Score:0

My fernet key "expired" what now?

us flag

6 months ago i created a bot that basically stored every users data in json format in different text files and i had a fernet key. I basically didn't touched it for like 2 months now, because it's a bot for students. So here is the thing, school starts is 15 days, i have 106 accounts which are encrypted using a single fernet key and i can't decode any files because it says that it's corrupted. What can i do?

Eric D avatar
uz flag
I'm not particularly familiar with fernet, but would be strange if it allowed the decryption key to expire. It's possible the data actually got corrupted, or there could be a bug in the code. (NOTE: before you do anything, make a backup of the data so that you don't make things worse during troubleshooting.) Has decryption worked before, or is this the first time you are decrypting this data? If you create new encrypted data now, does it decrypt correctly? Could you share your bot's source code (minus any secrets it might contain)?
Score:0
uz flag

After digging through the fernet source code a bit, it looks like one possibility is that you have a TTL set on the encrypted data.

If you're using Ruby, you can disable the TTL check with the configuration option config.enforce_ttl:

If you're using Go, it looks like you can pass a ttl of 0 into VerifyAndDecrypt:

You might be able to test this theory using the fernet CLI, as it appears to disable the TTL check by default (if I'm interpreting the Ruby code correctly).

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.