ciyidogan commited on
Commit
b1b77d5
·
verified ·
1 Parent(s): 2b3f128

Update utils/encryption_utils.py

Browse files
Files changed (1) hide show
  1. utils/encryption_utils.py +87 -15
utils/encryption_utils.py CHANGED
@@ -1,22 +1,29 @@
1
  """
2
  Flare – Fernet şifreleme yardımcıları
3
- - encrypt(): düz string → "enc:<blob>"
4
- - decrypt(): enc:<blob> → düz string (veya enc: yoksa aynen döner)
5
- Anahtar: FLARE_TOKEN_KEY (32-bayt, base64, URL-safe)
 
 
 
 
6
  """
7
 
8
  import os
 
 
9
  from typing import Optional
10
  from cryptography.fernet import Fernet, InvalidToken
11
  from .logger import log_error, log_warning
12
 
13
  _ENV_KEY = "FLARE_TOKEN_KEY"
14
 
 
15
  def _get_key() -> Fernet:
16
  """Get encryption key with better error messages"""
17
  # Direkt environment variable kullan
18
  key = os.getenv(_ENV_KEY)
19
-
20
  # .env dosyasından yüklemeyi dene
21
  if not key:
22
  try:
@@ -25,7 +32,7 @@ def _get_key() -> Fernet:
25
  key = os.getenv(_ENV_KEY)
26
  except ImportError:
27
  pass
28
-
29
  if not key:
30
  error_msg = (
31
  f"{_ENV_KEY} ortam değişkeni tanımlanmadı. "
@@ -33,7 +40,7 @@ def _get_key() -> Fernet:
33
  )
34
  log_error(error_msg)
35
  raise RuntimeError(error_msg)
36
-
37
  # Key formatını kontrol et
38
  try:
39
  return Fernet(key.encode())
@@ -46,32 +53,42 @@ def _get_key() -> Fernet:
46
  log_error(error_msg, error=str(e))
47
  raise RuntimeError(error_msg)
48
 
49
- def encrypt(plain: str) -> str:
 
50
  """düz string → enc:..."""
51
  if not plain:
52
  log_warning("Empty string passed to encrypt")
53
  return ""
54
-
55
  try:
56
- f = _get_key()
 
 
 
 
57
  encrypted = f.encrypt(plain.encode()).decode()
58
  return "enc:" + encrypted
59
  except Exception as e:
60
  log_error("Encryption failed", error=str(e))
61
  raise
62
 
63
- def decrypt(value: Optional[str]) -> Optional[str]:
 
64
  """enc:... ise çözer, değilse aynen döndürür"""
65
  if value is None or not isinstance(value, str):
66
  return value
67
-
68
  if not value.startswith("enc:"):
69
  return value
70
-
71
  token = value.split("enc:", 1)[1]
72
-
73
  try:
74
- f = _get_key()
 
 
 
 
75
  decrypted = f.decrypt(token.encode()).decode()
76
  return decrypted
77
  except InvalidToken:
@@ -85,4 +102,59 @@ def decrypt(value: Optional[str]) -> Optional[str]:
85
  raise RuntimeError(error_msg)
86
  except Exception as e:
87
  log_error("Decryption error", error=str(e))
88
- raise
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
  """
2
  Flare – Fernet şifreleme yardımcıları
3
+ - encrypt(): düz string → "enc:<blob>"
4
+ - decrypt(): enc:<blob> → düz string (veya enc: yoksa aynen döner)
5
+ Anahtar: FLARE_TOKEN_KEY (32-bayt, base64, URL-safe)
6
+
7
+ CLI Kullanımı:
8
+ python encryption_utils.py enc "şifrelenecek metin" [--key KEY]
9
+ python encryption_utils.py dec "enc:..." [--key KEY]
10
  """
11
 
12
  import os
13
+ import sys
14
+ import argparse
15
  from typing import Optional
16
  from cryptography.fernet import Fernet, InvalidToken
17
  from .logger import log_error, log_warning
18
 
