mirror of
https://github.com/morpheus65535/bazarr
synced 2024-12-27 18:17:46 +00:00
52 lines
1.3 KiB
Python
52 lines
1.3 KiB
Python
"""Encryption module that uses pyca/cryptography"""
|
|
|
|
import os
|
|
import json
|
|
|
|
from cryptography.hazmat.backends import default_backend
|
|
from cryptography.hazmat.primitives.ciphers import (
|
|
Cipher, algorithms, modes
|
|
)
|
|
|
|
|
|
def aesEncrypt(data, key):
|
|
# Generate a random 96-bit IV.
|
|
iv = os.urandom(12)
|
|
|
|
# Construct an AES-GCM Cipher object with the given key and a
|
|
# randomly generated IV.
|
|
encryptor = Cipher(
|
|
algorithms.AES(key),
|
|
modes.GCM(iv),
|
|
backend=default_backend()
|
|
).encryptor()
|
|
|
|
# Encrypt the plaintext and get the associated ciphertext.
|
|
# GCM does not require padding.
|
|
ciphertext = encryptor.update(data) + encryptor.finalize()
|
|
|
|
return iv + encryptor.tag + ciphertext
|
|
|
|
|
|
def aesDecrypt(data, key):
|
|
iv = data[:12]
|
|
tag = data[12:28]
|
|
ciphertext = data[28:]
|
|
|
|
# Construct a Cipher object, with the key, iv, and additionally the
|
|
# GCM tag used for authenticating the message.
|
|
decryptor = Cipher(
|
|
algorithms.AES(key),
|
|
modes.GCM(iv, tag),
|
|
backend=default_backend()
|
|
).decryptor()
|
|
|
|
# Decryption gets us the authenticated plaintext.
|
|
# If the tag does not match an InvalidTag exception will be raised.
|
|
return decryptor.update(ciphertext) + decryptor.finalize()
|
|
|
|
|
|
has_aes = True
|
|
|
|
def getKeyLength():
|
|
return 32
|