Reputation: 506
I am building website in python flask & using AES algorithm of pycrypto library. In sign up web page, I am saving encrypted pwd & encrypted key in text file. In login page, I am comparing entered pwd with decrypted pwd,using below code
def decryption(encryptedString,key_from_file):
PADDING = '{'
DecodeAES = lambda c, e: c.decrypt(base64.b64decode(e)).rstrip(PADDING)
#Key is FROM the printout of 'secret' in encryption
#below is the encryption.
encryption = encryptedString
key = key_from_file
cipher = AES.new(key) #### error comes here
decoded = DecodeAES(cipher, encryption)
return decoded
def login():
if request.method == 'GET':
return render_template('login.html')
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
d2 = pandas.read_csv("Employee_Info.txt",header=0)
search_id = d2[d2['email'] == username]
pdb.set_trace()
if search_id.empty:
error = "username does not exists"
return render_template('login.html', error = error)
else:
pwd_from_file=search_id.iloc[0]['pwd']
key_from_file=search_id.iloc[0]['key']
if decryption(pwd_from_file,key_from_file) == password:
print "matching password"
else:
print "mismatch"
but I am getting error as ValueError: AES key must be 16,24 or 32 bytes long.
Text file has below fields:
id,email,pwd,key
qq,qq,h4vvEPuVNwjw22yJKz8QGg==,xéðjŸ¸AOݬ‡
Upvotes: 0
Views: 208
Reputation: 14194
You are storing the key in raw Unicode bytes, so there is likely a serialization/deserialization error. Encode the raw key bytes in hexadecimal or Base64 before storing in the file, and then convert back to raw before initializing your cipher.
Note: Storing the key in the credentials data store is very bad, and encrypting passwords for credential verification is also very bad. Look at Why should I hash passwords and How to securely hash passwords for more information.
Upvotes: 1