-1

I am trying to decrypt password run time reading encrypted password from .config file. Decryption is not working when pw coming from config file but working when calling method directly by passing arguments. Code for encryption as below

from Crypto.Cipher import AES  
def main():
   obj = AES.new(b'AbcDefPqrXyzSvcs', AES.MODE_CFB, b'AbcDefPqrXyzSvcs')
   ciphertext = obj.encrypt(b'abc@123')
   print ciphertex

if __name__ == "__main__":main()

and code for decryption

def abc(self, user, pw, somoMoreInfo)
   decr= AES.new(b'AbcDefPqrXyzSvcs', AES.MODE_CFB, b'AbcDefPqrXyzSvcs')
   x= decr.decrypt(pw)

Now when I pass pw to method "abc" via config file which looks like below it is not working.(In code it is converted into dictionary before passing FYI.)

[EndSystem]

user=user

pw=\xaf\xc6m\t\x84\xbd\xbe

but when I am calling method directly like below it is working.

abc("user", "\xaf\xc6m\t\x84\xbd\xbe", "xyz")

Can some one please help what is going wrong when pw coming from dictionary?

zwer
  • 24,943
  • 3
  • 48
  • 66
user5489618
  • 17
  • 6
  • You haven't shown us how you're obtaining the value from your config file. That's where the problem begins... – zwer Dec 10 '17 at 19:41
  • I'm going to assume that the problem is that when reading `"\xaf\xc6m\t\x84\xbd\xbe"` in the config, it takes it to mean the raw string given, which equates to the Python string `'\\xaf\\xc6m\\t\\x84\\xbd\\xbe'`. – Sebastian Mendez Dec 10 '17 at 19:43
  • 1
    You need to convert those escape sequences to bytes. But life would be simpler if you stored the password as hex instead of as escape sequences. – PM 2Ring Dec 10 '17 at 19:43
  • @zwer.. It is simple code which read file and convert into dictionary. And dictionary value is being used through out the application. I have no issue passing plain text password. It is populating correctly. Getting issue when I use encrypted one. – user5489618 Dec 10 '17 at 19:43
  • @Sebastian... you are correct.. It is taking value as "\\xaf\\xc6m\\t\\x84\\xbd\\xbe" – user5489618 Dec 10 '17 at 19:45
  • How about you post that _simple code_? You're loading the `\x` encoded bytes as string literals and that's why you're experiencing your problem. – zwer Dec 10 '17 at 19:45
  • 1
    @user5489618 well there's your problem. You need to un-escape your string. See [this answer](https://stackoverflow.com/a/14820462/4418475). – Sebastian Mendez Dec 10 '17 at 19:47
  • @zwer plain text password is working but issue occurs when passing encrypted one. – user5489618 Dec 10 '17 at 19:47

1 Answers1

0

We are aware what's the problem, I was asking you to post the code you use to obtain your encrypted password from the config file, but since you're insistent on not doing that then try doing this:

# under the assumption that your config is in a dict called `config`

abc(config["pw"].decode("string_escape"))
# Python 3.x: abc(bytes(config["pw"], "ascii").decode("unicode_escape"))
zwer
  • 24,943
  • 3
  • 48
  • 66
  • This operation is a little trickier in Python 3. You can't just use "unicode_escape", since text strings don't have a decode method. So you need to either read the config file in binary mode, or do the conversion in several stages, eg if `pw` contains `r'\xaf\xc6m\t\x84\xbd\xbe'` you'd do something like `pw_bytes = pw.encode('latin1').decode('unicode-escape').encode('latin1')` to get the `bytes` object required by the AES key function. The 1st stage could also be safely done with `.encode('ascii')` – PM 2Ring Dec 10 '17 at 20:01