Fix file encryption

Signed-off-by: Tiago Garcia <tiago.rgarcia@ua.pt>
This commit is contained in:
Tiago Garcia 2024-12-11 22:57:41 +00:00
parent 511458f770
commit 62272039d6
Signed by: TiagoRG
GPG Key ID: DFCD48E3F420DB42
5 changed files with 38 additions and 33 deletions

View File

@ -51,10 +51,10 @@ def addDoc(args):
args.session = json.load(f) args.session = json.load(f)
#Encrypt content #Encrypt content
key, content, nonce = encrypt_file(BASE_DIR + args.file, BASE_DIR + 'encryptedText') key, content = encrypt_file(BASE_DIR + args.file, BASE_DIR + 'encryptedText')
#Upload document metadata #Upload document metadata
doc = {'document_name' : args.name, 'key' : key.hex(), 'alg' : 'AES-CFB', 'nonce' : nonce.hex() } doc = {'document_name' : args.name, 'key' : key.hex(), 'alg' : 'AES-CFB' }
try: try:
req = requests.post(f'http://{state['REP_ADDRESS']}/file/upload/metadata', json=json.dumps(doc), req = requests.post(f'http://{state['REP_ADDRESS']}/file/upload/metadata', json=json.dumps(doc),

View File

@ -6,41 +6,49 @@ from cryptography.hazmat.backends import default_backend
# Function to encrypt a file using a salt # Function to encrypt a file using a salt
def encrypt_file(input_file, output_file=None): def encrypt_file(input_file, output_file=None):
key = os.urandom(16) key = os.urandom(16)
iv = os.urandom(16) iv = os.urandom(16)
cipher = Cipher(algorithms.AES(key), modes.CFB(iv)) cipher = Cipher(algorithms.AES(key), modes.CFB(iv))
encryptor = cipher.encryptor() encryptor = cipher.encryptor()
with open(input_file, 'rb') as f: encrypted_content = b""
plaintext = f.read()
ciphertext = encryptor.update(plaintext) + encryptor.finalize() if output_file is not None:
ciphertext = iv + ciphertext with open(input_file, 'rb') as infile, open(output_file, 'wb') as outfile:
# Write the IV to the output file first
outfile.write(iv)
encrypted_content += iv
if output_file is not None: while chunk := infile.read(2048):
with open(output_file, 'wb') as f: ciphertext = encryptor.update(chunk)
f.write(ciphertext) outfile.write(ciphertext)
encrypted_content += ciphertext
print(iv.hex()) # Finalize encryption
final_chunk = encryptor.finalize()
outfile.write(final_chunk)
encrypted_content += final_chunk
return key, ciphertext, iv return key, encrypted_content
# Function to decrypt a file # Function to decrypt a file
def decrypt_file(nonce, key, input_file, output_file=None): def decrypt_file(key, input_file, output_file=None):
with open(input_file, 'rb') as f: with open(input_file, 'rb') as infile:
encrypted_data = f.read() # Read the IV from the input file
iv = infile.read(16)
cipher = Cipher(algorithms.AES(key), modes.CFB(iv))
decryptor = cipher.decryptor()
ciphertext = encrypted_data if output_file is not None:
with open(output_file, 'wb') as outfile:
while chunk := infile.read(2048):
plaintext = decryptor.update(chunk)
outfile.write(plaintext)
cipher = Cipher(algorithms.AES(key), modes.CFB(nonce)) # Finalize decryption
decryptor = cipher.decryptor() outfile.write(decryptor.finalize())
plaintext = decryptor.update(ciphertext) + decryptor.finalize() return True
if output_file is not None:
with open(output_file, 'wb') as f:
f.write(plaintext)
return plaintext.hex()

View File

@ -11,7 +11,6 @@ class File(db_connection.Model):
created_at = db_connection.Column(db_connection.Integer, nullable=False) created_at = db_connection.Column(db_connection.Integer, nullable=False)
key = db_connection.Column(db_connection.String, nullable=False) key = db_connection.Column(db_connection.String, nullable=False)
alg = db_connection.Column(db_connection.String, nullable=False) alg = db_connection.Column(db_connection.String, nullable=False)
nonce = db_connection.Column(db_connection.String, nullable=False)
org_id = db_connection.Column(db_connection.Integer, db_connection.ForeignKey('organizations.id'), nullable=False) org_id = db_connection.Column(db_connection.Integer, db_connection.ForeignKey('organizations.id'), nullable=False)
creator_id = db_connection.Column(db_connection.Integer, db_connection.ForeignKey('users.id'), nullable=False) creator_id = db_connection.Column(db_connection.Integer, db_connection.ForeignKey('users.id'), nullable=False)
org = db_connection.relationship('Organization', backref=db_connection.backref('org_files', uselist=False)) org = db_connection.relationship('Organization', backref=db_connection.backref('org_files', uselist=False))
@ -26,7 +25,6 @@ class File(db_connection.Model):
"created_at": self.created_at, "created_at": self.created_at,
"key": self.key, "key": self.key,
"alg": self.alg, "alg": self.alg,
"nonce": self.nonce,
"org": {"id": self.org.id, "name": self.org.name}, "org": {"id": self.org.id, "name": self.org.name},
"creator": {"id": self.creator.id, "username": self.creator.username} "creator": {"id": self.creator.id, "username": self.creator.username}
} }

View File

@ -48,7 +48,7 @@ def file_upload_metadata():
data = request.json data = request.json
if type(data) is str: if type(data) is str:
data = json.loads(data) data = json.loads(data)
if "document_name" not in data or "key" not in data or "alg" not in data or "nonce" not in data: if "document_name" not in data or "key" not in data or "alg" not in data:
return jsonify({"error": "Missing required fields"}), 400 return jsonify({"error": "Missing required fields"}), 400
org = OrganizationService.get_organization(session.org_id) org = OrganizationService.get_organization(session.org_id)
@ -59,7 +59,7 @@ def file_upload_metadata():
if not user: if not user:
return jsonify({"error": "User not found"}), 404 return jsonify({"error": "User not found"}), 404
file = upload_service.create_file(session.token, org, user, data["document_name"], data["key"], data["alg"], data["nonce"]) file = upload_service.create_file(session.token, org, user, data["document_name"], data["key"], data["alg"])
return jsonify(file.to_dict()), 201 return jsonify(file.to_dict()), 201

View File

@ -13,7 +13,7 @@ class FileService:
def __init__(self): def __init__(self):
self.current_requests = {} self.current_requests = {}
def create_file(self, session_token: str, org: Organization, user: User, file_name: str, key: str, alg: str, nonce: str) -> File: def create_file(self, session_token: str, org: Organization, user: User, file_name: str, key: str, alg: str) -> File:
file = File( file = File(
file_handle = None, file_handle = None,
document_handle = get_hash(file_name), document_handle = get_hash(file_name),
@ -21,7 +21,6 @@ class FileService:
created_at = int(datetime.now().timestamp()), created_at = int(datetime.now().timestamp()),
key = key, key = key,
alg = alg, alg = alg,
nonce = nonce,
org_id = org.id, org_id = org.id,
creator_id = user.id, creator_id = user.id,
org = org, org = org,