我正在python flask& amp;使用pycrypto库的AES算法。在注册网页中,我正在保存加密的密码和电子邮件。文本文件中的加密密钥。在登录页面中,我使用下面的代码
比较输入的pwd和解密的密码def decryption(encryptedString,key_from_file):
PADDING = '{'
DecodeAES = lambda c, e: c.decrypt(base64.b64decode(e)).rstrip(PADDING)
#Key is FROM the printout of 'secret' in encryption
#below is the encryption.
encryption = encryptedString
key = key_from_file
cipher = AES.new(key) #### error comes here
decoded = DecodeAES(cipher, encryption)
return decoded
def login():
if request.method == 'GET':
return render_template('login.html')
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
d2 = pandas.read_csv("Employee_Info.txt",header=0)
search_id = d2[d2['email'] == username]
pdb.set_trace()
if search_id.empty:
error = "username does not exists"
return render_template('login.html', error = error)
else:
pwd_from_file=search_id.iloc[0]['pwd']
key_from_file=search_id.iloc[0]['key']
if decryption(pwd_from_file,key_from_file) == password:
print "matching password"
else:
print "mismatch"
但我收到的错误为ValueError: AES key must be 16,24 or 32 bytes long.
文本文件包含以下字段:
id,email,pwd,key
qq,qq,h4vvEPuVNwjw22yJKz8QGg==,xéðjŸ¸AOݬ‡
答案 0 :(得分:1)
您将密钥存储在原始Unicode字节中,因此可能存在序列化/反序列化错误。在存储到文件中之前,用十六进制或Base64编码原始密钥字节,然后在初始化密码之前转换回raw。
注意:将密钥存储在凭据数据存储中非常糟糕,加密密码以进行凭据验证也非常糟糕。请查看Why should I hash passwords和How to securely hash passwords以获取更多信息。