# configparser_crypt
## Drop-In replacement for ConfigParser with encrypted ini file support
[](https://opensource.org/licenses/BSD-3-Clause)
[](http://isitmaintained.com/project/netinvent/configparser_crypt "Percentage of issues still open")
[](https://codeclimate.com/github/netinvent/configparser_crypt/maintainability)
[](https://codecov.io/gh/netinvent/configparser_crypt)
[](https://github.com/netinvent/configparser_crypt/actions/workflows/linux.yaml)
[](https://github.com/netinvent/configparser_crypt/actions/workflows/windows.yaml)
[](https://github.com/netinvent/configparser_crypt/releases/latest)
configparser_crypt is a drop-in replacement for configparser, that allows to read / write encrypted configuration files.
It is compatible with Python 3.5+/PyPy and is tested on both Linux and Windows.
## Setup
```
pip install configparser_crypt
```
## Usage
Just like configparser, except that we read/write binary files and have a AES key.
AES key generation is done using `generate_key()` which by default generates a 256-bit encryption key.
You may also generate a 128 or 192 bit key by giving the byte length as parameter (16, 24 or 32 bytes).
How to write en encrypted config file
```python
from configparser_crypt import ConfigParserCrypt
file = 'config.encrypted'
conf_file = ConfigParsercrypt()
# Create new AES key
conf_file.generate_key()
# Don't forget to backup your key somewhere
aes_key = conf_file.aes_key
# Use like normal configparser class
conf_file.add_section('TEST')
conf_file['TEST']['foo'] = 'bar'
# Write encrypted config file
with open(file, 'wb') as file_handle:
conf_file.write_encrypted(file_handle)
```
How to read an encrypted config file
```python
from configparser_crypt import ConfigParserCrypt
file = 'config.encrypted'
conf_file = ConfigParsercrypt()
# Set AES key
conf_file.aes_key = my_previously_backed_up_aes_key
# Read encrypted config file
conf_file.read_encrypted(file)
print(conf_file['TEST']['foo'])
```
The following is an example of drop-in-replacement for ConfigParser
```diff
-from configparser import ConfigParser
+from configparser_crypt import ConfigParserCrypt
file = 'config.ini'
-conf_file = ConfigParser()
+conf_file = ConfigParserCrypt()
+key = conf_file.generate_key()
# Add some values to the file
conf_file.add_section('TEST')
conf_file['TEST']['spam'] = 'eggs'
# Write config file
-with open(file, 'w') as file_handle:
- conf_file.write(file_handle)
+with open(file, 'wb') as file_handle:
+ conf_file.write_encrypted(file_handle)
# Read from config file
-conf_file = ConfigParser()
-conf_file.read(file)
+conf_file = ConfigParserCrypt()
+conf_file.aes_key = secure_key
+conf_file.read_encrypted(file)
# Check that config file contains 'spam = eggs'
assert conf_file['TEST']['spam'] == 'eggs'
```
## Load an encryption key to open an encrypted config file
In order to open earlier written encrypted configuration files, you need to store the aes key generated with `aes_key = conf_file.generate_key()`.
You can than later use it by loading it into the class:
```python
file = 'my_encrypted.conf'
conf_file = ConfigParserCrypt()
conf_file.aes_key = 'PUT YOUR PREVIOUSLY GENERATED AES KEY HERE'
conf_file.read_encrypted(file)
```
## Convert a plain ini file to encrypted version and vice-versa
It's pretty simple to encrypt an existing .ini file.
You just need to read it as standard ini file, then write it as encrypted file.
```python
original_file = 'config.ini'
target_encrypted_file = 'config.encrypted'
conf_file = ConfigParsercrypt()
# Create new AES key
conf_file.generate_key()
# Don't forget to backup your key somewhere for later usage
aes_key = conf_file.aes_key
# Read original file
config_file.read(original_file)
# Write encrypted config file
with open(target_encrypted_file, 'wb') as file_handle:
conf_file.write_encrypted(file_handle)
```
Just keep in mind that secure deletion of the original file is out of scope of ConfigParserCrypt.
Of course, you can also read an encrypted file and save it as non encrypted.
## Convert ConfigParser to dictionary and vice-versa
Just like ConfigParser, ConfigParserCrypt provides a ConfigParser object.
It's sometimes useful to switch between those objects and a dictionary.
ConfigParserCrypt has configparser to dict and dict to configparser object functions included.
Since ConfigParser stores all variables (int, float, bool) as strings, the converter functions try to recast the original type of the variable when rendering a dictionary.
