def _restore_from_backup(jwd, filepath, plaintext, aes256_cipher):
"""Return backup value (if such exists and content in file has not changed)
We may want to replace this with a simpler "check last modified time" lookup
that could happen in constant time instead.
"""
if not helpers.is_there_a_backup(jwd=jwd, filepath=filepath):
return None
backup_ciphertext_original = helpers.get_backup_content_for_file(jwd=jwd, filepath=filepath)
previous_enc = base64.urlsafe_b64decode(b(backup_ciphertext_original))
iv = aes256_cipher.extract_iv(ciphertext=previous_enc)
new_secret_w_same_iv = aes256_cipher.encrypt(plaintext=plaintext, iv=iv)
if new_secret_w_same_iv == previous_enc:
return backup_ciphertext_original
return None
评论列表
文章目录
