I'm very new to encryption, I need to encode a simple string like 'ABC123'
into something similar to that '3d3cf25845f3aae505bafbc1c8f16d0bfdea7d70f6b141c21726da8d'
.
I first tried this:
>>> import base64
>>> q = 'ABC123'
>>> w = base64.encodestring(q)
>>> w
'QUJDMTIz\n'
But it's to short, I need something longer, than I tried this:
>>> import hashlib
>>> a = hashlib.sha224(q)
>>> a.hexdigest()
'3d3cf25845f3aae505bafbc1c8f16d0bfdea7d70f6b141c21726da8d'
This is good, but now I don't know how to convert it back. If some one can help me eather with this example or suggest something else, how I can encode/decode a small string into a something longer, would be great.
based on plockc
answer I did this, and it seems to work:
from Crypto.Cipher import AES # encryption library
BLOCK_SIZE = 32
# the character used for padding--with a block cipher such as AES, the value
# you encrypt must be a multiple of BLOCK_SIZE in length. This character is
# used to ensure that your value is always a multiple of BLOCK_SIZE
PADDING = '{'
# one-liner to sufficiently pad the text to be encrypted
pad = lambda s: s + (BLOCK_SIZE - len(s) % BLOCK_SIZE) * PADDING
# one-liners to encrypt/encode and decrypt/decode a string
# encrypt with AES, encode with base64
EncodeAES = lambda c, s: base64.b64encode(c.encrypt(pad(s)))
DecodeAES = lambda c, e: c.decrypt(base64.b64decode(e)).rstrip(PADDING)
# create a cipher object using the random secret
cipher = AES.new('aaaaaaaaaa123456')
# encode a string
encoded = EncodeAES(cipher, 'ABC123')
print 'Encrypted string: %s' % encoded
# decode the encoded string
decoded = DecodeAES(cipher, encoded)
print 'Decrypted string: %s' % decoded
You probably need to elaborate on how you are going to use it and why, as you have just opened Pandora's box :)
An encoding is reversible and should only be used to make data fit into something else (like base 64 binary data when you can only use text), a hash (like sha224) is not supposed to be reversible.
If you want to verify a user entering a password, you hash it (with like sha224) and store the hash, then when the user enters password again, you hash their entry and compare. This is the simplified version, you also need to add "salt" to avoid a simple "dictionary attack". I won't elaborate as that wasn't the question you asked.
To quickly answer your question you want an encryption library, like the cipher AES-128, which has a secret key and with the key you can recover the original data. There will be some details in the library on how to create the key (it has to be a specific length and will be manipulated to make it that length). If your key is based on simple passwords, go look at PBKDF2, which makes a strong encryption key from a weak password.
Don't confuse hmac as encryption (hmac uses another function, like the hashing function sha224), if the receiver of a messages shares a hmac key with the sender, they can "authenticate" that the message can from the sender, and it came without alteration.
Good luck!
P.S. here is a good book if you really want to start digging in: Cryptography Engineering: Design Principles and Practical Applications
A popular related answer: https://stackoverflow.com/a/4948393/1322463
Wikipedia has good articles too.