0

I'm writing a password manager program, and I need to store an encrypted string in a file. (The "service" variable) When the user needs to retrieve the information, they enter the same string as before. When I encrypt the same string, I get a different output. I've checked multiple times, and the string is the same. Anyone know of a fix for this?

Code I'm using to encrypt and write to the file:

def new_account(service, username, password, filepath, key):
    # Encrypting the account details #
    encrypted_service = key.encrypt(bytes(service, "utf-8"))
    encrypted_username = key.encrypt(bytes(username, "utf-8"))
    encrypted_password = key.encrypt(bytes(password, "utf-8"))

    encrypted_service = encrypted_service.decode("utf-8")
    encrypted_username = encrypted_username.decode("utf-8")
    encrypted_password = encrypted_password.decode("utf-8")

    password_file = open(f"{filepath}\passwords.txt", "a")
    password_file.close()
    password_file = open(f"{filepath}\passwords.txt", "r")
    password_file_content = password_file.read()
    password_file.close()
    password_file = open(f"{filepath}\passwords.txt", "a")

    if f"{encrypted_service},{encrypted_username},{encrypted_password}" in password_file_content:
        password_file.close()
        return("The account already exists.")
    else:
        password_file.write(f"{encrypted_service},{encrypted_username},{encrypted_password}\n")
        password_file.close()
    
    return f"Account saved for {service.title()} with username {username} and password {password}."

Code I'm using to retrieve the information:

# The account retrieval function #
def get_account(service, filepath, key):
    encrypted_service = key.encrypt(bytes(service, "utf-8"))
    encrypted_service = encrypted_service.decode("utf-8")
    password_file = open(f"{filepath}\passwords.txt")
    lines = password_file.read().split("\n")
    word = f"{encrypted_service}"

    # Getting the line with the account details #
    for i in lines:
        index = lines.index(i)
        myline = lines[index]

        encrypted_account_content = myline.split(",")
        print(encrypted_account_content)
        print(f"service is: {encrypted_service}")


        if encrypted_account_content.count(encrypted_service) != 0:    
            # Decrypting the account details #
            username = encrypted_account_content[1]
            decrypted_username = key.decrypt(bytes(username, "utf-8"))
            decrypted_username = decrypted_username.decode("utf-8")
            password = encrypted_account_content[2]
            decrypted_password = key.decrypt(bytes(password, "utf-8"))
            decrypted_password = decrypted_password.decode("utf-8")

            return f"Service: {service.title()}\nUsername: {decrypted_username}\nPassword: {decrypted_password}"
        else:
            return "Account not found. Please try again."
Improve this question
10
  • 1
    I am failing to understand the problem. Is it retrieval that returns broken data? Also, what library/algorithms are you using? Commented Jul 16, 2021 at 17:56
  • It would help to write a smaller working test function. You don't need multiple things to encrypt or that open a file only to close it stuff. Ideally, the test program will not use a file at all. Just a script that encodes and decodes that demonstrates the same error. Commented Jul 16, 2021 at 18:00
  • I'm using the Python Cryptography library Commented Jul 16, 2021 at 18:03
  • encrypted_service = encrypted_service.decode("utf-8") ... isn't this an encrypted bytes string? Nothing says its valid UTF-8. If you want to store bytes as a string in a file, something like a hex encoding is a good idea. encrypted_service = key.encrypt(bytes(service, "utf-8")).hex() for example. Commented Jul 16, 2021 at 18:04
  • When I encrypt the same string, I get a different output Show us a complete example, that we can run ourselves, that demonstrates this behavior. As it is, you've shown us some function definitions, but you haven't shown us examples of how those functions are used. Commented Jul 16, 2021 at 18:05

1 Answer 1

Reset to default
1

Any proper encryption will use randomization, so that the result will always be different, and you won't be able to tell that the plaintext was the same. That's needed to achieve semantic security. In practice, initialization vectors and modes of operation like CBC or CTR are used. The cryptography library you're using does it out of the box (with CBC mode).

You will either have to store service as a plaintext, which shouldn't significantly reduce the overall security, or decrypt each service field in order to find the needed record.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.