m2secret is a simple encryption and decryption module and CLI utility built with the M2Crypto library (version 0.18 or later) to make it easy to secure strings and files from prying eyes. The serialized form does not follow any standards.
By default it will use 256-bit AES (Rijndael) symmetric-key cryptography in CBC mode. Key material is derived from submitted password using the PBKDF2 algorithm.
import m2secret
# Encrypt
secret = m2secret.Secret()
secret.encrypt('my data', 'my master password')
serialized = secret.serialize()
# Decrypt
secret = m2secret.Secret()
secret.deserialize(serialized)
data = secret.decrypt('my master password')
assert data == 'my data'
I have found the following two books invaluable when dealing with OpenSSL-based software as well as learning to select safe cryptographic primitives and using them appropriately:
m2secret is Open Source software, licensed under the Apache License, 2.0.
Download from Python Package Index aka Cheeseshop, or just easy_install m2secret.
The source is available from Subversion at http://svn.heikkitoivonen.net/svn/m2secret/trunk/
Bugs, suggestions for improvements, patches and so on are welcome.
--Heikki Toivonen <My first name at heikkitoivonen.net>