refactor: replace encryption function with new encrypt method for sensitive data handling

2025-12-30 17:52:48 +00:00 · 2025-07-11 19:39:08 +08:00 · 2025-07-11 19:39:08 +08:00 · 28e89ca6ec
parent fb92a07d62
commit 28e89ca6ec
1 changed files with 31 additions and 0 deletions
--- a/apps/common/utils/common.py
+++ b/apps/common/utils/common.py
@ -24,6 +24,9 @@ from pydub import AudioSegment

 from ..database_model_manage.database_model_manage import DatabaseModelManage
 from ..exception.app_exception import AppApiException
+from Crypto.Cipher import AES
+from Crypto.Util.Padding import pad, unpad
+from base64 import b64encode, b64decode


 def password_encrypt(row_password):
@ -87,6 +90,34 @@ def encryption(message: str):
    return pre_str + content + end_str


+key = b'J\xbb\xd1\xa3\x93zB\x80/\xf2\x89e\xecb\xfe\x02'
+
+
+def encrypt(message: str) -> str:
+    cipher = AES.new(key, AES.MODE_CBC)
+    ct_bytes = cipher.encrypt(pad(message.encode('utf-8'), AES.block_size))
+    iv = b64encode(cipher.iv).decode('utf-8')
+    ct = b64encode(ct_bytes).decode('utf-8')
+    return f"{iv}:{ct}"
+
+
+def decrypt(encrypted: str) -> str:
+    try:
+        # 判断是否为加密格式 (iv:ciphertext)
+        if ':' not in encrypted:
+            return encrypted  # 非加密字符串直接返回
+
+        iv_str, ct_str = encrypted.split(":", 1)
+        iv = b64decode(iv_str)
+        ct = b64decode(ct_str)
+        cipher = AES.new(key, AES.MODE_CBC, iv)
+        pt = unpad(cipher.decrypt(ct), AES.block_size)
+        return pt.decode('utf-8')
+    except (ValueError, KeyError, IndexError, Exception):
+        # 捕获所有可能的异常，如无效格式、密钥错误等
+        return encrypted  # 如果解密失败，返回原字符串
+
+
 def _remove_empty_lines(text):
    if not isinstance(text, str):
        raise AppApiException(500, _('Text-to-speech node, the text content must be of string type'))