19
  _ENV_KEY = "FLARE_TOKEN_KEY"
20
 
21
+
22
  def _get_key() -> Fernet:
23
  """Get encryption key with better error messages"""
24
  # Direkt environment variable kullan
25
  key = os.getenv(_ENV_KEY)
26
+
27
  # .env dosyasından yüklemeyi dene
28
  if not key:
29
  try:
 
32
  key = os.getenv(_ENV_KEY)
33
  except ImportError:
34
  pass
35
+
36
  if not key:
37
  error_msg = (
38
  f"{_ENV_KEY} ortam değişkeni tanımlanmadı. "
 
40
  )
41
  log_error(error_msg)
42
  raise RuntimeError(error_msg)
43
+
44
  # Key formatını kontrol et
45
  try:
46
  return Fernet(key.encode())
 
53
  log_error(error_msg, error=str(e))
54
  raise RuntimeError(error_msg)
55
 
56
+
57
+ def encrypt(plain: str, key: Optional[str] = None) -> str:
58
  """düz string → enc:..."""
59
  if not plain:
60
  log_warning("Empty string passed to encrypt")
61
  return ""
62
+
63
  try:
64
+ if key:
65
+ f = Fernet(key.encode())
66
+ else:
67
+ f = _get_key()
68
+
69
  encrypted = f.encrypt(plain.encode()).decode()
70
  return "enc:" + encrypted
71
  except Exception as e:
72
  log_error("Encryption failed", error=str(e))
73
  raise
74
 
75
+
76
+ def decrypt(value: Optional[str], key: Optional[str] = None) -> Optional[str]:
77
  """enc:... ise çözer, değilse aynen döndürür"""
78
  if value is None or not isinstance(value, str):
79
  return value
80
+
81
  if not value.startswith("enc:"):
82
  return value
83
+
84
  token = value.split("enc:", 1)[1]
85
+
86
  try:
87
+ if key:
88
+ f = Fernet(key.encode())
89
+ else:
90
+ f = _get_key()
91
+
92
  decrypted = f.decrypt(token.encode()).decode()
93
  return decrypted
94
  except InvalidToken:
 
102
  raise RuntimeError(error_msg)
103
  except Exception as e:
104
  log_error("Decryption error", error=str(e))
105
+ raise
106
+
107
+
108
+ def main():
109
+ """CLI entry point"""
110
+ parser = argparse.ArgumentParser(
111
+ description="Fernet encryption/decryption utility",
112
+ formatter_class=argparse.RawDescriptionHelpFormatter,
113
+ epilog="""
114
+ Examples:
115
+ # Encrypt with environment key
116
+ python encryption_utils.py enc "secret message"
117
+
118
+ # Encrypt with custom key
119
+ python encryption_utils.py enc "secret message" --key "your-32-byte-base64-key"
120
+
121
+ # Decrypt
122
+ python encryption_utils.py dec "enc:gAAAAABh..."
123
+
124
+ # Generate new key
125
+ python -c "from cryptography.fernet import Fernet; print(Fernet.generate_key().decode())"
126
+ """
127
+ )
128
+
129
+ parser.add_argument(
130
+ "command",
131
+ choices=["enc", "dec"],
132
+ help="Command to execute: 'enc' for encrypt, 'dec' for decrypt"
133
+ )
134
+
135
+ parser.add_argument(
136
+ "text",
137
+ help="Text to encrypt or decrypt"
138
+ )
139
+
140
+ parser.add_argument(
141
+ "--key",
142
+ help="Optional Fernet key (32-byte base64). If not provided, uses FLARE_TOKEN_KEY env var"
143
+ )
144
+
145
+ args = parser.parse_args()
146
+
147
+ try:
148
+ if args.command == "enc":
149
+ result = encrypt(args.text, args.key)
150
+ print(result)
151
+ else: # dec
152
+ result = decrypt(args.text, args.key)
153
+ print(result)
154
+ except Exception as e:
155
+ print(f"Error: {e}", file=sys.stderr)
156
+ sys.exit(1)
157
+
158
+
159
+ if __name__ == "__main__":
160
+ main()