
| 8 bytes | 20 bytes | 8 bytes | 16 bytes | n bytes |
|___________________________________________________________|____________________|
SPECIFICATION 0.*
You don't need to know the specification. For some folks who want to know exactly what happened with their files, here
is the specification for key_file
and .enc
files:
-
if
key_file
does not exist,crypt_dir
will create a random key of 32 bytes usingos.urandom
encoded intohex
-
two algorithms are used in
crypt_dir
:SHA1
andAES-256
inCBC
mode -
encrypted files are updated only if file_hash changes
-
file is decrypt-able if
signature
matcheskey
-
.enc
filesignature
:SHA1
bytes of keyfile_hash
:SHA1
bytes of filefile_size
: little-endian encoded file size in uint64iv
:AES256
initialization vectorfile encrypted
:AES256
file encrypted bytes with chunk size of2^30
| signature | file_hash | file_size | iv | encrypted_data |
| 20 bytes | 20 bytes | 8 bytes | 16 bytes | n bytes |
UPLOAD
rm -rf dist crypt_dir.egg-info
python setup.py sdist
twine upload dist/*
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file crypt-dir-1.1.12.tar.gz
.
File metadata
- Download URL: crypt-dir-1.1.12.tar.gz
- Upload date:
- Size: 7.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.11.4
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | c6188c6b79d01759c78c2fe9954c78ebac57704d7f29874ef747600a9e2bde8d |
|
MD5 | 4ab46cfd67f4f26cc5ea7a7f96bbeef0 |
|
BLAKE2b-256 | 99b3eb064d3b4cf1ca5a36d07d7e3ea780b16571d6eb952b22f06f9f4852f7a9 |