如何从终端输入读取Fernet密钥

Question

这可能不是解决问题的最好方法，但我一直在学习Python，并决定设置一个使用Fernet加密技术保存API_keys的小型本地服务器。

目前，我将加密的随机生成的API_KEY保存到数据库中。

我这样做：

char_num = 24
allchar = string.ascii_letters + string.digits
random_api = "".join(random.choice(allchar) for x in range(char_num))
print("generated api ")
print(random_api)
crypt_key = Fernet.generate_key()
fernet_key = Fernet(crypt_key)
print("------------------------------------------------------------------------------------")
print(crypt_key)
print("------------------------------------------------------------------------------------")
encrypted_api = fernet_key.encrypt(bytes(random_api,encoding="ascii"))
users_cursor.execute('insert into entries values(?,?)',(0,encrypted_api,))
#c.execute('insert into entries values(?,?)',(1,encrypted_api,))

print("Encrypted API")
users_conn.commit()
users_conn.close()

然后，需要由管理＆＃34;管理＆＃34;的任何人保存crypt_key。服务器。然后在启动时，使用input（）

将该值保存为变量值

    print("------------------------------------------------------------------------------------")
crypt_key = input("Input your Crypt key: ")
print("------------------------------------------------------------------------------------")
fernet_key = Fernet(crypt_key)

这可能会产生问题，因为我正在将fernet生成的密钥输入终端。

该密钥稍后用于解密数据库中的值，并与GET REQUEST中输入的api密钥进行比较。

user_conn = sqlite3.connect("users.db")
decrypted_api_key = fernet_key.decrypt(api_key)
legitimity = user_conn.execute("SELECT * FROM ENTRIES WHERE key=?",(key,))
legitimity = legitimity.fetchone()
if legitimity is None:
    return "Wrong API"

示例运行：

生成密钥： b＆＃39; Xxny-xTZ_IJuJMPrgM2BfgZMB4-tR5htqXOwTvNwlcU =＆＃39;

获取请求：＆＃34; GET / submit / number = 31＆amp; key = nSofO4UeYZzDuoiEby08relZ？

我输入终端的密钥： Xxny-xTZ_IJuJMPrgM2BfgZMB4-tR5htqXOwTvNwlcU =

Stack trace:

    Traceback (most recent call last):
  File "/usr/lib64/python3.6/site-packages/flask/app.py", line 1997, in __call__
    return self.wsgi_app(environ, start_response)
  File "/usr/lib64/python3.6/site-packages/flask/app.py", line 1985, in wsgi_app
    response = self.handle_exception(e)
  File "/usr/lib64/python3.6/site-packages/flask/app.py", line 1540, in handle_exception
    reraise(exc_type, exc_value, tb)
  File "/usr/lib64/python3.6/site-packages/flask/_compat.py", line 33, in reraise
    raise value
  File "/usr/lib64/python3.6/site-packages/flask/app.py", line 1982, in wsgi_app
    response = self.full_dispatch_request()
  File "/usr/lib64/python3.6/site-packages/flask/app.py", line 1614, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/usr/lib64/python3.6/site-packages/flask/app.py", line 1517, in handle_user_exception
    reraise(exc_type, exc_value, tb)
  File "/usr/lib64/python3.6/site-packages/flask/_compat.py", line 33, in reraise
    raise value
  File "/usr/lib64/python3.6/site-packages/flask/app.py", line 1612, in full_dispatch_request
    rv = self.dispatch_request()
  File "/usr/lib64/python3.6/site-packages/flask/app.py", line 1598, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "/home/davidv7/Documents/pyDev/primeNumbersServer/main.py", line 131, in submit
    admin_bool = check_for_admin(api_key)
  File "/home/davidv7/Documents/pyDev/primeNumbersServer/main.py", line 93, in check_for_admin
    decrypted_api_key = fernet_key.decrypt(bytes(key,encoding="ascii"))
  File "/usr/lib64/python3.6/site-packages/cryptography/fernet.py", line 74, in decrypt
    timestamp, data = Fernet._get_unverified_token_data(token)
  File "/usr/lib64/python3.6/site-packages/cryptography/fernet.py", line 88, in _get_unverified_token_data
    raise InvalidToken
cryptography.fernet.InvalidToken

我已经了解了这些问题，问题是：

cryptography.fernet.InvalidToken – If the token is in any way invalid, this exception is raised. A token may be invalid for a number of reasons: it is older than the ttl, it is malformed, or it does not have a valid signature.

这让我相信问题甚至不是我以错误的方式将我的密钥输入终端，因为这可能会调用此异常：

TypeError - 如果令牌不是字节

，则引发此异常

我还将提供终端输入的屏幕截图：

我采取的步骤：

1. 检查了流氓空间

当我想到这些东西时，这个列表将来可能会扩展。