## Encryption with Key generated from Password

Source: https://nitratine.net/blog/post/encryption-and-decryption-in-python/

### Generating a Key From A Password

In [1]:
# Load libraries
import base64, os
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
from cryptography.fernet import Fernet

# This is input in the form of a string
password_provided = input('Your password: ')  # E.g.: "pas$worD"

# Convert to type bytes
password = password_provided.encode()

# b'salt_' must be of type bytes  
salt = os.urandom(16)

kdf = PBKDF2HMAC(
    algorithm=hashes.SHA256(),
    length=32,
    salt=salt,
    iterations=200000,  # Default: 100000
    backend=default_backend()
)

key = base64.urlsafe_b64encode(kdf.derive(password))  # Can only use kdf once

# Save the Key (store somewhere safe)
with open("key.key", "wb") as key_file:
    key_file.write(key)

Your password: Pas$worD


### Encrypting

In [2]:
def load_key():
    """
    Loads the key from the current directory named `key.key`
    """
    return open("key.key", "rb").read()

In [3]:
message = input("Your secret message: ").encode()

# Load the key
key = load_key()
f = Fernet(key)

# Encrypt the bytes. The returning object is of type bytes
encrypted = f.encrypt(message)

print(encrypted)

Your secret message: This is a very important and secret message! Keep it safe!
b'gAAAAABgBLA6Ge28ImJpWpmtGSwRtxYUzuyXsSiAB6Lk-_YwSbvMHjCI9gxcOwRFGw4r1Dks34isyVZRBvmXMuob6XCSnB1lOKsfv2DiS6kBSYb84rgDF9Dbxrls64PqrUE3fn63cE7OAlqmQsfGp17qkvctwOHhgQ=='


### Decrypting

In [4]:
encrypted = input("Encrypted string: ")
encrypted = bytes(encrypted, encoding='utf8')

# Load the key
key = load_key()
f = Fernet(key)

try:
    # Decrypt the bytes. The returning object is of type bytes
    decrypted = f.decrypt(encrypted)
    print("\nValid Key - Successfully decrypted\n")
    print(decrypted)

# Catch any InvalidToken exceptions if the correct key was not provided
except InvalidToken as e:
    print("Invalid Key - Unsuccessfully decrypted")

Encrypted string: gAAAAABgBLA6Ge28ImJpWpmtGSwRtxYUzuyXsSiAB6Lk-_YwSbvMHjCI9gxcOwRFGw4r1Dks34isyVZRBvmXMuob6XCSnB1lOKsfv2DiS6kBSYb84rgDF9Dbxrls64PqrUE3fn63cE7OAlqmQsfGp17qkvctwOHhgQ==

Valid Key - Successfully decrypted

b'This is a very important and secret message! Keep it safe!'
