0

im tying to import a string from pyCryptos RSA encryption function into a mysql database. The datatype of the column username in the database is varchar(256).

here is my code:

# coding: utf8
from InstagramAPI import InstagramAPI
import mysql.connector
import sys
import os
from Crypto.PublicKey import RSA

filereader = open('public_key.txt', 'r')
public_key = RSA.importKey(filereader.read())
filereader.close()
username = "some_user"
encrypted_username = (public_key.encrypt(username, 32)[0])

this gives me a string of bytes, which gives me strange characters when printed.

now i try to insert the encrypted message into my database:

connection = mysql.connector.connect(user = my_username, password,
                                 host = host,
                                 database = db)
my_cursor = connection.cursor()
message = "UPDATE accounts SET username=%s WHERE id=1" % (encrypted_username)
print( message )
my_cursor.execute(message)
connection.commit()

which gives me the output:

UPDATE accounts SET username=
                               �&/����a��w������J}������gG���I��-
   �#Ʃ���'�60��,��<���~k��N�����(�9\��.����� ]��Ơ�U���2�c�f�Gĥ�
^rт   ,z����o��k�����������y
^4�w1S���D��A��[3���x�脩�H_p����5h���s��y WHERE id=1����u|�����c�?

You have an error in your SQL syntax; check the manual that corresponds
to your MySQL server version for the right syntax to use near
�(�9\��.����� ]��Ơ�U���2�c�f

UPDATE:

just doing:

print (public_key.encrypt(username, 32)

gives me the output:

('\x11\x86\x8b\xfa\x82\xdf\xe3sN ~@\xdbP\x85
\x93\xe6\xb9\xe9\x95I\xa7\xadQ\x08\xe5\xc8$9\x81K\xa0\xb5\xee\x1e\xb5r
\x9bH)\xd8\xeb\x03\xf3\x86\xb5\x03\xfd\x97\xe6%\x9e\xf7\x11=\xa1Y<\xdc
\x94\xf0\x7f7@\x9c\x02suc\xcc\xc2j\x0c\xce\x92\x8d\xdc\x00uL\xd6.
\x84~/\xed\xd7\xc5\xbe\xd2\x98\xec\xe4\xda\xd1L\rM`\x88\x13V\xe1M\n X
\xce\x13 \xaf\x10|\x80\x0e\x14\xbc\x14\x1ec\xf6Rs\xbb\x93\x06\xbe',)
Tim von Känel
  • 301
  • 2
  • 12
  • 1
    try using `.hexdigest()` – Mick_ Mar 27 '18 at 23:36
  • 2
    Also i don't see sha256 there but RSA.. Hashing and encryption are two different things. – Mick_ Mar 27 '18 at 23:38
  • 2
    What are you trying to accomplish with this encryption? It seems easy to break since it’s missing a nonce (even if it were padded properly, which the documentation suggests isn’t the case). – Ry- Mar 27 '18 at 23:42
  • You guys are right, i dont use SHA256, i have updated my post, i think i have read that somewhere in the tutorial i have used. – Tim von Känel Mar 27 '18 at 23:58

1 Answers1

2

Encryption and hashing are two different things. If you want easy and actual SHA hash then use :

import hashlib

hash = hashlib.sha256('text'.encode()).hexdigest()
print(hash)

Output:

982d9e3eb996f559e633f4d194def3761d909f5a3b647d1a851fead67c32c9d1

Or from hashlib docs:

>>> import hashlib, binascii
>>> dk = hashlib.pbkdf2_hmac('sha256', b'password', b'salt', 100000)
>>> binascii.hexlify(dk)
b'0394a2ede332c9a13eb82e9b24631604c31df978b4e2f0fbd2c549944f9d79a5'

.

P.S SHA256 has 64 characters so you dont need varchar[256] in your DB

Edit: As per your edit...

import binascii

binascii.hexlify(public_key.encrypt(username, 32))
print(binascii.hexlify(public_key.encrypt(username, 32)).decode())

And the other way would be :

 binascii.unhexlify(public_key.encrypt(username, 32))
 print(binascii.unhexlify(public_key.encrypt(username, 32)).decode())
Mick_
  • 131
  • 9
  • Im sorry, i dont use SHA256, ive read that somewhere in the tutorial ive used. I try to convert the text into a decrypted message with my public_key and insert it into my database and then select it and decrypt it with the private key later – Tim von Känel Mar 28 '18 at 00:00
  • thank you so much, this one actually worked! Had to change varchar length of my table to 512 though – Tim von Känel Mar 28 '18 at 03:10
  • Great. Glad i could help. – Mick_ Mar 28 '18 at 03:11