Welcome to the next pikoTutorial!
In one of the previous articles we learned how to perform symmetric data encryption using Python. The last example was about direct conversion of a user provided password to the encryption key. Although it works, this is not the recommended way to do that. Today you will learn about the recommended one which is key derivation function.
Key derivation function
Below you can find the extended example of how to use PBKDF2HMAC key derivation function in Python:
Python
# import utility for Base64 encoding
import base64
# import Fernet
from cryptography.fernet import Fernet
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
from cryptography.hazmat.primitives import hashes
# import getpass for secure input reading
from getpass import getpass
# read plain text password
plain_text_password: str = getpass(prompt='Password: ')
# convert the password to bytes
password_bytes = plain_text_password.encode('utf-8')
# some salt value for demonstration, use a secure random value in practice
salt = b'\x00' * 16
# use PBKDF2HMAC to derive a secure key from the password
kdf = PBKDF2HMAC(
algorithm=hashes.SHA256(),
length=32,
salt=salt,
iterations=100000
)
# encode the derived key with Base64
key = base64.urlsafe_b64encode(kdf.derive(password_bytes))
# create a Fernet instance with the derived key
fernet = Fernet(key)
# data to be encrypted
data = b'Some secret data'
# encrypt the data
encrypted_data = fernet.encrypt(data)
# decrypt the data
decrypted_data = fernet.decrypt(encrypted_data)
# print the decrypted data
print(f"Decrypted text: {decrypted_data.decode()}")Key created this way is not only safer, but also no longer requires plain text password to be exactly 32 bytes long.
Note for beginners: remember that salt is mandatory to decrypt the data!
Read also:
- A 40-line LLM-based bash command executor in Python
- GTest and short-circuit evaluation in C++
- AI is powerful. Snippets are instant.
- From AUTOSAR to S-Core: the first C++ pub/sub implementation
- How to write Arduino Uno code with Python?
- Combining Bazel with Docker
- Running commands with timeout on Linux
- Running Python unit tests with CMake
- Thirdparty dependencies with FetchContent
- Bug of the week #11
- Combining CMake with Docker
- How to search the internet from Linux terminal?
- Folding expressions in C++
- How to derive from an enum in Python?
- Bug of the week #10
- Trying ROS2: client/server within a single container
- Make C++ a better place #4: Go as an alternative
- How to convert hex to dec in Linux terminal?
- Setting up a Python project with CMake
- Separating builds for different configs with Bazel
- Trying ROS2: pub/sub within a single container
- Bug of the week #9
- UDP multicasting with Python
- Destruction order vs thread safety in C++
- Let’s review some code: C++ #2
- Make C++ a better place #3: D as an alternative
- Registering callback using std::function in C++
- Bug of the week #8
- TCP client/server with Python
- Simple menus in Bash scripts with select
- Calling member function on a nullptr in C++
- Bug of the week #7
- Python lru_cache explained
- How to dockerize a Python application?
- Make C++ a better place #2: CppFront as an alternative
- Parameters combinations in GoogleTest
- Data transfer with curl
- Python reduce explained
- Bug of the week #6
- Custom literals in C++
- Linux and hash command
- 5 Python good practices which make life easier
- Let’s review some code: Python #1
- Make C++ a better place #1: What does better mean
- Enums vs enum class in C++
- Bug of the week #5
- UDP client/server with Python
- Hard links in Linux
- Functions calling order in unit tests in C++
- Bug of the week #4
- Yield in Python – state machines, coroutines and more
- Copy files from another branch with Git
- Make C++ a better place #0: Introduction
- 5 misconceptions about std::move in C++
- How to use xargs on Linux?
- How to test method call order with unittest in Python?
- Bug of the week #3
- Build & run C++ unit tests with CMake
- Arrange text with sort on Linux
- Key derivation function with Python