rapid interations of server side app and firefox extension
This commit is contained in:
@@ -0,0 +1,46 @@
|
||||
"""Credential encryption utilities."""
|
||||
|
||||
import base64
|
||||
from cryptography.fernet import Fernet
|
||||
from cryptography.hazmat.primitives import hashes
|
||||
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
|
||||
|
||||
|
||||
def _get_fernet(secret_key: str) -> Fernet:
|
||||
"""Derive a Fernet key from the secret key."""
|
||||
kdf = PBKDF2HMAC(
|
||||
algorithm=hashes.SHA256(),
|
||||
length=32,
|
||||
salt=b"gallery-subscriber-salt", # Static salt is OK for this use case
|
||||
iterations=100000,
|
||||
)
|
||||
derived_key = base64.urlsafe_b64encode(kdf.derive(secret_key.encode()))
|
||||
return Fernet(derived_key)
|
||||
|
||||
|
||||
def encrypt_data(data: str, secret_key: str) -> bytes:
|
||||
"""Encrypt string data using the secret key.
|
||||
|
||||
Args:
|
||||
data: Plain text data to encrypt
|
||||
secret_key: Application secret key
|
||||
|
||||
Returns:
|
||||
Encrypted bytes
|
||||
"""
|
||||
fernet = _get_fernet(secret_key)
|
||||
return fernet.encrypt(data.encode())
|
||||
|
||||
|
||||
def decrypt_data(encrypted: bytes, secret_key: str) -> str:
|
||||
"""Decrypt data using the secret key.
|
||||
|
||||
Args:
|
||||
encrypted: Encrypted bytes
|
||||
secret_key: Application secret key
|
||||
|
||||
Returns:
|
||||
Decrypted string
|
||||
"""
|
||||
fernet = _get_fernet(secret_key)
|
||||
return fernet.decrypt(encrypted).decode()
|
||||
Reference in New Issue
Block a user