ArZypher is a simple mechanism to generate URL-safe tokens with data like JWT, but with the data encrypted. The token consists of three parts:
[n-bits random seed]|[n-bits verify signature]|[n-bits data stored]
pip3 install git+https://github.com/Andres77872/ArZypher.git@masterfrom ArZypher import arzypher_decoder, arzypher_encoder
private_key = 'PRIVATE KEY'
params_keys = [32]
params_data = [7]
check_sum = 256
random_key = 32
b64, key = arzypher_encoder(
private_key=private_key,
random_key=random_key,
check_sum=check_sum,
params_keys=params_keys,
params_data=params_data,
padding=None
)
decode, key = arzypher_decoder(
private_key=private_key,
random_key=random_key,
check_sum=check_sum,
params_keys=params_keys,
encoded=b64,
padding=None
)Optional. By default, it's an empty string "". This is used as a shared private key to verify the token's
signature.
Optional integer, by default, it's None. This defines the hash algorithm, and the possible values are
256 (HS256), 384 (HS384), and 512 (HS512). This will use the private_key.
If you set a value less than 256, then by default, it will use HS256 and the n-bits defined by the user. This is useful to keep the token the same length each time (24 bits = 4 b64 characters).
The token's signature consists of:
key=private_keymsg=binary_random_key + binary_params_data + ''.join(map(str, params_keys))
Optional integer, by default, it's None. Used to generate a new token with the same data each time it's
created, used in token refresh.
This parameter consists of an n-bits integer random number generated by the lib secrets
and used as a seed for the random lib to encrypt the token.
This is not another field of security; it's just to generate new tokens in the same session.
A list with the n-bits used by each data.
For example, to save the register id, the timestamp in seconds, some data with 8 bits (0-255),
and 3 True-False permissions, the list of params_keys must be this.
params_keys = [
64,
32,
8,
1,
1,
1,
]The system is sensitive to the position number, and this [32,24,8,1] is different from
[32,24,1,8]. Also, at the moment of decryption, the decrypted value will be recovered using
the n-bits declared in the list.
A list with the data that will be encoded in the token.
It's possible to store integers and string data, but the string type must be declared in the params_keys
variable.
For example, to use the last params_keys and in addition to the numbers, it's necessary
to save a UTF-8 string. This type must be declared as [str, len(msg)*8]. The int can also
be described as [int, n-bits].
params_keys = [
[int, 64],
32,
8,
1,
1,
1,
[str, 11 * 8]
]
# The params_data
params_data = [
1245,
1497169783,
214,
1,
0,
0,
"hello world"
]Not implemented yet.
from ArZypher import arzypher_decoder, arzypher_encoder
private_key = 'PRIVATE KEY'
params_keys = [
[int, 64],
32,
8,
1,
1,
1,
[str, 11 * 8]
]
params_data = [
1245,
1497169783,
214,
1,
0,
0,
"hello world"
]
check_sum = 256 # HS256
random_key = 32 # 32 bits for the random token generator
b64, key = arzypher_encoder(
private_key=private_key,
random_key=random_key,
check_sum=check_sum,
params_keys=params_keys,
params_data=params_data,
padding=None
)
print(b64) # 4tZ8rOH8mefr66gGsxV4gdRgIC1_NquyXfz_rLUQ5LdbU3PXqlBqOYBmF7Zxl00J4bGHFq4n6OMNALJ-KA
decode, key = arzypher_decoder(
private_key=private_key,
random_key=random_key,
check_sum=check_sum,
params_keys=params_keys,
encoded=b64,
padding=None
)
print(decode) # [1245, 1497169783, 214, 1, 0, 0, 'hello world']It's recommended to keep the variables private_key, random_key, check_sum, and params_keys
secreted.
The values can also be used as a key if you keep their value private, but the private_key
MUST BE A SECRET PASSWORD ON THE SERVER SIDE.
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent