0

I have program that has encrypted database means, All the data in database are all encrypted. Using cryptography.fernet. But I have a problem when ever I search through the database for a row, It doesn't match in any even if I use same key. I know the problem. It is that the encrypted message doesn't become same neither using the same message. please give me some solutions how can I overcome this.

code:

import mysql.connector
from cryptography.fernet import Fernet
db=mysql.connector.connect(                 #connect
    host="x",
    user="xx",
    password="xxx",
    database="example"
)
mycurser=db.cursor(buffered=True)

key=Fernet.generate_key()
f=Fernet(key)               #generate key and inserting it

userchoice=input("what you want \n1:insert in db \n2:get from db")
if userchoice =='1':
    text=input("name: ").lower().encode()
    text2=input("cast: ").lower().encode()
    mycurser.execute("INSERT INTO e1 (name,cast) value('%s','%s');" %(f.encrypt(text).decode(),f.encrypt(text2).decode()))
elif userchoice=='2':
    text=input("name: ").lower().encode()
    mycurser.execute("SELECT * FROM e1 WHERE name='%s'" %(f.encrypt(text).decode()))
    results=mycurser.fetchall()
    for i in results:
        print(f.decrypt(i).decode())
  • Without seeing your actual code, all we can say is "You made a mistake, somewhere." – John Gordon Oct 30 '22 at 17:58
  • You'll have to decrypt each one I'm afraid. If you don't have to, then your encryption is weak and lacking salt. – Abel Oct 30 '22 at 17:59
  • @Abel check the code –  Oct 30 '22 at 18:32
  • The encrypted token token in in fernet _contains the current time when it was generated_, So the same message encrypted at different times will yoeld different tokens. That means that cannot search for encrypted data. Read documentation on `encrypt` function. – Yuri Ginsburg Oct 31 '22 at 02:39
  • how can I make the fernate not to add time in encrypted form –  Oct 31 '22 at 15:40

0 Answers0