KTVManager_Backend/ktvmanager/lib/encryption.py

import os
from Crypto.Cipher import AES
from Crypto.Protocol.KDF import PBKDF2
from Crypto.Random import get_random_bytes

SECRET = "BBLBTV-DNS-PASSWORDS"
SALT_SIZE = 16
KEY_SIZE = 32
ITERATIONS = 100000

def encrypt_password(clear_string):
    salt = get_random_bytes(SALT_SIZE)
    key = PBKDF2(SECRET, salt, dkLen=KEY_SIZE, count=ITERATIONS)
    cipher = AES.new(key, AES.MODE_GCM)
    ciphertext, tag = cipher.encrypt_and_digest(clear_string.encode())
    return (salt + cipher.nonce + tag + ciphertext).hex()

def decrypt_password(encrypted_string):
    data = bytes.fromhex(encrypted_string)
    salt = data[:SALT_SIZE]
    nonce = data[SALT_SIZE:SALT_SIZE + 16]
    tag = data[SALT_SIZE + 16:SALT_SIZE + 32]
    ciphertext = data[SALT_SIZE + 32:]
    key = PBKDF2(SECRET, salt, dkLen=KEY_SIZE, count=ITERATIONS)
    cipher = AES.new(key, AES.MODE_GCM, nonce=nonce)
    return cipher.decrypt_and_verify(ciphertext, tag).decode()
latest working sample 2025-05-10 13:58:58 +01:00			`import os`
refactor(security): improve encryption using PyCryptodome and PBKDF2 Replace the `cryptography` library with `pycryptodome` for password encryption. The previous implementation used AES-GCM with a static key derived from a hardcoded secret. This change introduces a more robust security model by: - Using PBKDF2 to derive the encryption key from the secret. - Adding a unique, randomly generated salt for each encrypted password. This significantly enhances security by protecting against rainbow table and pre-computation attacks. BREAKING CHANGE: The password encryption format has changed. All previously encrypted passwords stored in the database are now invalid and will need to be reset. 2025-07-14 11:55:13 +01:00			`from Crypto.Cipher import AES`
			`from Crypto.Protocol.KDF import PBKDF2`
			`from Crypto.Random import get_random_bytes`
latest working sample 2025-05-10 13:58:58 +01:00
feat(security): implement AES-GCM for password encryption Replaces the `pyeasyencrypt` library with a more robust and standard encryption implementation using `cryptography.hazmat`. This commit introduces AES-256-GCM for encrypting and decrypting user account passwords. The `add_account` endpoint now properly encrypts passwords before database insertion. Error handling has been added to the `get_user_accounts` endpoint to manage decryption failures for legacy passwords, which will be returned as "DECRYPTION_FAILED". BREAKING CHANGE: The password encryption algorithm has been changed. All previously stored passwords are now invalid and cannot be decrypted. 2025-07-14 11:12:13 +01:00			`SECRET = "BBLBTV-DNS-PASSWORDS"`
refactor(security): improve encryption using PyCryptodome and PBKDF2 Replace the `cryptography` library with `pycryptodome` for password encryption. The previous implementation used AES-GCM with a static key derived from a hardcoded secret. This change introduces a more robust security model by: - Using PBKDF2 to derive the encryption key from the secret. - Adding a unique, randomly generated salt for each encrypted password. This significantly enhances security by protecting against rainbow table and pre-computation attacks. BREAKING CHANGE: The password encryption format has changed. All previously encrypted passwords stored in the database are now invalid and will need to be reset. 2025-07-14 11:55:13 +01:00			`SALT_SIZE = 16`
			`KEY_SIZE = 32`
			`ITERATIONS = 100000`
latest working sample 2025-05-10 13:58:58 +01:00
			`def encrypt_password(clear_string):`
refactor(security): improve encryption using PyCryptodome and PBKDF2 Replace the `cryptography` library with `pycryptodome` for password encryption. The previous implementation used AES-GCM with a static key derived from a hardcoded secret. This change introduces a more robust security model by: - Using PBKDF2 to derive the encryption key from the secret. - Adding a unique, randomly generated salt for each encrypted password. This significantly enhances security by protecting against rainbow table and pre-computation attacks. BREAKING CHANGE: The password encryption format has changed. All previously encrypted passwords stored in the database are now invalid and will need to be reset. 2025-07-14 11:55:13 +01:00			`salt = get_random_bytes(SALT_SIZE)`
			`key = PBKDF2(SECRET, salt, dkLen=KEY_SIZE, count=ITERATIONS)`
			`cipher = AES.new(key, AES.MODE_GCM)`
			`ciphertext, tag = cipher.encrypt_and_digest(clear_string.encode())`
			`return (salt + cipher.nonce + tag + ciphertext).hex()`
latest working sample 2025-05-10 13:58:58 +01:00
			`def decrypt_password(encrypted_string):`
feat(security): implement AES-GCM for password encryption Replaces the `pyeasyencrypt` library with a more robust and standard encryption implementation using `cryptography.hazmat`. This commit introduces AES-256-GCM for encrypting and decrypting user account passwords. The `add_account` endpoint now properly encrypts passwords before database insertion. Error handling has been added to the `get_user_accounts` endpoint to manage decryption failures for legacy passwords, which will be returned as "DECRYPTION_FAILED". BREAKING CHANGE: The password encryption algorithm has been changed. All previously stored passwords are now invalid and cannot be decrypted. 2025-07-14 11:12:13 +01:00			`data = bytes.fromhex(encrypted_string)`
refactor(security): improve encryption using PyCryptodome and PBKDF2 Replace the `cryptography` library with `pycryptodome` for password encryption. The previous implementation used AES-GCM with a static key derived from a hardcoded secret. This change introduces a more robust security model by: - Using PBKDF2 to derive the encryption key from the secret. - Adding a unique, randomly generated salt for each encrypted password. This significantly enhances security by protecting against rainbow table and pre-computation attacks. BREAKING CHANGE: The password encryption format has changed. All previously encrypted passwords stored in the database are now invalid and will need to be reset. 2025-07-14 11:55:13 +01:00			`salt = data[:SALT_SIZE]`
			`nonce = data[SALT_SIZE:SALT_SIZE + 16]`
			`tag = data[SALT_SIZE + 16:SALT_SIZE + 32]`
			`ciphertext = data[SALT_SIZE + 32:]`
			`key = PBKDF2(SECRET, salt, dkLen=KEY_SIZE, count=ITERATIONS)`
			`cipher = AES.new(key, AES.MODE_GCM, nonce=nonce)`
			`return cipher.decrypt_and_verify(ciphertext, tag).decode()`