High-security encryption library for Python
Project description
GBKomi v1.4.2
GBKomi is a high-security Python library for encryption, hashing, secure database storage, Telegram bot token management, and secure logging.
It is designed to provide military-grade security while remaining user-friendly for developers building bots, scripts, and applications.
This version (v1.4.2) introduces advanced multi-bot support, retry/lockout mechanisms, context-aware token and log management, and fully misuse-resistant APIs for Telegram bots.
🔹 Key Features
1️⃣ Military-Grade .gbtoken Security
- AES-256-GCM encryption with unique per-entry nonce
- Optional HMAC verification for cross-check
- KDF-based key derivation from password using PBKDF2
- Versioned
.gbtokenformat (GBT4|<salt>|<nonce>|<ciphertext>|<tag>) for future-proofing - Automatic secure deletion of sensitive data from RAM
- Misuse-resistant API: users cannot provide weak keys or nonce manually
- Multi-bot support: store multiple bot tokens in one
.gbtokenfile - Retry/lockout system: failed decrypt attempts tracked with persistent storage
Example:
from gbkomi import GBKomi, AESDecryptionError, HMACVerificationError
password = b"supersecurepassword"
gb = GBKomi(password)
# Encrypt token for Telegram bot
bot_tokens = {"bot1": "123456:ABC-DEF", "bot2": "654321:DEF-ABC"}
gb.save_to_file(".gbtoken", bot_tokens, associated_data=b"multi-bot")
# Decrypt with retry protection
try:
tokens = gb.load_from_file(".gbtoken", associated_data=b"multi-bot")
bot1_token = tokens["bot1"]
except (AESDecryptionError, HMACVerificationError) as e:
print("Decryption failed:", e)
2️⃣ Secure Logging for Bots (.gblog)
Each log entry encrypted individually with AES-GCM + HMAC
Associated data (bot ID or context) ensures tamper detection
Optional persistent retry/block counter for failed decrypt attempts
Replay-attack prevention with UUID + timestamp per log entry
Multi-bot support: separate log files per bot (bot1.gblog, bot2.gblog)
Secure append-only logging and optional clearing
Example:
from gbkomi import GBLog
log_password = b"anothersecurepass"
log = GBLog(log_password, retry_file=".retry_store.json")
log.append_log("bot1.gblog", "Bot token loaded successfully", associated_data=b"bot1")
entries = log.read_logs("bot1.gblog", associated_data=b"bot1")
print(entries)
3️⃣ Context-Aware Message Encryption
Encrypt messages with metadata: chat_id, message_id, timestamp
Prevents replay attacks
AEAD encryption ensures integrity
from gbkomi import context_encrypt, context_decrypt, generate_secure_key
key = generate_secure_key()
message = b"Sensitive message"
context = {"chat_id": 12345, "message_id": 678, "timestamp": 1700000000}
cipher = context_encrypt(message, key, context)
plain = context_decrypt(cipher, key, context)
print(plain.decode())
4️⃣ Streaming File Encryption
Encrypt large files chunk by chunk (>100MB)
Low memory footprint
AES-GCM with unique nonce per file
from gbkomi import encrypt_file_stream, decrypt_file_stream
key = generate_secure_key()
encrypt_file_stream("video.mp4", "video.enc", key)
decrypt_file_stream("video.enc", "video_decoded.mp4", key)
5️⃣ Secure Database Storage
Store JSON-compatible data securely
AES-GCM + HMAC verification
Tamper-proof even if database is compromised
Works with SQLite, PostgreSQL, MySQL
from gbkomi import db_encrypt, db_decrypt
key = generate_secure_key()
data = {"balance": 1000, "settings": {"theme": "dark"}}
cipher = db_encrypt(data, key)
plain = db_decrypt(cipher, key)
print(plain)
6️⃣ Telegram Bot Security Features
Multi-bot support in a single .gbtoken
Context-aware: token usage bound to bot or session
Secure rotation of bot tokens without data loss
Retry/lockout system prevents brute-force attempts
Optional auto key rotation
Secure logging via .gblog tied to bot context
🔹 Installation
pip install gbkomi==1.4.2
🔹 Supported Python Versions
Python 3.8+
Tested on 3.11
🔹 Best Practices
Always provide associated_data when encrypting tokens or logs.
Store .gbtoken and .gblog securely on disk; never commit passwords or tokens to GitHub.
Use long, random passwords for key derivation.
Regularly rotate bot tokens and encryption keys.
For production bots, enable monitoring on retry/block events.
🔹 Versioning Notes
.gbtoken format: GBT4|<salt>|<nonce>|<ciphertext>|<tag>
.gblog format: GBL2|<salt>|<nonce>|<ciphertext>|<tag>
Future versions will maintain backward compatibility via version headers.
🔹 Optional Advanced Features
Hardware-backed keys (HSM, TPM, secure enclave)
Encrypted configuration files for webhooks or bot settings (.gbconfig)
Multi-threaded log reading for very large log files
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
gbkomi-1.4.2.tar.gz
(9.8 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
gbkomi-1.4.2-py3-none-any.whl
(11.4 kB
view details)
File details
Details for the file gbkomi-1.4.2.tar.gz.
File metadata
- Download URL: gbkomi-1.4.2.tar.gz
- Upload date:
- Size: 9.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
d7caff1556dd37381b628bea0b2e5a37243061664e451a845e8a0df7eaca44f5
|
|
| MD5 |
084a5c960f2d757925e9711250b8d2df
|
|
| BLAKE2b-256 |
5ccf7be1aed21b0b8374c58df83456b7ea3b6c506dad232568d5c92edfe8763f
|
File details
Details for the file gbkomi-1.4.2-py3-none-any.whl.
File metadata
- Download URL: gbkomi-1.4.2-py3-none-any.whl
- Upload date:
- Size: 11.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
cd30957de2ede63082254525ab7c2dfa0f8324228eda05041558e23b84d5cdad
|
|
| MD5 |
05d7960f33731fc453b2ae81bcc1b6fd
|
|
| BLAKE2b-256 |
f9562e87caeee37fbfe09d68e1ecd34fe494ea4cbb9a67b0e155bbdb272a7f51
|
