[Cryptography-dev] Type error using CBC IV

Thu Jun 14 20:33:31 EDT 2018

Just looking at the code here, are you sure the `key` is a bytes object?

Alex

On Thu, Jun 14, 2018 at 5:30 PM Fennell, Felix W. <felnne at bas.ac.uk> wrote:

> Hi,
>
> I'm not sure if this the best place to ask for support using Cryptography,
> apologies if it isn't.
>
> I am trying to recover and decrypt some data encrypted using Blowfish. I
> have sample code in PHP which works but I am unable to translate it into
> Python, which is needed for the end goal of this project.
>
> My issue seems to stem from the IV value used not being the right type and
> I seem unable to convert the IV I've been given into the correct type.
>
> My code so far is here [1]
>
> The output I get is here [2], the main error being:
>
> "TypeError: initializer for ctype 'unsigned char *' must be a bytes or
> list or tuple, not str"
>
> My debug line [3] says that the IV is 'bytes' and not a 'str' so I'm not
> sure what is causing this error.
>
> I briefly experimented with the ctypes library to convert the IV but this
> got me no further.
>
> In searching this error I found numerous cases where the cause was passing
> a string instead of bytes, solved by calling 'encode('utf8') or similar -
> but I believe I've already accounted for this by using b'value' rather than
> just 'value'. I did also try using a normal string and calling encode but
> it made no difference.
>
> I also experimented using 'os.urandom(32)' to generate a value just to
> check something would work. It did but I got an error about the wrong
> length (which makes sense), however the 'type(iv)' debug line said this was
> 'bytes' as well so I'm not sure how my 'bytes' is different.
>
> If useful, I am using Python 3.6 (through the official Docker image) and
> Cryptography 2.2.2.
>
> Have I missed something completely obvious with this?
>
> I'm aware the choice of IV is not secure, and that Blowfish is deprecated.
> Part of this project is to move to a newer encryption method but I need to
> be able to read the existing data first.
>
> Any help would be very gratefully received.
>
> Thanks,
> Felix.
>
> [1] https://gist.github.com/felnne/b399a0918960696aca5c4324392a72f7
>
> [2]
> https://gist.github.com/felnne/b399a0918960696aca5c4324392a72f7#gistcomment-2619903
>
> [3]
> https://gist.github.com/felnne/b399a0918960696aca5c4324392a72f7#file-main-py-L8
>
>
> ________________________________
>  This message (and any attachments) is for the recipient only. NERC is
> subject to the Freedom of Information Act 2000 and the contents of this
> email and any reply you make may be disclosed by NERC unless it is exempt
> from release under the Act. Any material supplied to NERC may be stored in
> an electronic records management system.
> ________________________________
> _______________________________________________
> Cryptography-dev mailing list
> Cryptography-dev at python.org
> https://mail.python.org/mailman/listinfo/cryptography-dev
>

-- 
"I disapprove of what you say, but I will defend to the death your right to
say it." -- Evelyn Beatrice Hall (summarizing Voltaire)
"The people's good is the highest law." -- Cicero
GPG Key fingerprint: D1B3 ADC0 E023 8CA6
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/cryptography-dev/attachments/20180614/b478bb83/attachment.html>