Secure AWS credential storage and file encryption using Windows Hello biometric authentication
Verified details
These details have been verified by PyPIProject links
GitHub Statistics
Maintainers
Project description
WinHello-Crypto
Secure AWS credential storage and file encryption using Windows Hello biometric authentication.
Quick Start
Install
pip install winhello-crypto
AWS Credentials Manager
# Store AWS credentials
aws-hello-creds set myprofile --access-key AKIA... --secret-key secret123
# Use stored credentials
aws-hello-creds get myprofile
# List all profiles
aws-hello-creds list
# Export as environment variables
aws-hello-creds export myprofile
File Encryption
# Encrypt a file
winhello-crypto encrypt myfile.txt
# Decrypt a file
winhello-crypto decrypt myfile.txt.enc
AWS Credentials Manager Commands
Basic Operations
# Store credentials
aws-hello-creds set <profile> --access-key <key> --secret-key <secret> [--session-token <token>] [--region <region>]
# Retrieve credentials
aws-hello-creds get <profile> [--format json|env|ini]
# List all profiles
aws-hello-creds list [--format table|json]
# Delete credentials
aws-hello-creds delete <profile>
# Check if profile exists
aws-hello-creds exists <profile>
Advanced Operations
# Backup all credentials to encrypted file
aws-hello-creds backup --file backup.enc
# Restore credentials from backup
aws-hello-creds restore --file backup.enc
# Rotate credentials (requires AWS CLI configured)
aws-hello-creds rotate <profile>
# Export as environment variables
aws-hello-creds export <profile> [--shell bash|powershell|cmd]
# Copy profile
aws-hello-creds copy <source> <destination>
# Update existing profile
aws-hello-creds update <profile> [--access-key <key>] [--secret-key <secret>] [--session-token <token>] [--region <region>]
File Operations
# Encrypt file with profile credentials
aws-hello-creds encrypt-file <profile> <input-file> [--output <output-file>]
# Decrypt file with profile credentials
aws-hello-creds decrypt-file <profile> <input-file> [--output <output-file>]
File Encryption Commands
# Encrypt file
winhello-crypto encrypt <input-file> [--output <output-file>]
# Decrypt file
winhello-crypto decrypt <input-file> [--output <output-file>]
# Verify integrity
winhello-crypto verify <encrypted-file>
Use Cases
Development Workflows
# Set up dev environment
aws-hello-creds set dev --access-key AKIA... --secret-key secret123 --region us-west-2
aws-hello-creds export dev --shell powershell
# Switch to production
aws-hello-creds export prod --shell powershell
CI/CD Integration
# Backup before deployment
aws-hello-creds backup --file pre-deploy-backup.enc
# Restore if needed
aws-hello-creds restore --file pre-deploy-backup.enc
Secure File Sharing
# Encrypt sensitive files
winhello-crypto encrypt config.json
winhello-crypto encrypt database-backup.sql
# Share encrypted files safely
# Recipients need Windows Hello to decrypt
Security Features
- Windows Hello Integration: Uses biometric authentication (fingerprint, face, PIN)
- AES-256-GCM Encryption: Military-grade encryption for stored credentials
- No Plain Text Storage: All credentials encrypted at rest
- Secure Key Derivation: PBKDF2 with high iteration count
- Memory Protection: Sensitive data cleared from memory after use
Requirements
- Windows 10/11 with Windows Hello enabled
- Python 3.7+
- Biometric device (fingerprint reader, camera) or PIN set up
Troubleshooting
Windows Hello Not Available
Error: Windows Hello is not available on this device
Solution: Enable Windows Hello in Settings > Accounts > Sign-in options
Authentication Failed
Error: User verification failed
Solution:
- Ensure biometric device is working
- Try using PIN if biometric fails
- Check Windows Hello is enabled for apps
Profile Not Found
Error: Profile 'myprofile' not found
Solution: Use aws-hello-creds list to see available profiles
Permission Denied
Error: Access denied to Windows Credential Manager
Solution: Run as administrator or check Windows Credential Manager permissions
Development
# Install development dependencies
pip install -e ".[dev]"
# Run tests
pytest
# Run security checks
bandit -r .
safety check
# Format code
black .
License
Apache License 2.0 - see LICENSE for details.
Project details
Verified details
These details have been verified by PyPIProject links
GitHub Statistics
Maintainers
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
winhello_crypto-2.1.9.tar.gz
(61.7 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file winhello_crypto-2.1.9.tar.gz.
File metadata
- Download URL: winhello_crypto-2.1.9.tar.gz
- Upload date:
- Size: 61.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.12.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e0671a769d503bd16296b732a0f4fbe82f6b05f6459e0daa99227932dd84b3d1
|
|
| MD5 |
bc264a59263b78c2fa9ebc27b5c21d08
|
|
| BLAKE2b-256 |
6d27ff74ede319df7a4d884a8ab5ce8b164a475fd2346436e9d714961de391ae
|
Provenance
The following attestation bundles were made for winhello_crypto-2.1.9.tar.gz:
Publisher:
pypi-publish.yml on SergeDubovsky/WinHello-Crypto
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
winhello_crypto-2.1.9.tar.gz -
Subject digest:
e0671a769d503bd16296b732a0f4fbe82f6b05f6459e0daa99227932dd84b3d1 - Sigstore transparency entry: 359290462
- Sigstore integration time:
-
Permalink:
SergeDubovsky/WinHello-Crypto@31abee5411951d1a6082501382ce976f16b96470 -
Branch / Tag:
refs/heads/main - Owner: https://github.com/SergeDubovsky
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
pypi-publish.yml@31abee5411951d1a6082501382ce976f16b96470 -
Trigger Event:
workflow_dispatch
-
Statement type:
File details
Details for the file winhello_crypto-2.1.9-py3-none-any.whl.
File metadata
- Download URL: winhello_crypto-2.1.9-py3-none-any.whl
- Upload date:
- Size: 44.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.12.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f30ac31df82d56871e862e50f09e458bccce13844172342757b1c8d263d30679
|
|
| MD5 |
35f2baa4f5e5a893eb006e6cc48d3a3d
|
|
| BLAKE2b-256 |
c504d33ec6551d3f8faa1242e909cb096a3bcbfc4bdbbbc6cb19c1bf40d48b4d
|
Provenance
The following attestation bundles were made for winhello_crypto-2.1.9-py3-none-any.whl:
Publisher:
pypi-publish.yml on SergeDubovsky/WinHello-Crypto
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
winhello_crypto-2.1.9-py3-none-any.whl -
Subject digest:
f30ac31df82d56871e862e50f09e458bccce13844172342757b1c8d263d30679 - Sigstore transparency entry: 359290506
- Sigstore integration time:
-
Permalink:
SergeDubovsky/WinHello-Crypto@31abee5411951d1a6082501382ce976f16b96470 -
Branch / Tag:
refs/heads/main - Owner: https://github.com/SergeDubovsky
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
pypi-publish.yml@31abee5411951d1a6082501382ce976f16b96470 -
Trigger Event:
workflow_dispatch
-
Statement type:
