Open
Description
Hi, I found a potential security issue in your encryption code.
The AES-GCM mode uses a static IV (b"0" * 16) when no IV is provided:
iv = iv or b"0" * BLOCK_SIZE
Using a fixed IV in AES-GCM is insecure. It breaks the guarantees of confidentiality and integrity if reused with the same key.
Please consider generating a random IV (e.g., os.urandom(12)) for each encryption to follow best practices.
Thanks.