Package Crypto :: Package IO :: Module _PBES :: Class PBES2
[frames] | no frames]

Class PBES2

object --+
         |
        PBES2

Encryption scheme with password-based key derivation (defined in PKCS#5 v2.0).

Instance Methods

Inherited from object: __delattr__, __format__, __getattribute__, __hash__, __init__, __new__, __reduce__, __reduce_ex__, __repr__, __setattr__, __sizeof__, __str__, __subclasshook__

Static Methods
 
encrypt(data, passphrase, protection, prot_params=None, randfunc=None)
Encrypt a piece of data using a passphrase and PBES2.
 
decrypt(data, passphrase)
Decrypt a piece of data using a passphrase and PBES2.
Properties

Inherited from object: __class__

Method Details

encrypt(data, passphrase, protection, prot_params=None, randfunc=None)
Static Method

 
Encrypt a piece of data using a passphrase and PBES2.
Parameters:
  • data (byte string) - The piece of data to encrypt.
  • passphrase (byte string) - The passphrase to use for encrypting the data.
  • protection (string) - The identifier of the encryption algorithm to use. The default value is 'PBKDF2WithHMAC-SHA1AndDES-EDE3-CBC'.
  • prot_params (dictionary) - Parameters of the protection algorithm.

    Key Description
    iteration_count The KDF algorithm is repeated several times to slow down brute force attacks on passwords. The default value is 1 000.
    salt_size Salt is used to thwart dictionary and rainbow attacks on passwords. The default value is 8 bytes.
  • randfunc (callable) - Random number generation function; it should accept a single integer N and return a string of random data, N bytes long. If not specified, a new RNG will be instantiated from Crypto.Random.
Returns:
The encrypted data, as a binary string.

decrypt(data, passphrase)
Static Method

 

Decrypt a piece of data using a passphrase and PBES2.

The algorithm to use is automatically detected.

Parameters:
  • data (byte string) - The piece of data to decrypt.
  • passphrase (byte string) - The passphrase to use for decrypting the data.
Returns:
The decrypted data, as a binary string.