Trying to encrypt

Question

Disclaimer: I'm not that good at python so sorry if this is some simple problem I cant see.

Basically I wanted to make a login and sign up system that stores the username and password in a text file, then I want to encrypt the data in that file. I've never done encryption before so I took the code from online for the login and sign up system to test and try it out. I got tons of errors that i have never seen before so I just want some help. I have not done the decryption yet(if that even matters). Sorry if i pasted too much I just have no clue how to fix this. The encryption part is the def Encryption(): and I implement it in def FSSignup():.

from cryptography.fernet import Fernet
from tkinter import *
import os

creds = 'tempfile.temp' #

def Signup():
    global pwordE
    global nameE
    global roots

    roots = Tk()
    roots.title('Signup')
    intruction = Label(roots, text='Please Enter new Credidentials\n')
    intruction.grid(row=0, column=0, sticky=E)

    nameL = Label(roots, text='New Username: ')
    pwordL = Label(roots, text='New Password: ')
    nameL.grid(row=1, column=0, sticky=W)
    pwordL.grid(row=2, column=0, sticky=W)

    nameE = Entry(roots)
    pwordE = Entry(roots, show='*')
    nameE.grid(row=1, column=1)
    pwordE.grid(row=2, column=1)

    signupButton = Button(roots, text='Signup', command=FSSignup)
    signupButton.grid(columnspan=2, sticky=W)
    roots.mainloop()

def Encryption():
    file = open('Encryption.txt', 'rb' )
    key = file.read()
    file.close()

    with open('tempfile.temp', 'rb') as f:
        data = f.read()

    fernet = Fernet(key)
    encrypted = fernet.encrypt(data)

    with open('tempfile.temp.encrypted', 'wb') as f:
        f.write(encrypted)

def FSSignup():
    with open(creds, 'w') as f:
        f.write(nameE.get())
        f.write('\n')
        f.write(pwordE.get())
        f.close()

    Encryption()
    roots.destroy()
    Login()

def Login():
    global nameEL
    global pwordEL
    global rootA

    rootA = Tk()
    rootA.title('Login')

    intruction = Label(rootA, text='Please Login\n')
    intruction.grid(sticky=E)

    nameL = Label(rootA, text='Username: ')
    pwordL = Label(rootA, text='Password: ')
    nameL.grid(row=1, sticky=W)
    pwordL.grid(row=2, sticky=W)

    nameEL = Entry(rootA)
    pwordEL = Entry(rootA, show='*')
    nameEL.grid(row=1, column=1)
    pwordEL.grid(row=2, column=1)

    loginB = Button(rootA, text='Login', command=CheckLogin)
    loginB.grid(columnspan=2, sticky=W)

    rmuser = Button(rootA, text='Delete User', fg='red', command=DelUser)
    rmuser.grid(columnspan=2, sticky=W)
    rootA.mainloop()

def CheckLogin():
    with open(creds) as f:
        data = f.readlines()
        uname = data[0].rstrip()
        pword = data[1].rstrip()

    if nameEL.get() == uname and pwordEL.get() == pword:
        r = Tk()
        r.title(':D')
        r.geometry('150x50')
        rlbl = Label(r, text='\n[+] Logged In')
        rlbl.pack()
        r.mainloop()
    else:
        r = Tk()
        r.title('D:')
        r.geometry('150x50')
        rlbl = Label(r, text='\n[!] Invalid Login')
        rlbl.pack()
        r.mainloop()

def DelUser():
    os.remove(creds)
    rootA.destroy()
    Signup()

if os.path.isfile(creds):
    Login()
else: 
    Signup()

Here are the errors I have no clue what are.

Exception in Tkinter callback:

Traceback (most recent call last): File "C:\Users\admin\AppData\Local\Programs\Python\Python37-32\lib\tkinter__init__.py", line 1702, in call return self.func(*args)

File "C:\Users\admin\Desktop\Py1A\SignUpSystem\Thing123.py", line 52, in FSSignup Encryption()

File "C:\Users\admin\Desktop\Py1A\SignUpSystem\Thing123.py", line 39, in Encryption fernet = Fernet(key)

File "C:\Users\admin\AppData\Local\Programs\Python\Python37-32\lib\site-packages\cryptography\fernet.py", line 35, in init key = base64.urlsafe_b64decode(key)

File "C:\Users\admin\AppData\Local\Programs\Python\Python37-32\lib\base64.py", line 133, in urlsafe_b64decode return b64decode(s)

File "C:\Users\admin\AppData\Local\Programs\Python\Python37-32\lib\base64.py", line 87, in b64decode return binascii.a2b_base64(s)

binascii.Error: Incorrect padding

This happens right after I sign up and it attempts to encrypt the new username and password.

Please note that since you're storing both the key and the ciphertext, this would be *trivial* for an attacker to break if he got access to your computer. The standard method is to store a *cryptographic hash* of the password instead. Such hash functions are impossible to reverse. So even if an attacker knew the hash, he doesn't know the password. A login is succesful if the stored hash equals the hash of the given login password. A good hash function to use is e.g. `hashlib.sha512`. — Roland Smith, Aug 10 '19 at 08:29

Subhash · Answer 1 · 2019-08-10T05:53:56.020

Looks like something is wrong with your Fernet key. What are the contents of your Encryption.txt file?

This is the line throwing the error:

fernet = Fernet(key)

The key is being read from Encryption.txt and I suspect it is invalid.

To check if this hypothesis is true, simply replace the line with:

fernet = Fernet.generate_key()

If everything works, then the key (in bytes) in the file Encryption.txt is incorrect. You can generate a new key with Fernet.generate_key() and place it in there.

>>> key = Fernet.generate_key()
>>> key
b'ZmDfcTF7_60GrrY167zsiPd67pEvs0aGOv2oasOM1Pg='

As noted by Hans in the comments, it may be that you are trying to open the file in binary, while it is simply a text file. To check if that is the error, read the file simply as a text file by removing the b from rb, like so:

file = open('Encryption.txt', 'r')

The problem seems to be that you read Encryption.txt as a binary file, but according to the extension it's likely a text file containing the base64 encoded key. — Hans-Martin Mosner, Aug 10 '19 at 05:49
Nice catch, @Hans-MartinMosner. Let me update this into my answer. — Subhash, Aug 10 '19 at 05:50

Trying to encrypt

1 Answers1