defrex/django-encrypted-fields

Incorrect padding error

rurodev opened this issue · 2 comments

I have an EncryptedCharField, max length is 64. If I try to set it to 'ElderslooŰŰŰ', I get Incorrect padding error. But if I set it to 'ElderslooŰŰŰŰ' (one Ű more) then it's ok. It can be invoked simply in django admin.
I looked around in the code (fields.py):

def to_python(self, value):
        if value is None or not isinstance(value, str):
            return value

        if self.prefix and value.startswith(self.prefix):
            value = value[len(self.prefix):]

        try:
            value = self.crypter().decrypt(value)
            #value = value.decode('unicode_escape')
        except keyczar.errors.KeyczarError:
            pass
        except UnicodeEncodeError:
            pass

        return super(EncryptedFieldMixin, self).to_python(value)

to_python is called either from 'from_db_value', or from 'clean'. When it gets called from 'clean' the value is not encoded at all, so there is no reason to call 'value = self.crypter().decrypt(value)'. I'm not familiar with django forms code, so I can't judge why it works this way. Since decryption is not needed, silencing the exception works fine, like this way:

   try:
        value = self.crypter().decrypt(value)
        #value = value.decode('unicode_escape')
    except keyczar.errors.KeyczarError:
        pass
    except UnicodeEncodeError:
        pass
    except binascii.Error:
        pass

I use django-encrypted-fields-python3==1.1.3 and django 1.8.

Same issue here, using django=1.10.5 and django-encrypted-fields-python3==1.1.3

kopf commented

Um... @defrex - is there a release with this bugfix in it?

The last I see on pypi is 1.1.3 - https://pypi.org/project/django-encrypted-fields-python3/#history - which still has this bug in it.

EDIT: nevermind, I just saw #31 (comment)