Encrypt Decrypt encoding on Windows Python

Question

I am trying a very basic use case to encrypt and decrypt a sample string. Below is my method. I am using pycryptodome for the encryption.

@staticmethod
def encryptdecrypt(field):
    if field is None:
        return None
    else:
        print("Input Text is --> "+field)
        cipher = AES.new(CryptHelper.secret_key,AES.MODE_EAX)
        text = cipher.encrypt(field.encode('UTF-8'))
        print("Encrypted String --> "+str(text))
        cipher = AES.new(CryptHelper.secret_key,AES.MODE_EAX)
        text = cipher.decrypt(text).decode('cp1252')
        print("Decrypted String --> " +text)

I am not able to regenerate the original string. I get gibberish o/ps such as below. I tried with different encodings as I am on Windows 10. But none of the give me the original string. Am I missing something here? Am very new to python. so incase if I am performing a blunder, please do let me know.

Input Text is --> Secret
Encrypted String --> b'^\xb4\xc7A\xbc\x05'
Decrypted String --> >F8Ò³…

Please use the [tag:python-3.x] tag only for version specific questions; always do use the [tag:python] tag together with it (as described in that tag). — Maarten Bodewes, Apr 05 '18 at 14:06

score 1 · Answer 1 · answered Apr 05 '18 at 14:05

There are two issues with the code within the question:

the nonce is randomly created by the AES object, there needs to be some way to transfer and use the nonce during decryption;
it is required to use encrypt_and_digest and decrypt_and_verify instead of the calls to just encrypt and decrypt, otherwise the authentication tag isn't created (as you would expect for an authenticated mode of operation such as EAX).

The first issue generates the random data, as a different nonces during encryption and decryption will completely change the result after decryption.

The second issue will let the wrong ciphertext pass without verification of the authentication tag, which would generate an error instead of the wrong plaintext message during decryption.

You can read more about this here (cryptodome documentation on authenticated ciphers.

Of course the character encoding has nothing to do with this. You should use the same character encoding on both encryption and decryption. Usually UTF-8 is preferred.

I will correct the 2 points u mentioned. However, the encoding decoding is still a problem, if I give UTF-8 it says, invalid start byte or invalid continuation byte errors. — javaShilp, Apr 06 '18 at 05:37
Sorry, did you get the UTF-8 errors before or after fixing the code? Because you *should* expect those errors before fixing them. — Maarten Bodewes, Apr 06 '18 at 11:33

Encrypt Decrypt encoding on Windows Python

1 Answers1