BadSignature('Signature is not valid')

georgemarshall / django-cryptography

Easily encrypt data in Django

https://django-cryptography.readthedocs.io/

BSD 3-Clause "New" or "Revised" License

371 stars 70 forks source link

BadSignature('Signature is not valid') #44

Open Romko775 opened 4 years ago

Romko775 commented 4 years ago

After installation & adding to model

class SomeModel(models.Model):
    email = encrypt(models.EmailField())

raises next error

Traceback (most recent call last):
  File "XXX/env/lib/python3.7/site-packages/django_cryptography/core/signing.py", line 223, in unsign
    version, timestamp, value, sig = struct.unpack(fmt, signed_value)
struct.error: bad char in struct format

During handling of the above exception, another exception occurred:

XXX/env/lib/python3.7/site-packages/django_cryptography/core/signing.py", line 225, in unsign
    raise BadSignature('Signature is not valid')

thismatters commented 3 years ago

what version of the library are you using?

Gilwyad commented 3 years ago

I am getting the same error with:

django-cryptography==1.0
cryptography==3.0
Django==3.0.8
djangorestframework==3.11.0

Traceback (most recent call last):
  File ".venv/lib/python3.8/site-packages/django_cryptography/core/signing.py", line 223, in unsign
    version, timestamp, value, sig = struct.unpack(fmt, signed_value)
struct.error: bad char in struct format

  File ".venv/lib/python3.8/site-packages/django_cryptography/core/signing.py", line 225, in unsign
    raise BadSignature('Signature is not valid')
django.core.signing.BadSignature: Signature is not valid

But only because I had legacy, not encrypted data in the database for this field! After I deleted them and created new encrypted values, I no longer get this error! Might be worth adding some helpful hints about this in the error message or documentation.

ademidun commented 3 years ago

After I deleted them and created new encrypted values, I no longer get this error!

How do I do this please? @Gilwyad @thismatters

This is happening in my production database so I can't just delete all data and start from scratch, but I could delete those specific fields because they are currently blank.

Please help, a significant part of my API is non-responsive because of this error.

I've followed along all the different tutorials and I'm still stuck:

thismatters commented 3 years ago

When I experienced this I think the root cause was the python container that I was running in changed the way certain dependencies in the cryptography toolchain were presenting. I fixed the issue by upgrading my application to a more recent python release container (3.8).

Best of luck to you in troubleshooting this issue. Be aware that dependency changes up and down your stack can cause this issue. It likely does not mean that your data has been lost, but just that something changed.

MuhammadShahryiar commented 3 years ago

I am getting this error : FieldError at / Unsupported lookup 'exact' for EncryptedCharField or join on the field not permitted, perhaps you meant exact or iexact?

Can someone please help me solve this?

Thank you.

thismatters commented 3 years ago

@MuhammadShahryiar Please see https://github.com/georgemarshall/django-cryptography/issues/10

Given the nature of data encryption, anything other than isnull is not query-able. This is a side affect of encrypting the data in the first place, as the output will change even when the input does not.

aymaneMx commented 2 years ago

@ademidun any update here on how you solved this issue, please?