{"id":2018,"date":"2020-06-21T14:56:56","date_gmt":"2020-06-21T06:56:56","guid":{"rendered":"https:\/\/www.techcoil.com\/blog\/?p=2018"},"modified":"2020-06-21T14:57:48","modified_gmt":"2020-06-21T06:57:48","slug":"how-to-use-pycrypto-python-qrcode-and-flask-restplus-to-create-qr-codes-that-can-send-encrypted-data-to-an-endpoint","status":"publish","type":"post","link":"https:\/\/www.techcoil.com\/blog\/how-to-use-pycrypto-python-qrcode-and-flask-restplus-to-create-qr-codes-that-can-send-encrypted-data-to-an-endpoint\/","title":{"rendered":"How to use pycrypto, python-qrcode and Flask-RESTPlus to create QR codes that can send encrypted data to an endpoint"},"content":{"rendered":"

If you want to direct someone to a web page without saying a word, then you can use QR codes to do so.<\/p>\n

For example, your QR code reader will direct your phone's browser to visit our home page when you scan the following QR Code:<\/p>\n

\"Techcoil<\/p>\n

Given that, you can use QR codes to send HTTP requests<\/a> to an endpoint of your HTTP server<\/a>. In addition, you can embed data that you wish to send to the endpoint in the QR codes.<\/p>\n

With this in mind, let's look at how we can use pycrypto<\/a>, python-qrcode<\/a> and Flask-RESTPlus<\/a> to create QR codes that can send encrypted data to an endpoint. <\/p>\n

What happens when a QR code reader picks up an URL<\/h2>\n

When QR code readers pick up an URL in a QR code image, they start a web browser to retrieve the resource from the URL. Given that, the browser sends a HTTP GET request to that URL. In this situation, we can send data to the server through query string variables.<\/p>\n

Given that, we will be able to embed some data in our QR code for a reader to send to a server endpoint. When we do so, we can fulfil functionalities to trigger a server action through a QR code.<\/p>\n

Generating a QR Code image with python-qrcode<\/code><\/h2>\n

Previously, I discussed how we can create an API endpoint that generates a QR Code image, with Python 3 Flask-RESTPlus and python-qrcode<\/a>. <\/p>\n

When we run the sample script, we get an endpoint that receives HTTP POST requests made to \/api\/qrcode. If we post the following JSON model:<\/p>\n

\r\n{\r\n  "value": "https:\/\/www.techcoil.com"\r\n}\r\n<\/pre>\n
then we will get the QR code image shown earlier in the HTTP response<\/a>.<\/p>\n
Given that, we can put the logic that returns a string value as a QR code image into a function:<\/p>\n
\r\nfrom flask import send_file\r\nfrom io import BytesIO\r\nimport qrcode\r\n\r\ndef qr_code_send_file(value_to_turn_into_qrcode):\r\n    pil_img = qrcode.make(value_to_turn_into_qrcode)\r\n    img_io = BytesIO()\r\n    pil_img.save(img_io, 'PNG')\r\n    img_io.seek(0)\r\n    return send_file(img_io, mimetype='image\/png')\r\n<\/pre>\n
Encrypting and decrypting data with pycrypto<\/h2>\n
Once we have the Python 3 codes to convert string values into QR code image, let's look at the encryption part.<\/p>\n
But couldn't we pass the data as query string variables along with the URL as a string input to qr_code_send_file<\/code>?<\/p>\n
Although we can do so, we may want to encrypt the data before embedding it as an QR code for security reasons.<\/p>\n
Given that, let's look at how we can encrypt and decrypt data in Python 3.<\/p>\n
Previously, I discussed how we can encrypt and decrypt data in Python 3<\/a>. <\/p>\n
When you look at that post, you can find the following functions that we can use in this discussion:<\/p>\n
\r\nfrom Crypto.Cipher import AES\r\n \r\nimport base64, json, math\r\n \r\n# AES key must be either 16, 24, or 32 bytes long\r\nCOMMON_ENCRYPTION_KEY='asdjk@15r32r1234asdsaeqwe314SEFT'\r\n# Make sure the initialization vector is 16 bytes\r\nCOMMON_16_BYTE_IV_FOR_AES='IVIVIVIVIVIVIVIV'\r\n \r\ndef get_common_cipher():\r\n    return AES.new(COMMON_ENCRYPTION_KEY,\r\n                   AES.MODE_CBC,\r\n                   COMMON_16_BYTE_IV_FOR_AES)\r\n \r\ndef encrypt_with_common_cipher(cleartext):\r\n    common_cipher = get_common_cipher()\r\n    cleartext_length = len(cleartext)\r\n    nearest_multiple_of_16 = 16 * math.ceil(cleartext_length\/16)\r\n    padded_cleartext = cleartext.rjust(nearest_multiple_of_16)\r\n    raw_ciphertext = common_cipher.encrypt(padded_cleartext)\r\n    return base64.b64encode(raw_ciphertext).decode('utf-8')\r\n \r\n \r\ndef decrypt_with_common_cipher(ciphertext):\r\n    common_cipher = get_common_cipher()\r\n    raw_ciphertext = base64.b64decode(ciphertext)\r\n    decrypted_message_with_padding = common_cipher.decrypt(raw_ciphertext)\r\n    return decrypted_message_with_padding.decode('utf-8').strip()\r\n \r\n \r\ndef encrypt_json_with_common_cipher(json_obj):\r\n    json_string = json.dumps(json_obj)\r\n    return encrypt_with_common_cipher(json_string)\r\n \r\n \r\ndef decrypt_json_with_common_cipher(json_ciphertext):\r\n    json_string = decrypt_with_common_cipher(json_ciphertext)\r\n    return json.loads(json_string)\r\n<\/pre>\n
When we have the above functions, we will be able to:<\/p>\n