hc671123-secure-secrets


Namehc671123-secure-secrets JSON
Version 2.3.1 PyPI version JSON
download
home_pageNone
SummaryModule which enables storing encrypted, password protected secrets in a single file. Also allows for easy encryption and decryption of data
upload_time2025-07-18 19:34:05
maintainerNone
docs_urlNone
authorNone
requires_python>=3.13
licenseNone
keywords secrets secure encryption
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage No coveralls. 
            # secure_module Python
Security module which stores important and confidental information. Information is stored encrypted and password protected. The module also provides the WebEncr and WebDecr functions which encrypts and decrypts any object with AES-GCM 256-bit encryption. Have a look at SECURITY.md on GitHub and read the information below for security informations.

# PyPI published
This module is published on PyPI https://pypi.org/project/hc671123-secure-secrets/. You can install it with following pip command: pip install hc671123-secure-secrets .

# How to use the module
Have a look at the example.py file on GitHub. Try to always update to the latest version. New Versions will be named with semantic versioning https://semver.org/.
You need to have pycryptodomex installed (if you install the module with pip, this is automatically done).<br>
<b>Keep aware always adding secrets without making a commit with the secret in plaintext!</b>

## General information about AES-GCM
AES-GCM provides data integrity and confidentiality (it belongs to the class of authenticated encryption with associated data - AEAD algorithms).
For further information about GCM I recommend you to have a look at <i>http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf</i>. You can also have a look at <i>https://en.wikipedia.org/wiki/Galois/Counter_Mode</i>.

## Security
- For any given key, GCM is <b>limited to encrypting 2^39 - 256 bits of plain data (64GiB)</b>!
- It's security depends on a <b>unique nonce for every encryption performed with the same key</b>. Have a look at <i>http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf</i>.
- The authentication strength depends on the length of it's tag. The longer the tag (128 bit / 16 byte maximum) the better. 
- For information about Key Establishment have a look at section 8.1 in <i>http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf</i>.

## Information about my implementation

### nonce
I use a pseudo random nonce with 64 bytes length. If high security is needed or something like file encryption is wanted, I would recommend using a deterministic nonce, like described in section 8.2.1 in <i>http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf</i>. As the pycryptodomex implementation supports 16 byte nonces, I would use a 16 byte nonce. If you change the length of the nonce, the decrypt function must be adapted to the new length.
### authentication tag
I use the longest possible tag length, which ensures the highest possible authentication strength. Smaller tag lengths are highly discouraged.
### Key Generation
Generates a random key. For information about Key Establishment have a look at section 8.1 in <i>http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf</i>.

