Fast, efficient Blowfish cipher implementation in pure Python (3.4+).

Related tags

Documentationpython-blowfish
Overview

PyPI CI

blowfish

This module implements the Blowfish cipher using only Python (3.4+).

Blowfish is a block cipher that can be used for symmetric-key encryption. It has a 8-byte block size and supports a variable-length key, from 4 to 56 bytes. It's fast, free and has been analyzed considerably. It was designed by Bruce Schneier and more details about it can be found at <https://www.schneier.com/blowfish.html>.

Dependencies

  • Python 3.4+

Features

  • Fast (well, as fast you can possibly go using only Python 3.4+)
  • Efficient; generators/iterators are used liberally to reduce memory usage
  • Cipher-Block Chaining (CBC) mode
  • Cipher-Block Chaining with Ciphertext Stealing (CBC-CTS) mode
  • Propagating Cipher-Block Chaining (PCBC) mode
  • Cipher Feedback (CFB) mode
  • Output Feedback (OFB) mode
  • Counter (CTR) mode
  • Electronic Codebook (ECB) mode
  • Electronic Codebook with Ciphertext Stealing (ECB-CTS) mode

Installation

If you just need a Blowfish cipher in your Python project, feel free to manually copy blowfish.py to your package directory (license permitting).

distutils

To install the module to your Python distribution, use the included distutils script:

$ python setup.py install

pip

Stable versions can be installed from pypi using pip:

$ pip install blowfish

pip can also install the latest development version directly from git:

$ pip install 'git+https://github.com/jashandeep-sohi/python-blowfish.git'

Development

Want to add a mode of operation? Speed up encryption?

Make your changes to a clone of the repository at https://github.com/jashandeep-sohi/python-blowfish and send me a pull request.

Tests

Tests are written using the Python unittest framework. All tests currently reside in the test.py file and can be run using the distutils script:

$ python setup.py test

Bugs

Are you having problems? Please let me know at https://github.com/jashandeep-sohi/python-blowfish/issues

Usage

Warning

Cryptography is complex, so please don't use this module in anything critical without understanding what you are doing and checking the source code to make sure it is doing what you want it to.

Note

This is just a quick overview on how to use the module. For detailed documentation please see the docstrings in the module.

First create a Cipher object with a key.

import blowfish

cipher = blowfish.Cipher(b"Key must be between 4 and 56 bytes long.")

By default this initializes a Blowfish cipher that will interpret bytes using the big-endian byte order. Should the need arrise to use the little-endian byte order, provide "little" as the second argument.

cipher_little = blowfish.Cipher(b"my key", byte_order = "little")

Block

To encrypt or decrypt a block of data (8 bytes), use the encrypt_block or decrypt_block methods of the Cipher object.

from os import urandom

block = urandom(8)

ciphertext = cipher.encrypt_block(block)
plaintext = cipher.decrypt_block(ciphertext)

assert block == plaintext

As these methods can only operate on 8 bytes of data, they're of little practical use. Instead, use one of the implemented modes of operation.

Cipher-Block Chaining Mode (CBC)

To encrypt or decrypt data in CBC mode, use encrypt_cbc or decrypt_cbc methods of the Cipher object. CBC mode can only operate on data that is a multiple of the block-size in length.

data = urandom(10 * 8) # data to encrypt
iv = urandom(8) # initialization vector

data_encrypted = b"".join(cipher.encrypt_cbc(data, iv))
data_decrypted = b"".join(cipher.decrypt_cbc(data_encrypted, iv))

assert data == data_decrypted

Cipher-Block Chaining with Ciphertext Stealing (CBC-CTS)

To encrypt or decrypt data in CBC-CTS mode, use encrypt_cbc_cts or decrypt_cbc_cts methods of the Cipher object. CBC-CTS mode can operate on data of any length greater than 8 bytes.

data = urandom(10 * 8 + 6) # data to encrypt
iv = urandom(8) # initialization vector

data_encrypted = b"".join(cipher.encrypt_cbc_cts(data, iv))
data_decrypted = b"".join(cipher.decrypt_cbc_cts(data_encrypted, iv))

assert data == data_decrypted

Propagating Cipher-Block Chaining Mode (PCBC)

To encrypt or decrypt data in PCBC mode, use encrypt_pcbc or decrypt_pcbc methods of the Cipher object. PCBC mode can only operate on data that is a multiple of the block-size in length.

data = urandom(10 * 8) # data to encrypt
iv = urandom(8) # initialization vector

data_encrypted = b"".join(cipher.encrypt_pcbc(data, iv))
data_decrypted = b"".join(cipher.decrypt_pcbc(data_encrypted, iv))

assert data == data_decrypted

Cipher Feedback Mode (CFB)

To encrypt or decrypt data in CFB mode, use encrypt_cfb or decrypt_cfb methods of the Cipher object. CFB mode can operate on data of any length.

data = urandom(10 * 8 + 7) # data to encrypt
iv = urandom(8) # initialization vector

data_encrypted = b"".join(cipher.encrypt_cfb(data, iv))
data_decrypted = b"".join(cipher.decrypt_cfb(data_encrypted, iv))

assert data == data_decrypted

Output Feedback Mode (OFB)

To encrypt or decrypt data in OFB mode, use encrypt_ofb or decrypt_ofb methods of the Cipher object. OFB mode can operate on data of any length.

data = urandom(10 * 8 + 1) # data to encrypt
iv = urandom(8) # initialization vector

data_encrypted = b"".join(cipher.encrypt_ofb(data, iv))
data_decrypted = b"".join(cipher.decrypt_ofb(data_encrypted, iv))

assert data == data_decrypted

Counter Mode (CTR)

To encrypt or decrypt data in CTR mode, use encrypt_ctr or decrypt_ctr methods of the Cipher object. CTR mode can operate on data of any length. Although you can use any counter you want, a simple increment by one counter is secure and the most popular. So for convenience sake a simple increment by one counter is implemented by the blowfish.ctr_counter function. However, you should implement your own for optimization purposes.

from operator import xor

data = urandom(10 * 8 + 2) # data to encrypt

# increment by one counters
nonce = int.from_bytes(urandom(8), "big")
enc_counter = blowfish.ctr_counter(nonce, f = xor)
dec_counter = blowfish.ctr_counter(nonce, f = xor)

data_encrypted = b"".join(cipher.encrypt_ctr(data, enc_counter))
data_decrypted = b"".join(cipher.decrypt_ctr(data_encrypted, dec_counter))

assert data == data_decrypted

Electronic Codebook Mode (ECB)

Note: ECB mode does not provide strong confidentiality, regardless of the cipher, and is not recommended for use in applications.

To encrypt or decrypt data in ECB mode, use encrypt_ecb or decrypt_ecb methods of the Cipher object. ECB mode can only operate on data that is a multiple of the block-size in length.

data = urandom(10 * 8) # data to encrypt

data_encrypted = b"".join(cipher.encrypt_ecb(data))
data_decrypted = b"".join(cipher.decrypt_ecb(data_encrypted))

assert data == data_decrypted

Electronic Codebook Mode with Cipher Text Stealing (ECB-CTS)

Note: the warning pertaining to ECB mode above also applies to ECB-CTS.

To encrypt or decrypt data in ECB-CTS mode, use encrypt_ecb_cts or decrypt_ebc_cts methods of the Cipher object. ECB-CTS mode can operate on data of any length greater than 8 bytes.

data = urandom(10 * 8 + 5) # data to encrypt

data_encrypted = b"".join(cipher.encrypt_ecb_cts(data))
data_decrypted = b"".join(cipher.decrypt_ecb_cts(data_encrypted))

assert data == data_decrypted
Comments
  • Bad Pi!

    Bad Pi!

    After using 'PI' sign in source, i can't install module via pip on Kubuntu/Pythin3.5, and QPython/Python3.5. When i remove 'PI' sign, importing of module works well. `

    import blowfish Traceback (most recent call last): File "", line 1, in File "blowfish.py", line 32 SyntaxError: Non-ASCII character '\xcf' in file blowfish.py on line 32, but no encoding declared; see http://python.org/dev/peps/pep-0263/ for details

    `

    opened by Moneetor 3
  • Bytes to str and back, ctr_counter

    Bytes to str and back, ctr_counter

    Hoping you might be able to point me in the right direction.

    I'm using encrypt_ctr successfully, however the storage medium I'm using requires me to store into str. I'm not sure what encoding/decoding to use to make it go to a str, and then be able to be converted from str back to bytes for decrypt_ctr to handle.

    At the moment, decryption is sort of like:

    encryptedBytes = b"".join(encryptedBytesList)
with open(metadata["filename"], "wb") as openFile:
            decoded_data = b"".join(self.cipher.decrypt_ctr(data, self.encrypt_counter))
            openFile.write(decoded_data)

    And encryption, sort of like:

    with open(os.path.expanduser("~/reddiSync/") + filename, "rb") as openFile:
            data = openFile.read()
            encoded_data = b"".join(self.cipher.encrypt_ctr(data, self.encrypt_counter))
        encoded_list = [encoded_data[i:i+1000] for i in range(0, len(data), 1000)]
        return [str(x) for x in encoded_list]

    Its ensuring the original conversion to str that's the issue.

    UTF-8 isn't compatible with some of the bytes produced, so is there an encoding I could use?

    opened by shakna-israel 2
  • DES_set_key_checked in blowfish

    DES_set_key_checked in blowfish

    I encountered a problem about DES_cfb64_encrypt, i use "cipher.encrypt_cfb(data, iv)" but incorrect result. i found that no similar function in cipher.

    opened by jmpews 2
  • Docs - electronic code book

    Docs - electronic code book

    One of the first items under "Usage" on the README is how to use ECB mode. I would like to suggest that this section should be accompanied by a warning that ECB mode is inherently insecure and does not provide strong secrecy. It is in fact very vulnerable to cryptanlysis and secrecy can be compromised even without side-channels.

    I would also recommend that this section not be placed first in the documentation.

    A set of images on wikipedia illustrates dramatically the way ECB mode leaks data: https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#ECB

    opened by leifurhauks 1
  • Add a 'test' command to setup.py to run unittests

    Add a 'test' command to setup.py to run unittests

    Now tests can be run using the distutils script:

    $ python setup.py test -vv
running test
running build_py
test_decrypt_block (test.Cipher) ... ok
test_encrypt_block (test.Cipher) ... ok
test_decrypt_block (test.CipherLittleEndian) ... ok
test_encrypt_block (test.CipherLittleEndian) ... ok
test_cbc_cts_mode (test.ModesOfOperation) ... ok
test_cbc_mode (test.ModesOfOperation) ... ok
test_cfb_mode (test.ModesOfOperation) ... ok
test_ctr_mode (test.ModesOfOperation) ... ok
test_ecb_cts_mode (test.ModesOfOperation) ... ok
test_ecb_mode (test.ModesOfOperation) ... ok
test_ofb_mode (test.ModesOfOperation) ... ok
test_pcbc_mode (test.ModesOfOperation) ... ok

----------------------------------------------------------------------
Ran 12 tests in 1.816s

OK
    enhancement 
    opened by jashandeep-sohi 0
  • Fix little-endian byte-order input encryption and decryption.

    Fix little-endian byte-order input encryption and decryption.

    This fixes bug https://github.com/jashandeep-sohi/python-blowfish/issues/9.

    u4_1_struct is used to split 32-bit integers into 4 bytes. The higher 8 bits should be the first byte, the next 8 bits should be the next byte, and so on. So, it should always be in big-endian byte order and not be dependent on the byte_order option.

    opened by jashandeep-sohi 0
  • Add custom exceptions for incorrect input data

    Add custom exceptions for incorrect input data

    Currently, the generic struct.error is raised when the input data is not the correct length. Raise a custom exception so it's a bit more clear as to why the call failed.

    enhancement 
    opened by jashandeep-sohi 0
  • Need example for encrypt/decrypt for a large file (say 1mb)

    Need example for encrypt/decrypt for a large file (say 1mb)

    Hello there this is just awesome. However, I am in a hurry and looing for a sample code which encrypts and decrypts a big file what is the cost of encryption? is it O(n) ? thanks Sriram

    opened by sriramb12 0
Owner
Jashandeep Sohi
Jashandeep Sohi
GitHub Repository https://blowfish.sohi.link
PowerApps-docstring is a console based, pipeline ready application that automatically generates user and technical documentation for Power Apps.

powerapps-docstring PowerApps-docstring is a console based, pipeline ready application that automatically generates user and technical documentation f

Sebastian Muthwill 30 Nov 23, 2022
The tutorial is a collection of many other resources and my own notes

Why we need CTC? --- looking back on history 1.1. About CRNN 1.2. from Cross Entropy Loss to CTC Loss Details about CTC 2.1. intuition: forward algor

手写AI 7 Sep 19, 2022
A collection of simple python mini projects to enhance your python skills

A collection of simple python mini projects to enhance your python skills

PYTHON WORLD 12.1k Jan 05, 2023
Python solutions to solve practical business problems.

Python Business Analytics Also instead of "watching" you can join the link-letter, it's already being sent out to about 90 people and you are free to

Derek Snow 357 Dec 26, 2022
CoderByte | Practice, Tutorials & Interview Preparation Solutions|

CoderByte | Practice, Tutorials & Interview Preparation Solutions This repository consists of solutions to CoderByte practice, tutorials, and intervie

Eda AYDIN 6 Aug 09, 2022
A document format conversion service based on Pandoc.

reformed Document format conversion service based on Pandoc. Usage The API specification for the Reformed server is as follows: GET /api/v1/formats: L

David Lougheed 3 Jul 18, 2022
Version bêta d'un système pour suivre les prix des livres chez Books to Scrape,

Version bêta d'un système pour suivre les prix des livres chez Books to Scrape, un revendeur de livres en ligne. En pratique, dans cette version bêta, le programme n'effectuera pas une véritable surv

Mouhamed Dia 1 Jan 06, 2022
Data-Scrapping SEO - the project uses various data scrapping and Google autocompletes API tools to provide relevant points of different keywords so that search engines can be optimized

Data-Scrapping SEO - the project uses various data scrapping and Google autocompletes API tools to provide relevant points of different keywords so that search engines can be optimized; as this infor

Vibhav Kumar Dixit 2 Jul 18, 2022
My Sublime Text theme

rsms sublime text theme Install: cd path/to/your/sublime/packages git clone https://github.com/rsms/sublime-theme.git rsms-theme You'll also need the

Rasmus 166 Jan 04, 2023
Test utility for validating OpenAPI documentation

DRF OpenAPI Tester This is a test utility to validate DRF Test Responses against OpenAPI 2 and 3 schema. It has built-in support for: OpenAPI 2/3 yaml

snok 106 Jan 05, 2023
FireEye Related Projects

FireEye FireEye Related Projects Tor-IP-Collector Simple python script that will collect a list of TOR IPs from the SecOps Institute Github and inject

Taran Ulrich 2 Nov 12, 2022
Easy OpenAPI specs and Swagger UI for your Flask API

Flasgger Easy Swagger UI for your Flask API Flasgger is a Flask extension to extract OpenAPI-Specification from all Flask views registered in your API

Flasgger 3.1k Jan 05, 2023
Python Deep Dive Course - Accompanying Materials

Python Deep Dive Various Jupyter notebooks and Python sources associated with my Udemy Python 3 Deep Dive course series: Part 1: Mainly functional pro

Fred Baptiste 1.1k Dec 30, 2022
Legacy python processor for AsciiDoc

AsciiDoc.py This branch is tracking the alpha, in-progress 10.x release. For the stable 9.x code, please go to the 9.x branch! AsciiDoc is a text docu

AsciiDoc.py 178 Dec 25, 2022
Python syntax highlighted Markdown doctest.

phmdoctest 1.3.0 Introduction Python syntax highlighted Markdown doctest Command line program and Python library to test Python syntax highlighted cod

Mark Taylor 16 Aug 09, 2022
Example Python code for running the mango-explorer marketmaker

🥭 Mango Explorer 📖 Introduction This guide will show you how to load and run a customisable marketmaker that runs on Mango Markets using the mango-e

Blockworks Foundation 2 Apr 11, 2022
Detecting silent model failure. NannyML estimates performance with an algorithm called Confidence-based Performance estimation (CBPE), developed by core contributors. It is the only open-source algorithm capable of fully capturing the impact of data drift on performance.

Website • Docs • Community Slack 💡 What is NannyML? NannyML is an open-source python library that allows you to estimate post-deployment model perfor

1.3k Jan 08, 2023
This is a template (starter kit) for writing Maturity Work with Sphinx / LaTeX at Collège du Sud

sphinx-tm-template Ce dépôt est un template de base utilisable pour écrire ton travail de maturité dans le séminaire d'informatique du Collège du Sud.

6 Dec 22, 2022
💯 Coolest snippets

nvim-snippets This was originally included in my personal Neovim setup, but I didn't like having all the snippets there so I decided to have them sepa

Eliaz Bobadilla 6 Aug 31, 2022
charcade is a string manipulation library that can animate, color, and bruteforce strings

charcade charcade is a string manipulation library that can animate, color, and bruteforce strings. Features Animating text for CLI applications with

Aaron 8 May 23, 2022