Mercurial > code > home > repos > video
comparison signature_gen.py @ 49:1bd17c2e5517 default tip
video.py must sign video urls for serve-files.js to serve them
| author | drewp@bigasterisk.com |
|---|---|
| date | Fri, 06 Dec 2024 17:13:51 -0800 |
| parents | |
| children |
comparison
equal
deleted
inserted
replaced
| 48:046673b1cc24 | 49:1bd17c2e5517 |
|---|---|
| 1 import base64 | |
| 2 import json | |
| 3 import logging | |
| 4 from pathlib import Path | |
| 5 import time | |
| 6 | |
| 7 from Crypto.Cipher import AES | |
| 8 from Crypto.Random import get_random_bytes | |
| 9 from Crypto.Util.Padding import pad | |
| 10 | |
| 11 log = logging.getLogger() | |
| 12 | |
| 13 | |
| 14 SIGNATURE_KEY = Path('/secret/signature_key').read_bytes() | |
| 15 | |
| 16 def _encrypt_data(data: bytes, key: bytes) -> str: | |
| 17 iv = get_random_bytes(12) | |
| 18 cipher = AES.new(key, AES.MODE_GCM, iv) | |
| 19 ciphertext, tag = cipher.encrypt_and_digest(pad(data, AES.block_size)) | |
| 20 return base64.b64encode(iv + ciphertext + tag).decode('utf-8') | |
| 21 | |
| 22 | |
| 23 def makePlaybackSig(user: str, webDataPath: str, lifeSeconds=3600) -> str: | |
| 24 msg = [user, webDataPath, int(time.time() + lifeSeconds)] | |
| 25 return _encrypt_data( | |
| 26 json.dumps(msg).encode('utf-8'), SIGNATURE_KEY) |