0

I'm using the following PHP code to encrypt a password and then saving it into a database, I need to be able to decrypt it using Python.

I am successful in decrypting it using PHP but unable to find away of doing so using Python(I'm using version 2.7.9 if it matters).. 

$mypass = "somepassword"
$encryptionMethod = "AES-256-CBC";  
$secretHash = "25c6c78835b7479b151f2136cd888777";

$encpass = openssl_encrypt($mypass, $encryptionMethod, $secretHash);

I have no issues opening and reading from the DB, my only problem is the decryption portion. Any suggestions would be welcome, thanks.

Scott Arciszewski
  • 33,610
  • 16
  • 89
  • 206
badatz
  • 53
  • 8
  • 4
    Have you tried anything? [let me give you a point in the right direction](https://stackoverflow.com/questions/16761458/how-to-aes-encrypt-decrypt-files-using-python-pycrypto-in-an-openssl-compatible) – Torxed Apr 15 '16 at 17:30
  • Why would one want to do this? Encrypting a password like that is like building a castle and then hiring a little boy to scare of those who enter through the drawbridge one is convinced to leave open at the time of an attack... – arkascha Apr 15 '16 at 17:35
  • Does this help? http://stackoverflow.com/q/16761458/535275 – Scott Hunter Apr 15 '16 at 17:38
  • 2
    You should never encrypt your user's passwords. You need to use hashing instead with some strong ones being PBKDF2, bcrypt, scrypt and Argon2. Since hash functions are one-way function, you won't be able to "decrypt" the hashes. In order to authenticate your user, you can run the password through the hash function again in order to compare with the hash that is stored in the database. See more: [How to securely hash passwords?](http://security.stackexchange.com/q/211/45523) – Artjom B. Apr 15 '16 at 17:43

1 Answers1

0

Finally found a solution... The code below seems to be working, I'm sure there is a more efficent way of doing that but for now it's doing what I need it to do... Hoping this will help someone else in the future. Please keep in mind it's not a secure way to protect data! 

#!/usr/bin/python
from Crypto.Cipher import AES
import base64
import os
def decryption(encryptedString):
    PADDING = '{'
    DecodeAES = lambda c, e: c.decrypt(base64.b64decode(e)).rstrip(PADDING)
    #Key is FROM the printout of 'secret' in encryption
    #below is the encryption.
    encryption = encryptedString
    key = "25c6c78835b7479b151f2136cd888777"
    cipher = AES.new(key)
    decoded = DecodeAES(cipher, encryption)
    #print decoded
    return decoded

enc_message = "p7OslgBJ5RlTBDG4ZD8HEA"  # in my case it will be the data from the database
enc_message = enc_message + "=="
data = decryption(enc_message)
data = data.rstrip()
print data
badatz
  • 53
  • 8