Ciphered

Explanation

The Ciphered type is used to transmit sensitive information.
When the user is not connect the key used to cipher the piece of information will be "I'mAHashKeyYouCantFindMe"
When the user is connected with the Seagate User/Password authentication, the hex digest of sha1 of the password will be used hex(sha1(password))
When the request is made on behalf of an authenticated application, the application token will be used.
When the request is made on behalf of an authenticated application user, the user token will be used.

In all cases we'll be using as the real key, a sha256 of previous key.

Data will then be padded with in blocks of 16.
An IV of random 16 elements will be used
then we'll be using AES in OFB mode, with the sha256 key + IV on the padded datas

the result value will be a base64 encoded string containing IV + AESresult

Python example

from Crypto.Cipher import AES
from os import urandom
from hashlib import sha256
from base64 import b64encode, b64decode
BS = 16
pad = lambda s: s + (BS - len(s) % BS) * chr(BS - len(s) % BS)
unpad = lambda s: s[0:-ord(s[-1])]
key = sha256(secret_key).digest()
padded = pad(datas)
iv = urandom(16)
cipher = AES.new(key, AES.MODE_OFB, iv)
result = b64encode("%s%s" % (iv, cipher.encrypt(padded)))

Json example


  {
    "__type__": "Ciphered",
    "__value": 12345678
  }