You're generating a new salt on every invocation of encryptMAIN, which means that a different key is used when you encrypt and decrypt.
On Wed, Feb 22, 2017 at 1:29 PM, Salvador Munguia via Cryptography-dev < cryptography-dev@python.org> wrote: > Original Data: > gAAAAABYrP0tuwZsZ2D5v-r7O6NyGDpp3-TeiEwGRy-HCZg6eWWzfGpr0teeZ3iOeI7YQlfE- > xNr1cZLRUVQj2rgNcNS6rbJ > > Encrypted Data: > gAAAAABYrdhsLhqsuFlsPn72AvzwXAT-_wJDQIIOzl5oFyoPzSrmmDbURiPRdTD > fc_FqlOpTO0zGmedlyeY8xJp1_0D-2dwOh8VUs-0ncH604Zc38LKg7eZBJgIvSAByWMzJ > -HagvTIC2FzQZW7xSJbHgXaI-p6kvbOKrRcZiwLvwyZOCJ1ivyrj1kD > px06-jTLgZVD4VsWE7gHwQo2o4mj1_HtMRZevoA== > > Traceback (most recent call last): > File "tmp2.py", line 49, in <module> > dout = encryptMAIN(e_out,'') > File "tmp2.py", line 31, in encryptMAIN > return f.decrypt(data) > File "/usr/lib/python2.7/dist-packages/cryptography/fernet.py", line > 110, in decrypt > raise InvalidToken > cryptography.fernet.InvalidToken > > > This is the code I am using: > #!/usr/bin/python > > import zlib,MySQLdb,os,sys,urllib,re > import os,hashlib,base64 > from cryptography.fernet import Fernet > from cryptography.hazmat.backends import default_backend > from cryptography.hazmat.primitives import hashes > from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC > from Crypto.Cipher import AES > from pbkdf2 import PBKDF2 > > > > > > def encryptMAIN(data,fun): > password = b"this is the password!" > salt = os.urandom(16) > kdf = PBKDF2HMAC( > algorithm=hashes.SHA256(), > length=32, > salt=salt, > iterations=100000, > backend=default_backend() > ) > key = base64.urlsafe_b64encode(kdf.derive(password)) > f = Fernet(key) > if(fun == 'encrypt'): > return f.encrypt(b"%s" % (data)) > else: > return f.decrypt(data) > > def encryptDATA(data): > cipher = encryptMAIN(data,'encrypt') > return cipher > > def decryptDATA(data): > decoded = encryptMAIN(data,'') > return decoded > > string = "gAAAAABYrP0tuwZsZ2D5v-r7O6NyGDpp3-TeiEwGRy- > HCZg6eWWzfGpr0teeZ3iOeI7YQlfE-xNr1cZLRUVQj2rgNcNS6rbJ" > > e_out = encryptMAIN(string,'encrypt') > > > print "Original Data: " + string > print "Encrypted Data: " + e_out > > dout = encryptMAIN(e_out,'') > > print "Decrypted Data: " + d_out > > > > > > > _______________________________________________ > Cryptography-dev mailing list > Cryptography-dev@python.org > https://mail.python.org/mailman/listinfo/cryptography-dev > > -- "I disapprove of what you say, but I will defend to the death your right to say it." -- Evelyn Beatrice Hall (summarizing Voltaire) "The people's good is the highest law." -- Cicero GPG Key fingerprint: D1B3 ADC0 E023 8CA6
_______________________________________________ Cryptography-dev mailing list Cryptography-dev@python.org https://mail.python.org/mailman/listinfo/cryptography-dev
