Search code examples
pythonencryptionaessha256

Decrypt a encrypted secret using PyCrypto AES & sha256

I have a encrypted message in a file, encrypted by the following code. I wrote a function to decrypt this message. I know the password used to encrypt it.

But I got the following error:

python3 decrypt.py enim_msg.txt 
Traceback (most recent call last):
  File "decrypt.py", line 45, in <module>
    print(":: Decrypted: \n" + bytes.decode(decrypted))
UnicodeDecodeError: 'utf-8' codec can't decode byte 0x88 in position 2: invalid start byte

How can I fix this problem pls ? Is My decrypt function wrong ?

My code :

Encrypt function

import os
from Crypto import Random
from Crypto.Cipher import AES
from Crypto.Hash import SHA256

def encrypt(key, filename):
    chunksize = 64*1024
    outputFile = "en" + filename
    filesize = str(os.path.getsize(filename)).zfill(16)
    IV = Random.new().read(16)

    encryptor = AES.new(key, AES.MODE_CBC, IV)

    with open(filename, 'rb') as infile:
        with open(outputFile, 'wb') as outfile:
            outfile.write(filesize.encode('utf-8'))
            outfile.write(IV)

            while True:
                chunk = infile.read(chunksize)

                if len(chunk) == 0:
                    break
                elif len(chunk) % 16 != 0:
                    chunk += b' ' * (16 - (len(chunk) % 16))

                outfile.write(encryptor.encrypt(chunk))

def getKey(password):
    hasher = SHA256.new(password.encode('utf-8'))
    return hasher.digest()

Decrypt function I wrote

def decrypt(enc, password):
    #print(":: enc => " + enc)
    private_key = hashlib.sha256(password.encode("utf-8")).digest()
    iv = enc[:16]
    cipher = AES.new(private_key, AES.MODE_CBC, iv)

    return cipher.decrypt(enc[16:])

How I call this function

password = "azerty123"
secret_file_path = sys.argv[1]

the_file = open(secret_file_path, "rb")
encrypted = the_file.read()
decrypted = decrypt(encrypted, password)
the_file.close()

print(":: Decrypted: \n" + bytes.decode(decrypted))
Solution

  • The bytes.decrypt() function by default expects an UTF-8 encoded string. But not every sequence of bytes is a valid UTF-8 sequence. In your case cipher.decrypt() (which may return any sequence of bytes) returned a byte-sequence, which is not a valid UTF-8 sequence. Thus the bytes.decode() function raised an error.

    The actual reason why cipher.decrypt() returned a non-UTF-8 string is a bug in your code:

    Your encrypted file format contains non-utf-8 data. Its format is like:

    • 16 bytes len info (unencrypted, UTF-8 encoded)
    • 16 bytes IV (unencrypted, binary i.e. non-UTF-8 encoded)
    • n bytes payload (encrypted, UTF-8 encoded)

    You have to ensure that on decryption you only decode parts of your file, that are UTF-8 encoded. Furthermore you have to ensure that you decrypt only encrypted parts of your file (as mentioned in your comments)