The only drawback is that your dictionaries must not exceed more than two level depth, eg:
```python
my_dict = {
'section_name':
{
'some_name': 'some_var'
},
'another_section':
{
'another_var': 'something',
'an int': 1,
'a bool': False
}
}
```
Note that these convert functions also work with vanilla ConfigPaser
Example:
```python
import ConfigParserCrypt
from configparser_crypt.dict_convert import configparser_to_dict, dict_to_configparser
my_dict = configparser_to_dict(configparser_object)
type(my_dict['some_int']) == True
my_config_parser_object = dict_to_configparser(some_dict)
```
Raw data
{
"_id": null,
"home_page": "https://github.com/netinvent/configparser_crypt",
"name": "configparser-crypt",
"maintainer": "",
"docs_url": null,
"requires_python": "",
"maintainer_email": "",
"keywords": "cryptography,configparser,symmetric,cipher,encryption,config file",
"author": "NetInvent - Orsiris de Jong",
"author_email": "contact@netinvent.fr",
"download_url": "https://files.pythonhosted.org/packages/88/89/3f393338d7b028ef9cf2525ad1068e4ebad25ee203f0c77ba45c8919b168/configparser_crypt-1.1.0.tar.gz",
"platform": null,
"description": "# configparser_crypt\r\n## Drop-In replacement for ConfigParser with encrypted ini file support\r\n\r\n[](https://opensource.org/licenses/BSD-3-Clause)\r\n[](http://isitmaintained.com/project/netinvent/configparser_crypt \"Percentage of issues still open\")\r\n[](https://codeclimate.com/github/netinvent/configparser_crypt/maintainability)\r\n[](https://codecov.io/gh/netinvent/configparser_crypt)\r\n[](https://github.com/netinvent/configparser_crypt/actions/workflows/linux.yaml)\r\n[](https://github.com/netinvent/configparser_crypt/actions/workflows/windows.yaml)\r\n[](https://github.com/netinvent/configparser_crypt/releases/latest)\r\n\r\nconfigparser_crypt is a drop-in replacement for configparser, that allows to read / write encrypted configuration files.\r\n\r\nIt is compatible with Python 3.5+/PyPy and is tested on both Linux and Windows.\r\n\r\n## Setup\r\n\r\n```\r\npip install configparser_crypt\r\n\r\n```\r\n\r\n## Usage\r\n\r\nJust like configparser, except that we read/write binary files and have a AES key.\r\nAES key generation is done using `generate_key()` which by default generates a 256-bit encryption key.\r\nYou may also generate a 128 or 192 bit key by giving the byte length as parameter (16, 24 or 32 bytes).\r\n\r\n\r\nHow to write en encrypted config file\r\n```python\r\nfrom configparser_crypt import ConfigParserCrypt\r\n\r\nfile = 'config.encrypted'\r\nconf_file = ConfigParsercrypt()\r\n\r\n# Create new AES key\r\nconf_file.generate_key()\r\n# Don't forget to backup your key somewhere\r\naes_key = conf_file.aes_key\r\n\r\n# Use like normal configparser class\r\nconf_file.add_section('TEST')\r\nconf_file['TEST']['foo'] = 'bar'\r\n\r\n# Write encrypted config file\r\nwith open(file, 'wb') as file_handle:\r\n conf_file.write_encrypted(file_handle)\r\n```\r\n\r\nHow to read an encrypted config file\r\n```python\r\nfrom configparser_crypt import ConfigParserCrypt\r\n\r\nfile = 'config.encrypted'\r\nconf_file = ConfigParsercrypt()\r\n\r\n# Set AES key\r\nconf_file.aes_key = my_previously_backed_up_aes_key\r\n\r\n# Read encrypted config file\r\nconf_file.read_encrypted(file)\r\nprint(conf_file['TEST']['foo'])\r\n```\r\n\r\nThe following is an example of drop-in-replacement for ConfigParser\r\n\r\n```diff\r\n-from configparser import ConfigParser\r\n+from configparser_crypt import ConfigParserCrypt\r\n\r\nfile = 'config.ini'\r\n-conf_file = ConfigParser()\r\n+conf_file = ConfigParserCrypt()\r\n+key = conf_file.generate_key()\r\n\r\n# Add some values to the file\r\nconf_file.add_section('TEST')\r\nconf_file['TEST']['spam'] = 'eggs'\r\n\r\n# Write config file\r\n-with open(file, 'w') as file_handle:\r\n- conf_file.write(file_handle)\r\n+with open(file, 'wb') as file_handle:\r\n+ conf_file.write_encrypted(file_handle)\r\n\r\n# Read from config file\r\n-conf_file = ConfigParser()\r\n-conf_file.read(file)\r\n+conf_file = ConfigParserCrypt()\r\n+conf_file.aes_key = secure_key\r\n+conf_file.read_encrypted(file)\r\n\r\n# Check that config file contains 'spam = eggs'\r\nassert conf_file['TEST']['spam'] == 'eggs'\r\n```\r\n\r\n## Load an encryption key to open an encrypted config file\r\n\r\nIn order to open earlier written encrypted configuration files, you need to store the aes key generated with `aes_key = conf_file.generate_key()`.