0

I was working with fernet to encrypt. In the tests I founded that if I change the last character of the key, fernet it is able to dencrypt.

For example if the key is ZwvCXUGvnG0RvkhNszIQsQOqz8yaKjUSJpxraDVsxd4= and i type ZwvCXUGvnG0RvkhNszIQsQOqz8yaKjUSJpxraDVsxd5= instead, the program dencrypt my code. I founded this error bc i was lazy to copy a whole new key, so i decided to only change the last character. This happen with every consecuent character in the last one character of the key.

If anyone could help me i would be very thankfull

This is my code

from cryptography.fernet import Fernet

text1="""Find me and follow me through corridors, refectories and files 
You must follow, leave this academic factory 
You'll find me in the matinée, the dark of the matinée 
It's better in the matinée, the dark of the matinée is mine 
Yes, it's mine"""

def crearLLave():
    key=Fernet.generate_key()
    print(key.decode())
    return Fernet(key) 

def crearLLaveManual(llave):
    try:
        return Fernet(llave)
    except:
        again=bytes(input("Formato incorrecto "), "ascii")
        return crearLLaveManual(again)

def encriptarTexto(cadena, llave):
    return llave.encrypt(str.encode(cadena))
   
def desencriptarTexto(cadena_encriptada, llave):
    try:
        return llave.decrypt(cadena_encriptada).decode()
    except:
        cadena=bytes(input("La cámara de los secretos no se abrirá, intente de nuevo: "),"ascii")

        return desencriptarTexto(cadena_encriptada, crearLLaveManual(cadena))


llave=crearLLave()
texto_encriptado=encriptarTexto(text1, llave)
print("La cadena encriptada es: ",texto_encriptado.decode())
cadenaLlave=bytes(input("Escriba la llave para desencriptar el texto: "), "ascii")
llaveManual=crearLLaveManual(cadenaLlave)
print("El texto desencriptado es: ",desencriptarTexto(texto_encriptado, llaveManual))

Console Message:

lIX2AfP-cyFRNgYgFRf3Sy3uKQ4Hrr4Lvrn12wFGo30=

La cadena encriptada es: gAAAAABjg7kdWTCIRjIrIAFk2fQg-znc1zRdrc7VaTkjcKZL1RZ2jmCjvf6NlzQ-39yxh0BMXY0FkrBTN0Ky51HiGy9cxmlbpZ7_Jwp6wml2DsMkCWf7h49EYLN8hjtpzFoiTUy7coguSXgFDBVVyucAUhgcn1EzleHJ_pKlDsyw6EnNLVBqUkmI8WYOY5NwEfCKx3UUlvV3dYDZqjeVqMX90CaAueUMtgDvcVP77tkngK7U2jfneH85bxBo8LJooenFnVeqNxwc70a8vY-GmOihnbDyAOT-GYwmLMssMP5QYDWNBnnTEmMSm4Dt-OHCvOYRyie82T6Art6PK5miinVsjsvkXpd6g343tmNSg34XMbMqgTIILXB7t6gZqdfnpUNUJ6vLfQvM4s4bYSltEEgTSIwrMUUUbA==

Escriba la llave para desencriptar el texto: lIX2AfP-cyFRNgYgFRf3Sy3uKQ4Hrr4Lvrn12wFGo31=

El texto desencriptado es: Find me and follow me through corridors, refectories and files You must follow, leave this academic factory You'll find me in the matinée, the dark of the matinée It's better in the matinée, the dark of the matinée is mine Yes, it's mine

Stalfos1
  • 1
  • 1
  • What you modified wasn't the key, it was the base64 encoding of the key. The change from '4' to '5' at the end only affects one of the *padding* bits which are discarded anyway. You can review how [base64 encoding works](https://datatracker.ietf.org/doc/html/rfc4648#section-4), paying special attention to the discussion about padding after Table 1. – President James K. Polk Nov 27 '22 at 20:02
  • thank you a lot for the documentation @PresidentJamesK.Polk – Stalfos1 Nov 27 '22 at 21:57

0 Answers0