This pull request merges the two separate encryption methods—stored key encryption and password-based key derivation—into a single, unified script. Users can now choose their preferred key management method via command-line options, enhancing flexibility and usability.
Key Changes:
Unified Encryption Script:
Combined the functionalities of both the stored key and password-based key derivation scripts into one file (script.py).
Users can select the encryption/decryption method at runtime using command-line options.
Command-Line Interface Enhancements:
New Options Added:
-k for stored key method.
-p for password-based key derivation method.
Usage Instructions Updated:
Generate a Key:
python script.py -g
Encrypt a File:
Using stored key: python script.py -e -k <filename>
Using password: python script.py -e -p <filename>
Decrypt a File:
Using stored key: python script.py -d -k <filename>.encrypted
Using password: python script.py -d -p <filename>.encrypted
Modified Functions:
encrypt_file(file_name, key_method):
Now accepts key_method parameter to determine the encryption approach.
Handles both key methods within a single function.
decrypt_file(encrypted_file_name, key_method):
Similarly updated to handle decryption for both methods.
main():
Adjusted to parse the new command-line arguments and direct the flow accordingly.
Password-Based Key Derivation Improvements:
Dynamic Salt Generation:
Generates a unique, random 16-byte salt for each encryption operation.
Enhances security by ensuring different keys even with the same password.
Salt Storage:
The salt is prepended to the encrypted file, making it available during decryption.
Password Confirmation:
Added a password confirmation prompt during encryption to prevent typos.
Error Handling and User Feedback:
Improved error messages for better user guidance.
Added checks for common errors like missing files, incorrect passwords, or corrupted data.
Ensured that invalid options prompt the user with correct usage instructions.
Benefits:
Flexibility:
Users can choose the encryption method that best suits their needs—either the convenience of a stored key or the security of a password-derived key.
Simplified Maintenance:
Consolidating both methods into a single script reduces redundancy and simplifies updates.
Enhanced Security:
Password-based encryption now uses unique salts, strengthening resistance against certain cryptographic attacks.
Usage Instructions:
Generate a Fernet Key (for Stored Key Method):
python script.py -g
Generates a new Fernet key and saves it to secret.key.
Necessary for encryption/decryption using the stored key method.
Encrypt a File:
Using Stored Key Method:
python script.py -e -k <filename>
Using Password-Based Key Derivation:
python script.py -e -p <filename>
Process:
For password-based encryption, the script prompts for a password and confirmation.
Encrypted files are saved with a .encrypted extension.
Decrypt a File:
Using Stored Key Method:
python script.py -d -k <filename>.encrypted
Using Password-Based Key Derivation:
python script.py -d -p <filename>.encrypted
Process:
For password-based decryption, the script prompts for the password used during encryption.
Decrypted files are saved with a .decrypted extension or by removing .encrypted.
Important Considerations:
Security Recommendations:
Stored Key Method:
Keep secret.key secure; unauthorized access can compromise encrypted data.
Password-Based Method:
Encourage users to use strong, unique passwords.
Passwords are not stored; if forgotten, data cannot be recovered.
Salt Handling:
Salts are 16 bytes in size and are prepended to encrypted files.
During decryption, the salt is extracted from the file.
Compatibility:
The script maintains compatibility with files encrypted using the previous separate scripts, as long as the same method is used.
Error Messages:
Informative messages help users troubleshoot issues like incorrect passwords or missing files.
This pull request merges the two separate encryption methods—stored key encryption and password-based key derivation—into a single, unified script. Users can now choose their preferred key management method via command-line options, enhancing flexibility and usability.
Key Changes:
Unified Encryption Script:
script.py).Command-Line Interface Enhancements:
-kfor stored key method.-pfor password-based key derivation method.python script.py -gpython script.py -e -k <filename>python script.py -e -p <filename>python script.py -d -k <filename>.encryptedpython script.py -d -p <filename>.encryptedModified Functions:
encrypt_file(file_name, key_method):key_methodparameter to determine the encryption approach.decrypt_file(encrypted_file_name, key_method):main():Password-Based Key Derivation Improvements:
Error Handling and User Feedback:
Benefits:
Flexibility:
Simplified Maintenance:
Enhanced Security:
Usage Instructions:
Generate a Fernet Key (for Stored Key Method):
secret.key.Encrypt a File:
Using Stored Key Method:
Using Password-Based Key Derivation:
Process:
.encryptedextension.Decrypt a File:
Using Stored Key Method:
Using Password-Based Key Derivation:
Process:
.decryptedextension or by removing.encrypted.Important Considerations:
Security Recommendations:
secret.keysecure; unauthorized access can compromise encrypted data.Salt Handling:
Compatibility:
Error Messages: