mm-std 0.4.16__py3-none-any.whl → 0.4.17__py3-none-any.whl

mm_std/__init__.py

@@ -10,9 +10,13 @@ from .concurrency.sync_decorators import synchronized_parameter as synchronized_
 from .concurrency.sync_scheduler import Scheduler as Scheduler
 from .concurrency.sync_task_runner import ConcurrentTasks as ConcurrentTasks
 from .config import BaseConfig as BaseConfig
-from .crypto import fernet_decrypt as fernet_decrypt
-from .crypto import fernet_encrypt as fernet_encrypt
-from .crypto import fernet_generate_key as fernet_generate_key
+from .crypto.fernet import fernet_decrypt as fernet_decrypt
+from .crypto.fernet import fernet_encrypt as fernet_encrypt
+from .crypto.fernet import fernet_generate_key as fernet_generate_key
+from .crypto.openssl import openssl_decrypt as openssl_decrypt
+from .crypto.openssl import openssl_decrypt_base64 as openssl_decrypt_base64
+from .crypto.openssl import openssl_encrypt as openssl_encrypt
+from .crypto.openssl import openssl_encrypt_base64 as openssl_encrypt_base64
 from .date import parse_date as parse_date
 from .date import utc_delta as utc_delta
 from .date import utc_now as utc_now

mm_std/crypto/openssl.py

@@ -0,0 +1,207 @@
+from base64 import b64decode, b64encode
+from hashlib import pbkdf2_hmac
+from os import urandom
+from pathlib import Path
+
+from cryptography.hazmat.primitives import padding
+from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
+
+MAGIC = b"Salted__"
+SALT_SIZE = 8
+KEY_SIZE = 32  # for AES-256
+IV_SIZE = 16
+
+
+def openssl_encrypt(input_path: Path, output_path: Path, password: str, iterations: int = 1_000_000) -> None:
+    """
+    Encrypt a file using OpenSSL-compatible AES-256-CBC with PBKDF2 and output in binary format.
+
+    This function creates encrypted files that are fully compatible with OpenSSL command:
+    openssl enc -aes-256-cbc -pbkdf2 -iter 1000000 -salt -in message.txt -out message.enc
+
+    Args:
+        input_path: Path to the input file to encrypt
+        output_path: Path where the encrypted binary file will be saved
+        password: Password for encryption
+        iterations: Number of PBKDF2 iterations (minimum 1000, default 1,000,000)
+
+    Raises:
+        ValueError: If iterations < 1000
+
+    Example:
+        >>> from pathlib import Path
+        >>> openssl_encrypt(Path("secret.txt"), Path("secret.enc"), "mypassword")
+
+        # Decrypt with OpenSSL:
+        # openssl enc -d -aes-256-cbc -pbkdf2 -iter 1000000 -in secret.enc -out secret_decrypted.txt -pass pass:mypassword
+    """
+    if iterations < 1000:
+        raise ValueError("Iteration count must be at least 1000 for security")
+
+    data: bytes = input_path.read_bytes()
+    salt: bytes = urandom(SALT_SIZE)
+
+    key_iv: bytes = pbkdf2_hmac("sha256", password.encode("utf-8"), salt, iterations, KEY_SIZE + IV_SIZE)
+    key: bytes = key_iv[:KEY_SIZE]
+    iv: bytes = key_iv[KEY_SIZE:]
+
+    padder = padding.PKCS7(algorithms.AES.block_size).padder()
+    padded_data: bytes = padder.update(data) + padder.finalize()
+
+    cipher = Cipher(algorithms.AES(key), modes.CBC(iv))
+    encryptor = cipher.encryptor()
+    ciphertext: bytes = encryptor.update(padded_data) + encryptor.finalize()
+
+    output_path.write_bytes(MAGIC + salt + ciphertext)
+
+
+def openssl_decrypt(input_path: Path, output_path: Path, password: str, iterations: int = 1_000_000) -> None:
+    """
+    Decrypt a binary file created by OpenSSL-compatible AES-256-CBC with PBKDF2.
+
+    This function decrypts files that were encrypted with OpenSSL command:
+    openssl enc -aes-256-cbc -pbkdf2 -iter 1000000 -salt -in message.txt -out message.enc
+
+    Args:
+        input_path: Path to the encrypted binary file
+        output_path: Path where the decrypted file will be saved
+        password: Password for decryption
+        iterations: Number of PBKDF2 iterations (minimum 1000, default 1,000,000)
+
+    Raises:
+        ValueError: If iterations < 1000, invalid file format, or wrong password
+
+    Example:
+        >>> from pathlib import Path
+        >>> openssl_decrypt(Path("secret.enc"), Path("secret_decrypted.txt"), "mypassword")
+
+        # Encrypt with OpenSSL:
+        # openssl enc -aes-256-cbc -pbkdf2 -iter 1000000 -salt -in secret.txt -out secret.enc -pass pass:mypassword
+    """
+    if iterations < 1000:
+        raise ValueError("Iteration count must be at least 1000 for security")
+
+    raw: bytes = input_path.read_bytes()
+    if not raw.startswith(MAGIC):
+        raise ValueError("Invalid file format: missing OpenSSL Salted header")
+
+    salt: bytes = raw[8:16]
+    ciphertext: bytes = raw[16:]
+
+    key_iv: bytes = pbkdf2_hmac("sha256", password.encode("utf-8"), salt, iterations, KEY_SIZE + IV_SIZE)
+    key: bytes = key_iv[:KEY_SIZE]
+    iv: bytes = key_iv[KEY_SIZE:]
+
+    cipher = Cipher(algorithms.AES(key), modes.CBC(iv))
+    decryptor = cipher.decryptor()
+    padded_plaintext: bytes = decryptor.update(ciphertext) + decryptor.finalize()
+
+    unpadder = padding.PKCS7(algorithms.AES.block_size).unpadder()
+    try:
+        plaintext: bytes = unpadder.update(padded_plaintext) + unpadder.finalize()
+    except ValueError as e:
+        raise ValueError("Decryption failed: invalid padding or wrong password") from e
+
+    output_path.write_bytes(plaintext)
+
+
+def openssl_encrypt_base64(input_path: Path, output_path: Path, password: str, iterations: int = 1_000_000) -> None:
+    """
+    Encrypt a file using OpenSSL-compatible AES-256-CBC with PBKDF2 and output in base64 format.
+
+    This function creates encrypted files that are fully compatible with OpenSSL command:
+    openssl enc -aes-256-cbc -pbkdf2 -iter 1000000 -salt -base64 -in message.txt -out message.enc
+
+    Args:
+        input_path: Path to the input file to encrypt
+        output_path: Path where the encrypted base64 file will be saved
+        password: Password for encryption
+        iterations: Number of PBKDF2 iterations (minimum 1000, default 1,000,000)
+
+    Raises:
+        ValueError: If iterations < 1000
+
+    Example:
+        >>> from pathlib import Path
+        >>> openssl_encrypt_base64(Path("secret.txt"), Path("secret.enc"), "mypassword")
+
+        # Decrypt with OpenSSL:
+        # openssl enc -d -aes-256-cbc -pbkdf2 -iter 1000000 -base64 -in secret.enc -out secret_decrypted.txt -pass pass:mypassword
+    """
+    if iterations < 1000:
+        raise ValueError("Iteration count must be at least 1000 for security")
+
+    data: bytes = input_path.read_bytes()
+    salt: bytes = urandom(SALT_SIZE)
+
+    key_iv: bytes = pbkdf2_hmac("sha256", password.encode("utf-8"), salt, iterations, KEY_SIZE + IV_SIZE)
+    key: bytes = key_iv[:KEY_SIZE]
+    iv: bytes = key_iv[KEY_SIZE:]
+
+    padder = padding.PKCS7(algorithms.AES.block_size).padder()
+    padded_data: bytes = padder.update(data) + padder.finalize()
+
+    cipher = Cipher(algorithms.AES(key), modes.CBC(iv))
+    encryptor = cipher.encryptor()
+    ciphertext: bytes = encryptor.update(padded_data) + encryptor.finalize()
+
+    # Encode binary data to base64
+    binary_data: bytes = MAGIC + salt + ciphertext
+    base64_data: str = b64encode(binary_data).decode("ascii")
+    output_path.write_text(base64_data)
+
+
+def openssl_decrypt_base64(input_path: Path, output_path: Path, password: str, iterations: int = 1_000_000) -> None:
+    """
+    Decrypt a base64-encoded file created by OpenSSL-compatible AES-256-CBC with PBKDF2.
+
+    This function decrypts files that were encrypted with OpenSSL command:
+    openssl enc -aes-256-cbc -pbkdf2 -iter 1000000 -salt -base64 -in message.txt -out message.enc
+
+    Args:
+        input_path: Path to the encrypted base64 file
+        output_path: Path where the decrypted file will be saved
+        password: Password for decryption
+        iterations: Number of PBKDF2 iterations (minimum 1000, default 1,000,000)
+
+    Raises:
+        ValueError: If iterations < 1000, invalid file format, or wrong password
+
+    Example:
+        >>> from pathlib import Path
+        >>> openssl_decrypt_base64(Path("secret.enc"), Path("secret_decrypted.txt"), "mypassword")
+
+        # Encrypt with OpenSSL:
+        # openssl enc -aes-256-cbc -pbkdf2 -iter 1000000 -salt -base64 -in secret.txt -out secret.enc -pass pass:mypassword
+    """
+    if iterations < 1000:
+        raise ValueError("Iteration count must be at least 1000 for security")
+
+    # Decode base64 to binary data
+    try:
+        base64_data: str = input_path.read_text().strip()
+        raw: bytes = b64decode(base64_data)
+    except Exception as e:
+        raise ValueError("Invalid base64 format") from e
+
+    if not raw.startswith(MAGIC):
+        raise ValueError("Invalid file format: missing OpenSSL Salted header")
+
+    salt: bytes = raw[8:16]
+    ciphertext: bytes = raw[16:]
+
+    key_iv: bytes = pbkdf2_hmac("sha256", password.encode("utf-8"), salt, iterations, KEY_SIZE + IV_SIZE)
+    key: bytes = key_iv[:KEY_SIZE]
+    iv: bytes = key_iv[KEY_SIZE:]
+
+    cipher = Cipher(algorithms.AES(key), modes.CBC(iv))
+    decryptor = cipher.decryptor()
+    padded_plaintext: bytes = decryptor.update(ciphertext) + decryptor.finalize()
+
+    unpadder = padding.PKCS7(algorithms.AES.block_size).unpadder()
+    try:
+        plaintext: bytes = unpadder.update(padded_plaintext) + unpadder.finalize()
+    except ValueError as e:
+        raise ValueError("Decryption failed: invalid padding or wrong password") from e
+
+    output_path.write_bytes(plaintext)

{mm_std-0.4.16.dist-info → mm_std-0.4.17.dist-info}/METADATA

@@ -1,12 +1,12 @@
 Metadata-Version: 2.4
 Name: mm-std
-Version: 0.4.16
+Version: 0.4.17
 Requires-Python: >=3.12
 Requires-Dist: aiohttp-socks~=0.10.1
-Requires-Dist: aiohttp~=3.11.18
-Requires-Dist: cryptography~=45.0.2
+Requires-Dist: aiohttp~=3.12.2
+Requires-Dist: cryptography~=45.0.3
 Requires-Dist: pydantic-settings>=2.9.1
-Requires-Dist: pydantic~=2.11.4
+Requires-Dist: pydantic~=2.11.5
 Requires-Dist: pydash~=8.0.5
 Requires-Dist: python-dotenv~=1.1.0
 Requires-Dist: requests[socks]~=2.32.3

{mm_std-0.4.16.dist-info → mm_std-0.4.17.dist-info}/RECORD

@@ -1,7 +1,6 @@
-mm_std/__init__.py,sha256=atBLjXR-O2osgfiZru7mA2SSAPb60fRRDFqxf1soMZM,2888
+mm_std/__init__.py,sha256=OpZAZw3BG3wyDnlRR3p2BZO2cZcE-imScPCf2qRWuUk,3189
 mm_std/command.py,sha256=ze286wjUjg0QSTgIu-2WZks53_Vclg69UaYYgPpQvCU,1283
 mm_std/config.py,sha256=3-FxFCtOffY2t9vuu9adojwbzTPwdAH2P6qDaZnHLbY,3206
-mm_std/crypto.py,sha256=jdk0_TCmeU0pPXMyz9xH6kQHSjjZ9GcGClBwQps5vBo,340
 mm_std/date.py,sha256=976eEkSONuNqHQBgSRu8hrtH23tJqztbmHFHLdbP2TY,1879
 mm_std/dict.py,sha256=DxFbZnl5KK4vJ4wLH_pCT0PWzfaIL3YyLNpRsVexfjw,1465
 mm_std/env.py,sha256=5zaR9VeIfObN-4yfgxoFeU5IM1GDeZZj9SuYf7t9sOA,125
@@ -24,10 +23,13 @@ mm_std/concurrency/async_task_runner.py,sha256=EN7tN2enkVYVgDbhSiAr-_W4o9m9wBXCv
 mm_std/concurrency/sync_decorators.py,sha256=syCQBOmN7qPO55yzgJB2rbkh10CVww376hmyvs6e5tA,1080
 mm_std/concurrency/sync_scheduler.py,sha256=j4tBL_cBI1spr0cZplTA7N2CoYsznuORMeRN8rpR6gY,2407
 mm_std/concurrency/sync_task_runner.py,sha256=s5JPlLYLGQGHIxy4oDS-PN7O9gcy-yPZFoNm8RQwzcw,1780
+mm_std/crypto/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+mm_std/crypto/fernet.py,sha256=jdk0_TCmeU0pPXMyz9xH6kQHSjjZ9GcGClBwQps5vBo,340
+mm_std/crypto/openssl.py,sha256=x8LTRG6-jXLucMcsWS746V7B5fGrJ1c27d08rNK5-Ng,8173
 mm_std/http/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 mm_std/http/http_request.py,sha256=6bg3t49c3dG0jKRFxhcceeYb5yKrMoZwuyb25zBG3tY,4088
 mm_std/http/http_request_sync.py,sha256=zXLeDplYWTFIwaD1Ydyg9yTi37WcI-fReLM0mVnuvhM,1835
 mm_std/http/http_response.py,sha256=7ZllZFPKJ9s6m-18Dfhrm7hwc2XFnyX7ppt0O8gNmlE,3916
-mm_std-0.4.16.dist-info/METADATA,sha256=_cSVs-cNmY9lZicgVuawtbNuG5vDmpn6rrFQY_bzwI4,415
-mm_std-0.4.16.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
-mm_std-0.4.16.dist-info/RECORD,,
+mm_std-0.4.17.dist-info/METADATA,sha256=0rG7NElzy9ZOLdx3hnag32xev6avidgXTZe46h85waU,414
+mm_std-0.4.17.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
+mm_std-0.4.17.dist-info/RECORD,,