diff options
| author | Legrandin <helderijs@gmail.com> | 2013-12-22 22:24:46 +0100 |
|---|---|---|
| committer | Dwayne Litzenberger <dlitz@dlitz.net> | 2014-02-21 23:43:06 -0800 |
| commit | 8dbe0dc3eea5c689d4f76b37b93fe216cf1f00d4 (patch) | |
| tree | 26838a55707ebba81f6fedce36bb64ae1bd4959e /src | |
| parent | 860523d288793d0ebc4867ea0d5234712562bc32 (diff) | |
| download | pycrypto-8dbe0dc3eea5c689d4f76b37b93fe216cf1f00d4.tar.gz | |
Throw exception when IV is used with ECB or CTR
The IV parameter is currently ignored when initializing
a cipher in ECB or CTR mode.
For CTR mode, it is confusing: it takes some time to see
that a different parameter is needed (the counter).
For ECB mode, it is outright dangerous.
This patch forces an exception to be raised.
Diffstat (limited to 'src')
| -rw-r--r-- | src/block_template.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/src/block_template.c b/src/block_template.c index f940e0e..d555ceb 100644 --- a/src/block_template.c +++ b/src/block_template.c @@ -158,6 +158,17 @@ ALGnew(PyObject *self, PyObject *args, PyObject *kwdict) "Key cannot be the null string"); return NULL; } + if (IVlen != 0 && mode == MODE_ECB) + { + PyErr_Format(PyExc_ValueError, "ECB mode does not use IV"); + return NULL; + } + if (IVlen != 0 && mode == MODE_CTR) + { + PyErr_Format(PyExc_ValueError, + "CTR mode needs counter parameter, not IV"); + return NULL; + } if (IVlen != BLOCK_SIZE && mode != MODE_ECB && mode != MODE_CTR) { PyErr_Format(PyExc_ValueError, |