sio-2425/delivery2/client/bin/lib/symmetric_encryption.py

import os
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.backends import default_backend

# Function to encrypt a file using a salt
def encrypt_file(input_file, output_file=None):
    key = os.urandom(16)
    iv = os.urandom(16)

    cipher = Cipher(algorithms.AES(key), modes.CFB(iv))
    encryptor = cipher.encryptor()

    encrypted_content = b""

    if output_file is not None:
        with open(input_file, 'rb') as infile, open(output_file, 'wb') as outfile:
            # Write the IV to the output file first
            outfile.write(iv)
            encrypted_content += iv

            while chunk := infile.read(2048):
                ciphertext = encryptor.update(chunk)
                outfile.write(ciphertext)
                encrypted_content += ciphertext

            # Finalize encryption
            final_chunk = encryptor.finalize()
            outfile.write(final_chunk)
            encrypted_content += final_chunk

    return key, encrypted_content


# Function to decrypt a file
def decrypt_file(key, input_file, output_file=None) -> str:
    plaintext_content = b""

    with open(input_file, 'rb') as infile:
        # Read the IV from the input file
        iv = infile.read(16)
        cipher = Cipher(algorithms.AES(key), modes.CFB(iv))
        decryptor = cipher.decryptor()

        if output_file is not None:
            with open(output_file, 'wb') as outfile:
                while chunk := infile.read(2048):
                    plaintext = decryptor.update(chunk)
                    outfile.write(plaintext)
                    plaintext_content += plaintext

                # Finalize decryption
                final_chunk = decryptor.finalize()
                outfile.write(final_chunk)
                plaintext_content += final_chunk
        else:
            while chunk := infile.read(2048):
                plaintext = decryptor.update(chunk)
                plaintext_content += plaintext

            # Finalize decryption
            plaintext_content += decryptor.finalize()

    try:
        return plaintext_content.decode()
    except UnicodeDecodeError:
        return plaintext_content


def encrypt_response_with_iv(input_string: str) -> bytes:
    iv = os.urandom(16)
    cipher = Cipher(algorithms.AES(iv), modes.CFB(iv))
    encryptor = cipher.encryptor()

    plaintext_bytes = input_string.encode('utf-8')
    ciphertext = encryptor.update(plaintext_bytes) + encryptor.finalize()

    encrypted_data = iv + ciphertext

    return encrypted_data

def decrypt_request_with_iv(encrypted_data: bytes) -> str:
    iv = encrypted_data[:16]
    ciphertext = encrypted_data[16:]

    cipher = Cipher(algorithms.AES(iv), modes.CFB(iv))
    decryptor = cipher.decryptor()

    plaintext_bytes = decryptor.update(ciphertext) + decryptor.finalize()

    return plaintext_bytes.decode('utf-8')
Init delivery2 Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-11 16:18:12 +00:00			`import os`
			`from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC`
			`from cryptography.hazmat.primitives import hashes`
			`from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes`
			`from cryptography.hazmat.backends import default_backend`

			`# Function to encrypt a file using a salt`
			`def encrypt_file(input_file, output_file=None):`
Fix file encryption Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-11 22:57:41 +00:00			`key = os.urandom(16)`
			`iv = os.urandom(16)`
Init delivery2 Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-11 16:18:12 +00:00
Fix file encryption Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-11 22:57:41 +00:00			`cipher = Cipher(algorithms.AES(key), modes.CFB(iv))`
			`encryptor = cipher.encryptor()`
Init delivery2 Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-11 16:18:12 +00:00
Fix file encryption Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-11 22:57:41 +00:00			`encrypted_content = b""`
Init delivery2 Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-11 16:18:12 +00:00
Fix file encryption Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-11 22:57:41 +00:00			`if output_file is not None:`
			`with open(input_file, 'rb') as infile, open(output_file, 'wb') as outfile:`
			`# Write the IV to the output file first`
			`outfile.write(iv)`
			`encrypted_content += iv`
Init delivery2 Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-11 16:18:12 +00:00
Fix file encryption Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-11 22:57:41 +00:00			`while chunk := infile.read(2048):`
			`ciphertext = encryptor.update(chunk)`
			`outfile.write(ciphertext)`
			`encrypted_content += ciphertext`
Init delivery2 Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-11 16:18:12 +00:00
Fix file encryption Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-11 22:57:41 +00:00			`# Finalize encryption`
			`final_chunk = encryptor.finalize()`
			`outfile.write(final_chunk)`
			`encrypted_content += final_chunk`
Init delivery2 Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-11 16:18:12 +00:00
Fix file encryption Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-11 22:57:41 +00:00			`return key, encrypted_content`
Init delivery2 Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-11 16:18:12 +00:00

			`# Function to decrypt a file`
add login Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-17 00:39:52 +00:00			`def decrypt_file(key, input_file, output_file=None) -> str:`
Make decrypt_file return the plaintext content Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-11 23:15:59 +00:00			`plaintext_content = b""`

Fix file encryption Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-11 22:57:41 +00:00			`with open(input_file, 'rb') as infile:`
			`# Read the IV from the input file`
			`iv = infile.read(16)`
			`cipher = Cipher(algorithms.AES(key), modes.CFB(iv))`
			`decryptor = cipher.decryptor()`
Init delivery2 Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-11 16:18:12 +00:00
Fix file encryption Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-11 22:57:41 +00:00			`if output_file is not None:`
			`with open(output_file, 'wb') as outfile:`
			`while chunk := infile.read(2048):`
			`plaintext = decryptor.update(chunk)`
			`outfile.write(plaintext)`
Make decrypt_file return the plaintext content Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-11 23:15:59 +00:00			`plaintext_content += plaintext`
Init delivery2 Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-11 16:18:12 +00:00
Fix file encryption Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-11 22:57:41 +00:00			`# Finalize decryption`
Make decrypt_file return the plaintext content Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-11 23:15:59 +00:00			`final_chunk = decryptor.finalize()`
			`outfile.write(final_chunk)`
			`plaintext_content += final_chunk`
			`else:`
			`while chunk := infile.read(2048):`
			`plaintext = decryptor.update(chunk)`
			`plaintext_content += plaintext`

			`# Finalize decryption`
			`plaintext_content += decryptor.finalize()`
Init delivery2 Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-11 16:18:12 +00:00
Fix file retrieve Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-18 14:41:51 +00:00			`try:`
			`return plaintext_content.decode()`
			`except UnicodeDecodeError:`
			`return plaintext_content`
Init delivery2 Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-11 16:18:12 +00:00
Implement server/client security Co-authored-by: Rúben Gomes <rlcg@ua.pt> Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt> 2024-12-19 23:46:31 +00:00
			`def encrypt_response_with_iv(input_string: str) -> bytes:`
			`iv = os.urandom(16)`
			`cipher = Cipher(algorithms.AES(iv), modes.CFB(iv))`
			`encryptor = cipher.encryptor()`

			`plaintext_bytes = input_string.encode('utf-8')`
			`ciphertext = encryptor.update(plaintext_bytes) + encryptor.finalize()`

			`encrypted_data = iv + ciphertext`

			`return encrypted_data`

			`def decrypt_request_with_iv(encrypted_data: bytes) -> str:`
			`iv = encrypted_data[:16]`
			`ciphertext = encrypted_data[16:]`

			`cipher = Cipher(algorithms.AES(iv), modes.CFB(iv))`
			`decryptor = cipher.decryptor()`

			`plaintext_bytes = decryptor.update(ciphertext) + decryptor.finalize()`

			`return plaintext_bytes.decode('utf-8')`