← Back to all products
$19
Encryption Toolkit
AES-CBC encryption, RSA key generation, secure hashing, and HMAC using only Python stdlib.
MarkdownPython
📄 Product Preview
Try the interactive reader and demo tools below, or get the full product with all content unlocked.
📖 Interactive Reader (Free Preview) ⚙ Try Demo Tools 📦 Download Free Sample📁 File Structure 10 files
encryption-toolkit/
├── LICENSE
├── README.md
├── examples/
│ └── sample_secret.txt
├── free-sample.zip
├── guide/
│ ├── 01_features.md
│ ├── 02_quick-start.md
│ ├── 03_configuration-reference.md
│ └── 04_license.md
├── index.html
└── src/
└── encryption_toolkit.py
📖 Documentation Preview README excerpt
Encryption Toolkit
A comprehensive encryption library using only Python stdlib: AES-CBC encryption, RSA key generation, secure hashing, HMAC, file encryption, and a simple password vault.
Features
- AES-CBC encryption — file and string encryption with PBKDF2 key derivation
- RSA key generation — 2048 and 4096-bit key pair generation
- Secure hashing — SHA-256, SHA-512, and SHA-3 digests
- HMAC authentication — message authentication codes for data integrity
- Password vault — encrypted key-value store protected by a master password
- File encryption — encrypt/decrypt any file with integrity verification
- Base64 encoding — safe transport encoding for encrypted data
- Secure random — cryptographically secure random values via
secretsmodule
Requirements
- Python 3.10+
- No external dependencies (stdlib only)
Quick Start
# Encrypt a file
python src/encryption_toolkit.py --mode encrypt --input secret.txt --password "MyP@ss"
# Decrypt a file
python src/encryption_toolkit.py --mode decrypt --input secret.txt.enc --password "MyP@ss"
# Hash a file
python src/encryption_toolkit.py --mode hash --input data.txt --algorithm sha256
# Generate an RSA key pair
python src/encryption_toolkit.py --mode keygen --bits 2048 --output keys/
# Store a secret in the vault
python src/encryption_toolkit.py --mode vault --action store --key "api_key" --value "sk-EXAMPLE"
# Retrieve a secret from the vault
python src/encryption_toolkit.py --mode vault --action retrieve --key "api_key"
Output
Encrypted files are written with a .enc extension. Key pairs are saved as PEM files. Hash digests are printed to stdout. Vault operations read/write an encrypted JSON store.
Configuration Reference
| CLI Flag | Type | Description |
|---|---|---|
--mode | string | encrypt, decrypt, hash, keygen, vault |
--input | string | Input file path |
--output | string | Output file or directory path |
--password | string | Encryption/decryption password |
--algorithm | string | Hash algorithm: sha256, sha512, sha3_256 |
--bits | int | RSA key size: 2048 or 4096 |
--action | string | Vault action: store, retrieve, list, delete |
--key | string | Vault entry key name |
--value | string | Vault entry value (for store action) |
... continues with setup instructions, usage examples, and more.
📄 Code Sample .py preview
src/encryption_toolkit.py
#!/usr/bin/env python3
"""
Encryption Toolkit — Security Kit (DataNest)
A comprehensive encryption library using only Python stdlib: AES-CBC
encryption, RSA key generation, secure hashing, HMAC, file encryption,
and a simple password vault.
Usage:
python encryption_toolkit.py --mode encrypt --input secret.txt --password "MyP@ss"
python encryption_toolkit.py --mode decrypt --input secret.txt.enc --password "MyP@ss"
python encryption_toolkit.py --mode hash --input data.txt --algorithm sha256
python encryption_toolkit.py --mode keygen --bits 2048 --output keys/
python encryption_toolkit.py --mode vault --action store --key "api_key" --value "sk-EXAMPLE"
python encryption_toolkit.py --mode vault --action retrieve --key "api_key"
Dependencies: Python 3.10+ stdlib only (no pip packages)
License: MIT
"""
from __future__ import annotations
import argparse
import base64
import hashlib
import hmac
import json
import logging
import os
import secrets
import struct
import sys
from dataclasses import dataclass
from datetime import datetime, timezone
from pathlib import Path
from typing import Any
# ---------------------------------------------------------------------------
# Constants
# ---------------------------------------------------------------------------
logger = logging.getLogger("encryption_toolkit")
# AES block size is always 16 bytes (128 bits)
AES_BLOCK_SIZE = 16
# Key derivation iteration count — higher is slower but more secure
# Why 600,000: OWASP 2023 recommendation for PBKDF2-HMAC-SHA256.
# Production systems should use argon2id, but that's not in stdlib.
PBKDF2_ITERATIONS = 600_000
# ... 474 more lines ...