CODEWITHSUNDEEP
pythoncryptography
rdrmntn
rdrmntn

Reputation: 466

Python cryptography fails with "Expected interface of CipherAlgorithm"

I'm trying to use the cryptography python module (cryptography.io) but cannot implement a working example. From example in documentation.

This code:

from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.backends import openssl
from cryptography.hazmat.backends import default_backend

dbackend = default_backend
iv = 'ababababcdcdcdcd1212121234343434'.encode('hex')
cipher = Cipher(modes.CBC(iv), algorithms.AES('aabbccddaabbccdd1122334411223344'.decode('hex')), backend=dbackend)

e = cipher.encryptor()
ct = e.update("Secret messagexx") + e.finalize()

d = cipher.decryptor()

clear = d.update(ct) + d.finalize()

fails with:

cryptography.exceptions.UnsupportedAlgorithm: Backend object does not implement CipherBackend.

I then try with openssl backend:

obackend = openssl.backend
cipher = Cipher(modes.CBC(iv), algorithms.AES('aabbccddaabbccdd1122334411223344'.decode('hex')), backend=obackend)

And it fails with:

TypeError: Expected interface of CipherAlgorithm.

I've been trying to read the docs but I can't even get the example code to work. Any help appreciated.

Update - solved:

In case someone stumbles over this I add this working example here (where I use ECB mode which was what I actually wanted). 

from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.backends import default_backend

backend = default_backend()
cipher = Cipher(algorithms.AES('aabbccddaabbccdd1122334411223344'.decode('hex')), modes.ECB(), backend=backend)

e = cipher.encryptor()
ct = e.update("Secret messagexx") + e.finalize()

d = cipher.decryptor()

clear = d.update(ct) + d.finalize()

print clear

Upvotes: 0

Views: 2368

Answers (1)

Paul Kehrer
Paul Kehrer

Reputation: 14089

You are passing default_backend as the backend argument, but that's actually a function. Call it with default_backend() and it will return a backend object you can pass in.

The non-hazmat layer does contain a symmetric encryption recipe (known as Fernet), so you may want to consider using that if it meets your needs.

Upvotes: 2

Related Questions