Vitalis-MCP-Server / journal /encryption.py
FerrellSyntheticIntelligence
Vitalis LOREIN MCP Server — full 26-tool package with one-command launcher
35341c0
Raw
History Blame Contribute Delete
1.26 kB
"""
Identity-Based Encryption (IBE) for Journal sovereignty.
Provides cryptographic identity binding and encryption for journal entries.
Uses a local keyring approach — no external PKI required.
"""
import hashlib
import os
from pathlib import Path
from config.config import MEMORY_DIR
def _get_key_path(identity: str) -> Path:
return MEMORY_DIR / f"{identity}_identity.key"
def generate_identity(identity: str) -> str:
key = hashlib.sha256(os.urandom(64)).hexdigest()
path = _get_key_path(identity)
path.parent.mkdir(parents=True, exist_ok=True)
path.write_text(key)
return derive_fingerprint(key)
def derive_fingerprint(key: str) -> str:
return hashlib.sha256(key.encode()).hexdigest()[:16]
def load_identity_key(identity: str) -> str | None:
path = _get_key_path(identity)
if path.exists():
return path.read_text().strip()
return None
def sign_entry(entry_data: str, identity: str) -> str:
key = load_identity_key(identity)
if not key:
key = generate_identity(identity)
return hashlib.sha256(f"{entry_data}{key}".encode()).hexdigest()
def verify_signature(entry_data: str, signature: str, identity: str) -> bool:
return sign_entry(entry_data, identity) == signature