add new encryption fields in organization
This commit is contained in:
parent
a290b2e45c
commit
8191b1aaee
|
@ -0,0 +1,22 @@
|
||||||
|
# Generated by Django 4.2.5 on 2024-02-23 13:01
|
||||||
|
|
||||||
|
from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
|
class Migration(migrations.Migration):
|
||||||
|
dependencies = [
|
||||||
|
('oidc4vp', '0001_initial'),
|
||||||
|
]
|
||||||
|
|
||||||
|
operations = [
|
||||||
|
migrations.AddField(
|
||||||
|
model_name='organization',
|
||||||
|
name='encrypted_sensitive_data',
|
||||||
|
field=models.CharField(default=None, max_length=255, null=True),
|
||||||
|
),
|
||||||
|
migrations.AddField(
|
||||||
|
model_name='organization',
|
||||||
|
name='salt',
|
||||||
|
field=models.CharField(default=None, max_length=255, null=True),
|
||||||
|
),
|
||||||
|
]
|
|
@ -149,24 +149,24 @@ class Organization(models.Model):
|
||||||
self.encrypted_sensitive_data = key_crypted
|
self.encrypted_sensitive_data = key_crypted
|
||||||
|
|
||||||
def encrypt_data(self, data):
|
def encrypt_data(self, data):
|
||||||
pw = self.decrypt_sensitive_data()
|
pw = self.decrypt_sensitive_data().encode('utf-8')
|
||||||
sb = self.get_secret_box(pw)
|
sb = self.get_secret_box(pw)
|
||||||
value_enc = sb.encrypt(data.encode('utf-8'))
|
value_enc = sb.encrypt(data.encode('utf-8'))
|
||||||
return base64.b64encode(value_enc).decode('utf-8')
|
return base64.b64encode(value_enc).decode('utf-8')
|
||||||
|
|
||||||
def decrypt_data(self, data):
|
def decrypt_data(self, data):
|
||||||
pw = self.decrypt_sensitive_data()
|
pw = self.decrypt_sensitive_data().encode('utf-8')
|
||||||
sb = self.get_secret_box(pw)
|
sb = self.get_secret_box(pw)
|
||||||
value = base64.b64decode(data.encode('utf-8'))
|
value = base64.b64decode(data.encode('utf-8'))
|
||||||
return sb.decrypt(value).decode('utf-8')
|
return sb.decrypt(value).decode('utf-8')
|
||||||
|
|
||||||
def get_secret_box(self, password):
|
def get_secret_box(self, password):
|
||||||
sb_key = self.derive_key_from_password(password)
|
sb_key = self.derive_key_from_password(password=password)
|
||||||
return secret.SecretBox(sb_key)
|
return secret.SecretBox(sb_key)
|
||||||
|
|
||||||
def change_password_key(self, new_password):
|
def change_password_key(self, new_password):
|
||||||
data = self.decrypt_sensitive_data()
|
data = self.decrypt_sensitive_data()
|
||||||
sb_key = self.derive_key_from_password(new_password)
|
sb_key = self.derive_key_from_password(password=new_password)
|
||||||
sb = secret.SecretBox(sb_key)
|
sb = secret.SecretBox(sb_key)
|
||||||
if not isinstance(data, bytes):
|
if not isinstance(data, bytes):
|
||||||
data = data.encode('utf-8')
|
data = data.encode('utf-8')
|
||||||
|
|
Loading…
Reference in a new issue