Raw data

            {
    "_id": null,
    "home_page": null,
    "name": "hc671123-secure-secrets",
    "maintainer": null,
    "docs_url": null,
    "requires_python": ">=3.13",
    "maintainer_email": "hc671123 <behoben_floral0p@icloud.com>",
    "keywords": "secrets, secure, encryption",
    "author": null,
    "author_email": "hc671123 <behoben_floral0p@icloud.com>",
    "download_url": "https://files.pythonhosted.org/packages/d6/b2/54c80369e44f9861b41cb236d2b734bc1d03e0ccf973ec56eea614861ccc/hc671123_secure_secrets-2.3.1.tar.gz",
    "platform": null,
    "description": "# secure_module Python\r\nSecurity module which stores important and confidental information. Information is stored encrypted and password protected. The module also provides the WebEncr and WebDecr functions which encrypts and decrypts any object with AES-GCM 256-bit encryption. Have a look at SECURITY.md on GitHub and read the information below for security informations.\r\n\r\n# PyPI published\r\nThis module is published on PyPI https://pypi.org/project/hc671123-secure-secrets/. You can install it with following pip command: pip install hc671123-secure-secrets .\r\n\r\n# How to use the module\r\nHave a look at the example.py file on GitHub. Try to always update to the latest version. New Versions will be named with semantic versioning https://semver.org/.\r\nYou need to have pycryptodomex installed (if you install the module with pip, this is automatically done).<br>\r\n<b>Keep aware always adding secrets without making a commit with the secret in plaintext!</b>\r\n\r\n## General information about AES-GCM\r\nAES-GCM provides data integrity and confidentiality (it belongs to the class of authenticated encryption with associated data - AEAD algorithms).\r\nFor further information about GCM I recommend you to have a look at <i>http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf</i>. You can also have a look at <i>https://en.wikipedia.org/wiki/Galois/Counter_Mode</i>.\r\n\r\n## Security\r\n- For any given key, GCM is <b>limited to encrypting 2^39 - 256 bits of plain data (64GiB)</b>!\r\n- It's security depends on a <b>unique nonce for every encryption performed with the same key</b>. Have a look at <i>http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf</i>.\r\n- The authentication strength depends on the length of it's tag. The longer the tag (128 bit / 16 byte maximum) the better. \r\n- For information about Key Establishment have a look at section 8.1 in <i>http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf</i>.\r\n\r\n## Information about my implementation\r\n\r\n### nonce\r\nI use a pseudo random nonce with 64 bytes length. If high security is needed or something like file encryption is wanted, I would recommend using a deterministic nonce, like described in section 8.2.1 in <i>http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf</i>. As the pycryptodomex implementation supports 16 byte nonces, I would use a 16 byte nonce. If you change the length of the nonce, the decrypt function must be adapted to the new length.\r\n### authentication tag\r\nI use the longest possible tag length, which ensures the highest possible authentication strength. Smaller tag lengths are highly discouraged.\r\n### Key Generation\r\nGenerates a random key. For information about Key Establishment have a look at section 8.1 in <i>http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf</i>.\r\n",
    "bugtrack_url": null,
    "license": null,
    "summary": "Module which enables storing encrypted, password protected secrets in a single file. Also allows for easy encryption and decryption of data",
    "version": "2.3.1",
    "project_urls": {
        "Homepage": "https://github.com/hc671123/secure_secrets_module-py",
        "Issues": "https://github.com/hc671123/secure_secrets_module-py/issues",
        "Repository": "https://github.com/hc671123/secure_secrets_module-py.git"
    },
    "split_keywords": [
        "secrets",
        " secure",
        " encryption"
    ],
    "urls": [
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "ec0da1255e83c208e7d43ddf54258b941d0016d456b58a0d74663ce4c65436c3",
                "md5": "5cd72e56aeaa9f298f4c1b7b5896d399",
                "sha256": "01791021015d742ea52195eff29f63a7070307ed824925d9a6d9c8d7cd94a2a6"
            },
            "downloads": -1,
            "filename": "hc671123_secure_secrets-2.3.1-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "5cd72e56aeaa9f298f4c1b7b5896d399",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": ">=3.13",
            "size": 6160,
            "upload_time": "2025-07-18T19:34:04",
            "upload_time_iso_8601": "2025-07-18T19:34:04.699948Z",
            "url": "https://files.pythonhosted.org/packages/ec/0d/a1255e83c208e7d43ddf54258b941d0016d456b58a0d74663ce4c65436c3/hc671123_secure_secrets-2.3.1-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "d6b254c80369e44f9861b41cb236d2b734bc1d03e0ccf973ec56eea614861ccc",
                "md5": "e653ca63b2092401d234c0fde66e4d73",
                "sha256": "c3d73e7d8b6d89089629f674efa019e4f4ceb5a3c456666c0727a350139f27d8"
            },
            "downloads": -1,
            "filename": "hc671123_secure_secrets-2.3.1.tar.gz",
            "has_sig": false,
            "md5_digest": "e653ca63b2092401d234c0fde66e4d73",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": ">=3.13",
            "size": 5320,
            "upload_time": "2025-07-18T19:34:05",
            "upload_time_iso_8601": "2025-07-18T19:34:05.572028Z",
            "url": "https://files.pythonhosted.org/packages/d6/b2/54c80369e44f9861b41cb236d2b734bc1d03e0ccf973ec56eea614861ccc/hc671123_secure_secrets-2.3.1.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2025-07-18 19:34:05",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "github_user": "hc671123",
    "github_project": "secure_secrets_module-py",
    "travis_ci": false,
    "coveralls": false,
    "github_actions": false,
    "lcname": "hc671123-secure-secrets"
}
None
Elapsed time: 0.47896s