Hi
I am a new user of py-cryptography. I am finding that even the encrypted
token is modified at end, it still decrypts OK. How so?
Here is a test script
from cryptography.fernet import Fernet
f = Fernet( Fernet.generate_key() )
word = b"very secret thing"
print("encrypting...", word)
token = f.encrypt( word )
print("decrypting...", len(token), token,)
reword = f.decrypt( token )
print("works as expected" if reword == word else "oops!")
modtoken = str.encode( token.decode() + "?abcd." )
print("modified token, appended stuff")
print("decrypting...", len(modtoken), modtoken)
reword = f.decrypt( modtoken )
print("whoops! still decrypts ok" if reword == word else "good boy!")
and the output was
encrypting... b'very secret thing'
decrypting... 120
b'gAAAAABb3TIJLCgbVdq-CgQ3V7V3eehQ02h_O70iZkCjd6KCU9GsErog-c-LluWITQg5lTsp5ldoTc0J_XdFCd-jhoJPOYAKyQbzbHDJZKTGORIJSflO1do='
works as expected
modified token, appended stuff
decrypting... 126
b'gAAAAABb3TIJLCgbVdq-CgQ3V7V3eehQ02h_O70iZkCjd6KCU9GsErog-c-LluWITQg5lTsp5ldoTc0J_XdFCd-jhoJPOYAKyQbzbHDJZKTGORIJSflO1do=?abcd.'
whoops! still decrypts ok
Is this expected behavior? If so, how do I check if the token is not
modified between encrypt and decrypt?
python 3.6.6 on ubuntu under WSL
Regards
Dinesh
_______________________________________________
Cryptography-dev mailing list
Cryptography-dev@python.org
https://mail.python.org/mailman/listinfo/cryptography-dev
