This application relies on the following Python modules and libraries (as imported at the top of secure_journal.py):
tkinter for GUI components and dialogs import tkinter as tkcryptography primitives for key derivation and encryption (Scrypt and AESGCM)base64, os, sys, gzip, json, datetime, gc, secrets, re, string, contextmanagerenchant for spell‑checking journal entrieswin32security and ntsecuritycon) for setting file permissionsThese imports establish the core functionality: GUI, secure key derivation & encryption, file I/O, spell‑checking, and optional platform‑specific enhancements.
Import list sourced from secure_journal.py fileciteturn1file3.
# derive a 32-byte key from the passphrase
kdf = Scrypt(
salt=secrets.token_bytes(16),
length=32,
n=2**14, r=8, p=1,
)
key = kdf.derive(password.encode())
This uses Scrypt to turn your passphrase into a strong symmetric key.
aesgcm = AESGCM(key)
nonce = secrets.token_bytes(12)
ciphertext = aesgcm.encrypt(nonce, message.encode(), None)
record = {
"nonce": base64.b64encode(nonce).decode(),
"entry": base64.b64encode(ciphertext).decode()
}
AES-GCM provides both confidentiality and integrity.
with gzip.open('journal.json.gz', 'wt', encoding='utf-8') as f:
json.dump(data_list, f, indent=4)
Gzip shrinks the file and JSON ensures structured storage.
with gzip.open('journal.json.gz', 'rt', encoding='utf-8') as f:
data_list = json.load(f)
plaintext = aesgcm.decrypt(nonce, ciphertext, None).decode()
Reverses the write steps to retrieve your journal text.
All encryption calls are wrapped in GUI methods with proper password prompts and session timeouts.