def Profile(): try: current_user.get_username() except: abort(404) user = current_user conn = sqlite3.connect(os.path.join(file_directory, "storage.db")) c = conn.cursor() c.execute("SELECT * FROM paymentdetails WHERE user_id=? ", (user.id, )) # self define paymentinformation and fetch one and return into payment information variable. paymentinformation = c.fetchone() if paymentinformation: payment_details = PaymentInfo(paymentinformation[1], paymentinformation[2], paymentinformation[3], int(paymentinformation[4])) else: payment_details = PaymentInfo("", "", "", "") payment_form = PaymentOptions(request.form) if request.method == "POST" and payment_form.validate(): conn = sqlite3.connect(os.path.join(file_directory, "storage.db")) c = conn.cursor() c.execute("SELECT * FROM paymentdetails WHERE user_id=? ", (user.id, )) result = c.fetchone() if not result: e1 = pyffx.Integer( b'12376987ca98sbdacsbjkdwd898216jasdnsd98213912', length=16) e2 = pyffx.Integer( b'12376987ca98sbdacsbjkdwd898216jasdnsd98213912', length=len(str(payment_form.SecretNumber.data))) encrypted_card_no = e1.encrypt(payment_form.CreditCardno.data) encrypted_card_CVV = e2.encrypt(payment_form.SecretNumber.data) c.execute("INSERT INTO paymentdetails VALUES (?, ?, ?, ?, ?)", (user.id, payment_form.Name.data, encrypted_card_no, payment_form.ExpiryDate.data, encrypted_card_CVV)) conn.commit() conn.close() return redirect(url_for('user.Profile')) else: flash('Only can store 1 card detail') if payment_details.get_full_name() != '': cn = payment_details.get_credit_card_number() e1 = pyffx.Integer(b'12376987ca98sbdacsbjkdwd898216jasdnsd98213912', length=16) cn = e1.decrypt(cn) return render_template("user/Profile.html", user=user, payment_details=payment_details, form=payment_form, cn=str(cn)) return render_template("user/Profile.html", user=user, payment_details=payment_details, form=payment_form)
def generate_lookup(self, password="******"): password = str.encode(password) fpe = pyffx.Integer(password, length=3) f = lambda x: fpe.encrypt(x) g = lambda x: fpe.decrypt(x) f = np.vectorize(f) g = np.vectorize(g) lookup = f(np.arange(256)) relookup = g(np.arange(1000)) lookup = torch.from_numpy(lookup) relookup = torch.from_numpy(relookup) return lookup, relookup
# Format-preserving, Feistel-based encryption (FFX) import pyffx e = pyffx.Integer(b'secret-rsa_key', length=4) x = e.encrypt(1001) print(x) y = e.decrypt(x) print(y) e = pyffx.String(b'secret-rsa_key', alphabet='abcdefghij', length=6) x = e.encrypt('jibabc') print(x) y = e.decrypt(x) print(y)
def encrypt(self, val, addition: int = sys.maxsize): """ Encrypt a value with FFX library. Negative values are currently not supported as integers. :param val: Value to encrypt :type val: Either an integer, a string or a floating point number (represented as a string) :param addition: Value added to an integer number, which will be subtracted first, defaults to sys.maxsize :param addition: int, optional :return: Encrypted number fitting same format as input :rtype: Either an int or a string depending on what was passed in """ n_val = 0 # If the value is none or if its numpy and nan then just return it if val == None or (isinstance(val, np.float64) and np.isnan(val)): return val try: logger.debug(type(val)) # Strings that are integers should just be int if isinstance(val, str) and val.isdigit(): val = int(val) if np.issubdtype(type(val), np.int64) and val > 0: # If val is Integer # If there's an addition do the new calculation n_val = val - addition logger.debug( f"n_val = {n_val} val = {val} addition = {addition}") if n_val > 0: val = n_val e = pyffx.Integer(self.ffx_secret, length=len(str(val))) enc = e.encrypt(val) else: # Either String or Decimal val = str(val) enc = "" elems = re.split('(\W+|\d+)', val) for elem in elems: if len(elem) == 0: continue vlen = len(elem) if elem.isdigit(): # encrypt integer part e = pyffx.Integer(self.ffx_secret, length=vlen) temp = str(e.encrypt(elem)) elif elem.isalpha(): # encrypt alphabet characters if elem.islower(): e = pyffx.String(self.ffx_secret, alphabet=string.ascii_lowercase, length=vlen) elif elem.isupper(): e = pyffx.String(self.ffx_secret, alphabet=string.ascii_uppercase, length=vlen) else: e = pyffx.String(self.ffx_secret, alphabet=string.ascii_letters, length=vlen) temp = e.encrypt(elem) else: # Escape special characters temp = elem enc += str(temp) logger.debug(f"Out val {enc}") # Return it as a string if np.issubdtype(type(val), np.int64) and n_val > 0: enc += addition return enc except Exception as e: logger.exception(f"Cannot encrypt {val} {type(val)}") return val
