BUG555: Chacha20アルゴリズムで暗号化。注：このコミットは全員の開発環境に存在する必要があります。その後、/#/domainページにアクセスし、暗号化されていないアカウントの「編集」をクリックして直接保存し、暗号化されていないアカウントを暗号化します。

backend/app/core/security.py

@@ -2,6 +2,10 @@ import jwt
 from fastapi.security import OAuth2PasswordBearer
 from passlib.context import CryptContext
 from datetime import datetime, timedelta
+from cryptography.hazmat.primitives.ciphers import Cipher, algorithms
+import os
+import base64
+from app.core import config
 
 oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/api/token")
 
@@ -29,3 +33,30 @@ def create_access_token(*, data: dict, expires_delta: timedelta = None):
     to_encode.update({"exp": expire})
     encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)
     return encoded_jwt
+
+def chacha20Encrypt(plaintext:str, key=config.KINTONE_PSW_CRYPTO_KEY):
+    nonce = os.urandom(16)
+    algorithm = algorithms.ChaCha20(key, nonce)
+    cipher = Cipher(algorithm, mode=None)
+    encryptor = cipher.encryptor()
+    ciphertext = encryptor.update(plaintext.encode('utf-8')) + encryptor.finalize()
+    return base64.b64encode(nonce +'𒀸'.encode('utf-8')+ ciphertext).decode('utf-8')
+
+def chacha20Decrypt(encoded_str:str, key=config.KINTONE_PSW_CRYPTO_KEY):
+    try:
+        decoded_data = base64.b64decode(encoded_str)
+        if len(decoded_data) < 18:
+            return encoded_str
+        special_char = decoded_data[16:20]
+        if special_char != '𒀸'.encode('utf-8'):
+            return encoded_str
+        nonce = decoded_data[:16]
+        ciphertext = decoded_data[20:]
+    except Exception as e:
+        print(f"An error occurred: {e}")
+        return encoded_str
+    algorithm = algorithms.ChaCha20(key, nonce)
+    cipher = Cipher(algorithm, mode=None)
+    decryptor = cipher.decryptor()
+    plaintext_bytes = decryptor.update(ciphertext) + decryptor.finalize()
+    return plaintext_bytes.decode('utf-8')