You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
51 lines
1.8 KiB
51 lines
1.8 KiB
from Crypto.Cipher import AES
|
|
import base64
|
|
import os
|
|
from .config_local import CRYPTO_KEY
|
|
|
|
class EncryptionUtil:
|
|
|
|
def __init__(self, key):
|
|
# In a real application, store this key securely (e.g., environment variables)
|
|
self.crypto_key = key
|
|
|
|
def encrypt_aes_gcm(self, plaintext):
|
|
# Decode the base64 encoded key
|
|
key = base64.b64decode(self.crypto_key)
|
|
|
|
# Generate a random 12-byte nonce
|
|
nonce = os.urandom(12)
|
|
|
|
# Create the cipher object
|
|
cipher = AES.new(key, AES.MODE_GCM, nonce=nonce)
|
|
|
|
# Encrypt the plaintext
|
|
ciphertext, tag = cipher.encrypt_and_digest(plaintext.encode('utf-8'))
|
|
|
|
# Combine nonce, ciphertext, and tag
|
|
encrypted_data = nonce + ciphertext + tag
|
|
|
|
# Encode the result in base64
|
|
encrypted_base64 = base64.b64encode(encrypted_data).decode('utf-8')
|
|
|
|
return encrypted_base64
|
|
|
|
def decrypt_aes_gcm(self, encrypted_base64):
|
|
# Decode the base64 encoded data and key
|
|
encrypted_data = base64.b64decode(encrypted_base64)
|
|
key = base64.b64decode(self.crypto_key)
|
|
|
|
# Extract the nonce, tag, and ciphertext from the combined encrypted data
|
|
nonce = encrypted_data[:12] # AES GCM nonce is 12 bytes
|
|
tag = encrypted_data[-16:] # AES GCM tag is 16 bytes
|
|
ciphertext = encrypted_data[12:-16] # Ciphertext is everything in between
|
|
|
|
# Create the cipher object and decrypt the data
|
|
cipher = AES.new(key, AES.MODE_GCM, nonce=nonce)
|
|
decrypted_data = cipher.decrypt_and_verify(ciphertext, tag)
|
|
|
|
# Convert decrypted bytes to string (assuming UTF-8 encoding)
|
|
decrypted_text = decrypted_data.decode('utf-8')
|
|
return decrypted_text
|
|
|
|
encryption_util = EncryptionUtil(CRYPTO_KEY)
|
|
|