Salt remains the same across sessions

For Fernet to work correctly, the salt must be the same when re-encrypting the project after a successful decryption. This is because the key for decryption and encryption must be the same during a single session. So if the project was decrypted with one salt, the we want to generate a new salt to re-encrypt the file with a new key, Fernet will cough up an exception. Presumably this problem won't exist with other crypto-systems (e.g. AES-GCM).
8 years ago · c5fe21719a
parent 04f3ac3199
commit c5fe21719a
1 changed files with 1 additions and 0 deletions
--- a/pappyproxy/crypto.py
+++ b/pappyproxy/crypto.py
@ -101,6 +101,7 @@ class Crypto(object):
                    # Quit pappy if user doesn't retry
                    # or if all retries exhuasted
                    if not self.confirm_password_retry() or retries <= 0:
+                        os.remove(self.config.archive)
                        return False
                    else:
                        self.password = None