\r\nYou can than later use it by loading it into the class:\r\n```python\r\nfile = 'my_encrypted.conf'\r\nconf_file = ConfigParserCrypt()\r\nconf_file.aes_key = 'PUT YOUR PREVIOUSLY GENERATED AES KEY HERE'\r\nconf_file.read_encrypted(file)\r\n```\r\n\r\n## Convert a plain ini file to encrypted version and vice-versa\r\n\r\nIt's pretty simple to encrypt an existing .ini file.\r\nYou just need to read it as standard ini file, then write it as encrypted file.\r\n\r\n```python\r\noriginal_file = 'config.ini'\r\ntarget_encrypted_file = 'config.encrypted'\r\n\r\nconf_file = ConfigParsercrypt()\r\n\r\n# Create new AES key\r\nconf_file.generate_key()\r\n# Don't forget to backup your key somewhere for later usage\r\naes_key = conf_file.aes_key\r\n\r\n# Read original file\r\nconfig_file.read(original_file)\r\n# Write encrypted config file\r\nwith open(target_encrypted_file, 'wb') as file_handle:\r\n conf_file.write_encrypted(file_handle)\r\n```\r\n\r\nJust keep in mind that secure deletion of the original file is out of scope of ConfigParserCrypt.\r\nOf course, you can also read an encrypted file and save it as non encrypted.\r\n\r\n## Convert ConfigParser to dictionary and vice-versa\r\n\r\nJust like ConfigParser, ConfigParserCrypt provides a ConfigParser object.\r\nIt's sometimes useful to switch between those objects and a dictionary.\r\n\r\nConfigParserCrypt has configparser to dict and dict to configparser object functions included.\r\nSince ConfigParser stores all variables (int, float, bool) as strings, the converter functions try to recast the original type of the variable when rendering a dictionary.\r\n\r\nThe only drawback is that your dictionaries must not exceed more than two level depth, eg:\r\n```python\r\nmy_dict = {\r\n 'section_name':\r\n {\r\n 'some_name': 'some_var'\r\n },\r\n 'another_section':\r\n {\r\n 'another_var': 'something',\r\n 'an int': 1,\r\n 'a bool': False\r\n }\r\n}\r\n```\r\n\r\nNote that these convert functions also work with vanilla ConfigPaser\r\nExample:\r\n```python\r\n\r\nimport ConfigParserCrypt\r\nfrom configparser_crypt.dict_convert import configparser_to_dict, dict_to_configparser\r\n\r\nmy_dict = configparser_to_dict(configparser_object)\r\ntype(my_dict['some_int']) == True\r\n\r\nmy_config_parser_object = dict_to_configparser(some_dict)\r\n```\r\n",
"bugtrack_url": null,
"license": "BSD",
"summary": "Drop-in replacement for ConfigParser with encryption support",
"version": "1.1.0",
"project_urls": {
"Homepage": "https://github.com/netinvent/configparser_crypt"
},
"split_keywords": [
"cryptography",
"configparser",
"symmetric",
"cipher",
"encryption",
"config file"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "8ceba522ac67489162ea2545bad6df554191505a1df0da5d14258e8aa959d5ab",
"md5": "4d959c1b164595e3722c8b91bc6879f0",
"sha256": "08b1c3ea2a3c94c11092cc294b4cd3deaf2491209e96c9ea5968b65e8a551b51"
},
"downloads": -1,
"filename": "configparser_crypt-1.1.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "4d959c1b164595e3722c8b91bc6879f0",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": null,
"size": 7868,
"upload_time": "2023-06-02T15:05:31",
"upload_time_iso_8601": "2023-06-02T15:05:31.463217Z",
"url": "https://files.pythonhosted.org/packages/8c/eb/a522ac67489162ea2545bad6df554191505a1df0da5d14258e8aa959d5ab/configparser_crypt-1.1.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "88893f393338d7b028ef9cf2525ad1068e4ebad25ee203f0c77ba45c8919b168",
"md5": "aa942c6f3f8d24e73a8a417d136193c1",
"sha256": "ab5534783ae9c439a96054949f8193a9fb0c3aa0d055641fb77feb9ede62ec25"
},
"downloads": -1,
"filename": "configparser_crypt-1.1.0.tar.gz",
"has_sig": false,
"md5_digest": "aa942c6f3f8d24e73a8a417d136193c1",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 8062,
"upload_time": "2023-06-02T15:05:32",
"upload_time_iso_8601": "2023-06-02T15:05:32.639462Z",
"url": "https://files.pythonhosted.org/packages/88/89/3f393338d7b028ef9cf2525ad1068e4ebad25ee203f0c77ba45c8919b168/configparser_crypt-1.1.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-06-02 15:05:32",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "netinvent",
"github_project": "configparser_crypt",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "configparser-crypt"
}
JSON