df_2 = pandas.read_csv( 'C:\\Users\\mansi\\OneDrive\\Documents\\ADM\\enc_data.csv') #reading all columns into data frame col = df_2.iloc[:, 10] col1 = df_2.iloc[:, 1] col2 = df_2.iloc[:, 2] col3 = df_2.iloc[:, 3] col4 = df_2.iloc[:, 4] col5 = df_2.iloc[:, 5] col6 = df_2.iloc[:, 6] col7 = df_2.iloc[:, 7] col8 = df_2.iloc[:, 8] col9 = df_2.iloc[:, 9] e = pyffx.Integer(b'secret-key', length=5) #using key encryption(format preserving) encrypted_number_list1 = [e.encrypt(x) for x in col1] encrypted_number_list2 = [e.encrypt(x) for x in col2] encrypted_number_list3 = [e.encrypt(x) for x in col3] encrypted_number_list4 = [e.encrypt(x) for x in col4] encrypted_number_list5 = [e.encrypt(x) for x in col5] encrypted_number_list6 = [e.encrypt(x) for x in col6] encrypted_number_list7 = [e.encrypt(x) for x in col7] encrypted_number_list8 = [e.encrypt(x) for x in col8] encrypted_number_list9 = [e.encrypt(x) for x in col9] from phe import paillier public_key, private_key = paillier.generate_paillier_keypair(n_length=58)
import pyffx from django.conf import settings encrypter = pyffx.Integer(settings.SECRET_KEY.encode('UTF-8'), length=settings.POST_ID_SECRET_LENGTH) def encrypt_id(id): return encrypter.encrypt(id) def decrypt_id(enc_id): return encrypter.decrypt(enc_id)
def checkout(): try: username = current_user.get_username() user = current_user user_id = session["_user_id"] except: user = None user_id = None error = "" # Check if cart is in session or empty if 'cart' in session: cart = session['cart'] if not cart: return redirect(url_for('main.home')) else: return redirect(url_for('main.home')) # if user is not signin, will redirect to ask to signin if not user: return redirect(url_for('user.signin')) else: # getting card from existing user conn = sqlite3.connect(os.path.join(file_directory, "storage.db")) c = conn.cursor() c.execute( "SELECT credit_card_number from paymentdetails where user_id=?", (user_id, )) result = c.fetchone() if result: e1 = pyffx.Integer( b'12376987ca98sbdacsbjkdwd898216jasdnsd98213912', length=16) credit_card_number = str(e1.decrypt(result[0])) sliced_credit_card_number = "XXXX-" * 3 + credit_card_number[-4:] else: return redirect(url_for('user.Profile')) # payment if request.method == "POST" and user is not None: month = request.form.get('Expiry_DateM') year = request.form.get('Expiry_DateY') cvv = request.form.get('CVV') # validate credit card details conn = sqlite3.connect(os.path.join(file_directory, "storage.db")) c = conn.cursor() c.execute( "SELECT expiry, cvv, credit_card_number from paymentdetails where user_id=?", (user_id, )) result = c.fetchone() valid_year, valid_month, valid_day = result[0].split('-') e2 = pyffx.Integer(b'12376987ca98sbdacsbjkdwd898216jasdnsd98213912', length=len(str(result[1]))) valid_cvv = e2.decrypt(result[1]) if int(year) == int(valid_year[2:]) and int(month) == int( valid_month) and str(cvv) == str(valid_cvv): # successful payment c.execute("select max(order_id) from orders") try: order_id = c.fetchone()[0] + 1 except TypeError: order_id = 1 user_id = session["_user_id"] voucher_code = session["voucher"] date_of_purchase = datetime.now() total_cost = session["amount"] c.execute("INSERT into orders values (?, ?, ?, ?, ?)", (order_id, user_id, voucher_code, date_of_purchase, total_cost)) for item in session['cart']: c.execute("INSERT into order_details values (?,?)", (order_id, item[0])) conn.commit() conn.close() # uses the voucher (should only use it after payment is successful) if '_user_id' in session and 'voucher' in session and session[ 'voucher'] != '': cookie = request.headers['cookie'] csrf_token = request.form.get('csrf_token') headers = {'cookie': cookie, 'X-CSRF-Token': csrf_token} url = "http://localhost:5000/api/userVoucher/" + session[ "_user_id"] response = requests.put(url, json={"code": session["voucher"]}, headers=headers) data = response.json()["data"] if data == "This is a general voucher": data = "" else: data = "" # deletes voucher and cart session del session['cart'] if 'voucher' in session: del session['voucher'] return render_template("shopping/Thankyou.html", data=data, user=user) else: # unsuccessful payment details = f"Failed transaction with the username of {username}." Loggingtype = "Transaction" Logging(Loggingtype, details) error = "Invalid Payment Details" # checkout details cart = session['cart'] voucher = session['voucher'] conn = sqlite3.connect(os.path.join(file_directory, "storage.db")) c = conn.cursor() c.execute("SELECT amount from vouchers where code = ?", (voucher, )) try: voucher_cost = c.fetchone()[0] except TypeError: voucher_cost = 0 subtotal = session['subtotal'] amount = session['amount'] order_details = { 'cart': cart, 'voucher': voucher, 'voucher_cost': voucher_cost, 'subtotal': subtotal, 'total': amount } return render_template("shopping/Checkout.html", user=user, credit_card_number=sliced_credit_card_number, error_message=error, order_details=order_details)
import pyffx e = pyffx.Integer(b'12376987ca98sbdacsbjkdwd898216jasdnsd98213912', length=16) creditcardno = '2654859379613343' print(e.decrypt(creditcardno))