mirror of https://github.com/morpheus65535/bazarr
53 lines
1.3 KiB
Python
53 lines
1.3 KiB
Python
|
"""Encryption module that uses pyca/cryptography"""
|
||
|
|
||
|
import os
|
||
|
import json
|
||
|
|
||
|
from cryptography.hazmat.backends import default_backend
|
||
|
from cryptography.hazmat.primitives.ciphers import (
|
||
|
Cipher, algorithms, modes
|
||
|
)
|
||
|
|
||
|
|
||
|
def aesEncrypt(data, key):
|
||
|
# Generate a random 96-bit IV.
|
||
|
iv = os.urandom(12)
|
||
|
|
||
|
# Construct an AES-GCM Cipher object with the given key and a
|
||
|
# randomly generated IV.
|
||
|
encryptor = Cipher(
|
||
|
algorithms.AES(key),
|
||
|
modes.GCM(iv),
|
||
|
backend=default_backend()
|
||
|
).encryptor()
|
||
|
|
||
|
# Encrypt the plaintext and get the associated ciphertext.
|
||
|
# GCM does not require padding.
|
||
|
ciphertext = encryptor.update(data) + encryptor.finalize()
|
||
|
|
||
|
return iv + encryptor.tag + ciphertext
|
||
|
|
||
|
|
||
|
def aesDecrypt(data, key):
|
||
|
iv = data[:12]
|
||
|
tag = data[12:28]
|
||
|
ciphertext = data[28:]
|
||
|
|
||
|
# Construct a Cipher object, with the key, iv, and additionally the
|
||
|
# GCM tag used for authenticating the message.
|
||
|
decryptor = Cipher(
|
||
|
algorithms.AES(key),
|
||
|
modes.GCM(iv, tag),
|
||
|
backend=default_backend()
|
||
|
).decryptor()
|
||
|
|
||
|
# Decryption gets us the authenticated plaintext.
|
||
|
# If the tag does not match an InvalidTag exception will be raised.
|
||
|
return decryptor.update(ciphertext) + decryptor.finalize()
|
||
|
|
||
|
|
||
|
has_aes = True
|
||
|
|
||
|
def getKeyLength():
|
||
|
return 32
|