Below are 10 Python code snippets demonstrating how to perform data encryption and decryption using the cryptography library. This includes symmetric and asymmetric encryption, hashing, and key generation.
1. Generating a Symmetric Key
from cryptography.fernet import Fernet# Generate a symmetric keykey = Fernet.generate_key()print(f"Generated Key: {key.decode()}")
2. Encrypting and Decrypting Data with Symmetric Key
from cryptography.fernet import Fernet# Generate and save the keykey = Fernet.generate_key()cipher =Fernet(key)# Encrypt datadata =b"Secret data"encrypted_data = cipher.encrypt(data)print(f"Encrypted: {encrypted_data}")# Decrypt datadecrypted_data = cipher.decrypt(encrypted_data)print(f"Decrypted: {decrypted_data.decode()}")
3. Saving and Loading a Key
4. Asymmetric Key Generation with RSA
5. Serializing RSA Keys
6. Encrypting Data with RSA
7. Decrypting Data with RSA
8. Hashing Data with SHA-256
9. Generating a Key Derivation Function (KDF)
10. Signing and Verifying Data with RSA
Summary:
These examples demonstrate how to perform:
Symmetric encryption with Fernet.
Asymmetric encryption with RSA.
Hashing with SHA-256.
Key derivation with PBKDF2.
Digital signature creation and verification.
Install the cryptography library with:
Let me know if you'd like further details on any of these techniques!
from cryptography.fernet import Fernet
# Generate and save the key
key = Fernet.generate_key()
with open("symmetric.key", "wb") as key_file:
key_file.write(key)
# Load the key
with open("symmetric.key", "rb") as key_file:
loaded_key = key_file.read()
cipher = Fernet(loaded_key)
print(f"Key loaded successfully: {loaded_key.decode()}")
from cryptography.hazmat.primitives.asymmetric import rsa
# Generate private and public keys
private_key = rsa.generate_private_key(public_exponent=65537, key_size=2048)
public_key = private_key.public_key()
print("Private key and public key generated successfully.")
from cryptography.hazmat.primitives import hashes
# Create a SHA-256 hash
digest = hashes.Hash(hashes.SHA256())
digest.update(b"Sensitive data")
hash_value = digest.finalize()
print(f"SHA-256 Hash: {hash_value.hex()}")
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
import os
import base64
# Derive a key using a password
password = b"securepassword"
salt = os.urandom(16) # Generate a salt
kdf = PBKDF2HMAC(
algorithm=hashes.SHA256(),
length=32,
salt=salt,
iterations=100000,
)
key = base64.urlsafe_b64encode(kdf.derive(password))
print(f"Derived Key: {key.decode()}")
from cryptography.hazmat.primitives.asymmetric import padding
from cryptography.hazmat.primitives import hashes
# Sign data
data = b"Message to sign"
signature = private_key.sign(
data,
padding.PSS(
mgf=padding.MGF1(hashes.SHA256()),
salt_length=padding.PSS.MAX_LENGTH
),
hashes.SHA256()
)
print(f"Signature: {signature}")
# Verify signature
try:
public_key.verify(
signature,
data,
padding.PSS(
mgf=padding.MGF1(hashes.SHA256()),
salt_length=padding.PSS.MAX_LENGTH
),
hashes.SHA256()
)
print("Signature is valid.")
except Exception as e:
print(f"Signature verification failed: {e}")