In this blog post, I will walk you through a custom implementation of secure data encoding and decoding using the `StrongCryptography` class. This class leverages the `jose` library for JWT (JSON Web Token) encoding and decoding, as well as the `passlib` library for hashing.
Cryptography is essential for protecting sensitive data, ensuring secure communication, and preventing unauthorized access. This implementation provides a way to securely encode and decode data, incorporating custom encryption techniques along with standard cryptographic practices.
The `StrongCryptography` class includes two static methods: `encode_data` and `decode_data`. Let's explore each of these methods in detail.
The `encode_data` method takes a dictionary of data and an optional expiration time (`exp`) as inputs. It returns a securely encoded string that includes the JWT and a hashed verification string.
import random
import string
from datetime import datetime, timedelta, timezone
from jose import jwt
from passlib.context import CryptContext
SECRET_KEY = "1aa7c3c8c5563fb00439b132eb711fe26a36e74b267aa030bbd347fbf2695825"
ALGORITHM = "HS256"
pwd_context_form = CryptContext(schemes=["bcrypt"], deprecated="auto")
class StrongCryptography:
@staticmethod
def encode_data(data_dict: dict, exp: timedelta = None):
split_key: str = '?'
if exp:
expire_until = datetime.now(timezone.utc) + exp
data_dict.update({"exp": expire_until})
encoded_jwt = jwt.encode(data_dict, SECRET_KEY, algorithm=ALGORITHM)
coded = str()
numbers = '.-_1234567890'
all_chars = '~+=!@#$%^&*()'
new_text = encoded_jwt
for txt in encoded_jwt:
if txt in numbers:
new_text = new_text.replace(txt, all_chars[numbers.index(txt)])
abc = string.ascii_letters + all_chars
len_hasher = len(abc)
abc1 = str()
rand_abc = random.randint(0, len_hasher - 1)
for let in range(len_hasher):
abc1 += abc[(rand_abc + let) % len_hasher]
abc2 = all_chars + string.ascii_letters + all_chars
code = f"{bin(rand_abc)[2:]}" + split_key
for char in new_text:
real_char = abc1[abc2.index(char)]
ind_rand = random.randint(0, 3)
for i in range(4):
nm = random.randint(0, len_hasher - 1)
rand_char1 = abc1[nm]
if ind_rand == i:
code += real_char
else:
code += rand_char1
code += split_key + bin(int(bin(ind_rand)[2:]))[2:] + split_key
code = code[:-(len(split_key))]
coded += code[::-1]
return coded + '-' + pwd_context_form.hash(encoded_jwt)
The `decode_data` method takes the encoded string and decodes it back to the original data dictionary, verifying the integrity of the data using the hashed verification string.
...
@staticmethod
def decode_data(coded_data: str, split_key='?'):
encoded_jwt_verify = coded_data.split('-')[-1]
coded_data = coded_data[:coded_data.index('-')]
numbers = '.-_1234567890'
all_chars = '~+=!@#$%^&*()'
decoded = str()
_text = coded_data[::-1]
codes = _text.split(split_key)[0]
cut_ind = _text[_text.index(split_key) + len(split_key):]
rand_abc = int(codes, 2)
bins = cut_ind.split(split_key)[::-2]
chars = cut_ind.split(split_key)[::2]
abc = string.ascii_letters + all_chars
len_hasher = len(abc)
abc1 = str()
abc2 = all_chars + string.ascii_letters
for let in range(len_hasher):
abc1 += abc[(rand_abc + let) % len_hasher]
decs = []
for bin_nm in bins:
sort_1 = int(f"0b{bin_nm}", 2)
sort_2 = int(f"0b{sort_1}", 2)
decs.append(sort_2)
decs.reverse()
char_sort1 = str()
ind = 0
for char_nm in chars:
get_ind = (decs[ind])
char_sort1 += char_nm[get_ind]
ind += 1
char_sort2 = str()
for char_nm in char_sort1:
char_sort2 += abc2[abc1.index(char_nm)]
decoded += f"{char_sort2} "
result = decoded[:-1]
for txt in result:
if txt in all_chars:
result = result.replace(txt, numbers[all_chars.index(txt)])
payload = jwt.decode(result, SECRET_KEY, algorithms=[ALGORITHM])
if pwd_context_form.verify(result, encoded_jwt_verify):
return payload
raise TypeError
Here’s how you can use the `StrongCryptography` class to encode and decode data:
# Sample data to encode
data = {"user_id": 1, "username": "user1"}
# Encode the data
encoded_data = StrongCryptography.encode_data(data, exp=timedelta(hours=1))
print(f"Encoded Data: {encoded_data}")
# Decode the data
decoded_data = StrongCryptography.decode_data(encoded_data)
print(f"Decoded Data: {decoded_data}")
The `StrongCryptography` class provides a robust way to securely encode and decode data, adding an extra layer of security beyond standard JWT encoding. This implementation can be particularly useful for applications that require enhanced security measures.
Feel free to use and modify this code according to your needs, and ensure to handle your secret keys and sensitive information securely. If you have any questions or feedback, feel free to leave a comment below!