Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ekey includes $ since version 0.3 #18

Open
wittfabian opened this issue Sep 29, 2018 · 8 comments
Open

ekey includes $ since version 0.3 #18

wittfabian opened this issue Sep 29, 2018 · 8 comments

Comments

@wittfabian
Copy link

Hello,
I updated to version 0.3 today.
Since then, the ekey has a $ at the beginning.

Example: $C8qooWqMNv8aC2Zrnl7j1A

Python: 2.7
Django: 1.11
django-encrypted-id: 0.3.0
@wittfabian
Copy link
Author

?

@jatinderjit
Copy link
Collaborator

The dollar sign has been removed in 0.31. Please update to that.

This will still decrypt older versions, including 0.3 (with dollar sign) and 0.2x (without dollar sign).
But the ekey produced will be different.

@wittfabian
Copy link
Author

Is there documentation available - general and for regex?

@wittfabian
Copy link
Author

wittfabian commented Jul 7, 2020
edited
Loading

Hi,
version 0.3.0 can not decrypt ekeys from version 0.2.0.

In decode(e, sub_key) the variable the_id has the right value, but crc != expected_crc is true.

@amitu
Copy link
Owner

amitu commented Jul 8, 2020

@jatinderjit, can you look at this please.

@wittfabian
Copy link
Author

wittfabian commented Jul 10, 2020
edited
Loading

Without this if, keys from version 0.2.0 are also correctly evaluated in 0.3.X.

            if version == 0:
                expected_crc = binascii.crc32(bytes(the_id)) & 0xffffffff
            else:
                id_str = str(the_id).encode('utf-8')
                expected_crc = binascii.crc32(id_str) & 0xffffffff

Keys from version 0.2.0 return the wrong version in line 84.
https://github.com/amitu/django-encrypted-id/blob/master/encrypted_id/__init__.py#L84

@wittfabian
Copy link
Author

Any updates here?

@jatinderjit
Copy link
Collaborator

jatinderjit commented Oct 22, 2020
edited
Loading

Hey @wittfabian, sorry for such a late response.

If I understood correctly:

  1. You generated an encrypted id using version 0.2.0
  2. And then tried decrypting that encrypted key using version 0.3.x

If this is what you are trying to do, then I couldn't reproduce it.

SECRET_KEY = "34v*r6xdx^4o0_je66&yp48934&p77d3!dvy-8(s(ear3x1yvr"

encode(123, "abc") == "GOX-Z9nNStjer4tMHaeKZw"  # Version 0.2.0
encode(123, "abc") == "$F7joJ5OUm1IfKyfjBaO2TA"   # Version 0.3.0
encode(123, "abc") == "Rrh_U6BkP01CMZ3r1vYZZQ"  # Version 0.3.1, 0.3.2, 0.3.3

decode("GOX-Z9nNStjer4tMHaeKZw", "abc") == 123  # all versions
decode("$F7joJ5OUm1IfKyfjBaO2TA", "abc") == 123  # Version 0.3.0+
decode("Rrh_U6BkP01CMZ3r1vYZZQ", "abc") == 123  # Version 0.3.1+

Each version should be able to decode the keys generated by the previous versions.
If this is not working for you, can you please provide some more details so that I can reproduce this?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@amitu @jatinderjit @wittfabian