In [6]:
import os, lorem, sys
from getpass import *
from multiprocessing import Process, Pipe
from pickle import *
from base64 import b64encode, b64decode

class BiConn(object):
    def __init__(self,left,right,timeout=None):
        """
        left : a função que vei ligar ao lado esquerdo do Pipe
        right: a função que vai ligar ao outro lado
        timeout: (opcional) numero de segundos que aguarda pela terminação do processo
        """
        left_end, right_end = Pipe()
        self.timeout=timeout
        self.lproc = Process(target=left, args=(left_end,))       # os processos ligados ao Pipe
        self.rproc = Process(target=right, args=(right_end,))
        self.left  = lambda : left(left_end)                       # as funções ligadas já ao Pipe
        self.right = lambda : right(right_end)

    def auto(self, proc=None):
        if proc == None:             # corre os dois processos independentes
            self.lproc.start()
            self.rproc.start()
            self.lproc.join(self.timeout)
            self.rproc.join(self.timeout)
        else:                        # corre só o processo passado como parâmetro
            proc.start(); proc.join()

    def manual(self):   #  corre as duas funções no contexto de um mesmo processo Python
        self.left()
        self.right()

In [7]:
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
from cryptography.hazmat.primitives import hashes, hmac
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.ciphers.aead import AESGCM

default_algorithm = hashes.SHA256


def Hash(s):
    digest = hashes.Hash(default_algorithm(),backend=default_backend())
    digest.update(s)
    return digest.finalize()

# KDF

def kdf(salt):
    return PBKDF2HMAC(
        algorithm=default_algorithm(),   # SHA256  
        length=32,
        salt=salt, 
        iterations=100000,
        backend=default_backend()        # openssl
        )

def mac(key,source, tag=None):
    h = hmac.HMAC(key,default_algorithm(),default_backend())
    h.update(source)
    if tag == None:
        return h.finalize()
    h.verify(tag)

In [14]:
my_salt=os.urandom(16)
metadata = os.urandom(1024)

def Emitter(conn):
    password=bytes(getpass('Password do emissor:'),'utf-8')
    plaintext = bytes(input('Mensagem a cifrar:'), 'utf-8')

    
    try:
        key = kdf(my_salt).derive(password)
        iv = os.urandom(16)
        hash_key = Hash(key)
        tag = mac(hash_key,plaintext)
        cipher = Cipher(algorithms.AES(key), modes.GCM(iv), backend=default_backend()).encryptor() 
        cipher.authenticate_additional_data(metadata) 
        ciphertext = cipher.update(plaintext) + cipher.finalize()
        obj = {'mess' : ciphertext , 'tag' : tag , 'tag_cipher' : cipher.tag, 'iv' : iv}
        conn.send(obj)  
    except:
        print("Erro no emissor")
        
    conn.close()
            
    
def Receiver(conn):
    
    password = bytes(getpass('Password do recetor: '),'utf-8')
    

    try:
        obj = conn.recv()
        ciphertext = obj['mess']
        tag = obj['tag']
        tag_cipher = obj['tag_cipher']
        iv = obj['iv']
        key = kdf(my_salt).derive(password)
        
        cipher = Cipher(algorithms.AES(key), modes.GCM(iv,tag_cipher), backend=default_backend()).decryptor()
        cipher.authenticate_additional_data(metadata)
        plaintext = cipher.update(ciphertext) + cipher.finalize()

        if tag == mac(Hash(key),plaintext):
            print('Mensagem decifrada:',plaintext)
        else:
            print('Tags diferentes')
    except:
        print('FAIL')
        
    conn.close()

In [15]:
BiConn(Emitter,Receiver, timeout=30).manual()

Password do emissor:········
Mensagem a cifrar:laksdjlaksjd
Password do recetor: ········
Mensagem decifrada: b'laksdjlaksjd'
