Skip to main content
Join the official 2020 Python Developers SurveyStart the survey!

Encrypt and decrypt files and streams in AES Crypt format (version 2)

Project description

About pyAesCrypt

pyAesCrypt is a Python 3 file-encryption module and script that uses AES256-CBC to encrypt/decrypt files and binary streams.

pyAesCrypt is compatible with the AES Crypt file format (version 2).

It is Free Software, released under the Apache License, Version 2.0.

pyAesCrypt is brought to you by Marco Bellaccini - marco.bellaccini(at!)

IMPORTANT SECURITY NOTE: version 2 of the AES Crypt file format does not authenticate the “file size modulo 16” byte. This implies that an attacker with write access to the encrypted file may alter the corresponding plaintext file size by up to 15 bytes.

NOTE: there is no low-level memory management in Python, hence it is not possible to wipe memory areas were sensitive information was stored.

Module usage example

Here is an example showing encryption and decryption of a file:

import pyAesCrypt
# encryption/decryption buffer size - 64K
bufferSize = 64 * 1024
password = "foopassword"
# encrypt
pyAesCrypt.encryptFile("data.txt", "data.txt.aes", password, bufferSize)
# decrypt
pyAesCrypt.decryptFile("data.txt.aes", "dataout.txt", password, bufferSize)

by calling the stream-oriented functions, you can work with binary streams too:

import pyAesCrypt
from os import stat, remove
# encryption/decryption buffer size - 64K
bufferSize = 64 * 1024
password = "foopassword"

# encrypt
with open("data.txt", "rb") as fIn:
    with open("data.txt.aes", "wb") as fOut:
        pyAesCrypt.encryptStream(fIn, fOut, password, bufferSize)

# get encrypted file size
encFileSize = stat("data.txt.aes").st_size

# decrypt
with open("data.txt.aes", "rb") as fIn:
        with open("dataout.txt", "wb") as fOut:
            # decrypt file stream
            pyAesCrypt.decryptStream(fIn, fOut, password, bufferSize, encFileSize)
    except ValueError:
        # remove output file on error

you can also perform in-memory encryption/decryption (using BytesIO):

import pyAesCrypt
import io

bufferSize = 64 * 1024
password = "foopassword"

# binary data to be encrypted
pbdata = b"This is binary plaintext \x00\x01"

# input plaintext binary stream
fIn = io.BytesIO(pbdata)

# initialize ciphertext binary stream
fCiph = io.BytesIO()

# initialize decrypted binary stream
fDec = io.BytesIO()

# encrypt stream
pyAesCrypt.encryptStream(fIn, fCiph, password, bufferSize)

# print encrypted data
print("This is the ciphertext:\n" + str(fCiph.getvalue()))

# get ciphertext length
ctlen = len(fCiph.getvalue())

# go back to the start of the ciphertext stream

# decrypt stream
pyAesCrypt.decryptStream(fCiph, fDec, password, bufferSize, ctlen)

# print decrypted data
print("Decrypted data:\n" + str(fDec.getvalue()))

Script usage examples

Encrypt file test.txt in test.txt.aes:

pyAesCrypt -e test.txt

Decrypt file test.txt.aes in test.txt:

pyAesCrypt -d test.txt.aes

Encrypt file test.txt in test2.txt.aes:

pyAesCrypt -e test.txt -o test2.txt.aes

Decrypt file test.txt.aes in test2.txt:

pyAesCrypt -d test.txt.aes -o test2.txt

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for pyAesCrypt, version 0.4.3
Filename, size File type Python version Upload date Hashes
Filename, size pyAesCrypt-0.4.3-py3-none-any.whl (15.4 kB) File type Wheel Python version py3 Upload date Hashes View
Filename, size pyAesCrypt-0.4.3.tar.gz (14.3 kB) File type Source Python version None Upload date Hashes View

Supported by

Pingdom Pingdom Monitoring Google Google Object Storage and Download Analytics Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page