1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<TITLE> [pycrypto] AES decrypting issues
</TITLE>
<LINK REL="Index" HREF="index.html" >
<LINK REL="made" HREF="mailto:pycrypto%40lists.dlitz.net?Subject=%5Bpycrypto%5D%20AES%20decrypting%20issues&In-Reply-To=4ACCBC96.2000607%40co.marshall.ia.us">
<META NAME="robots" CONTENT="index,nofollow">
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="000133.html">
<LINK REL="Next" HREF="000135.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[pycrypto] AES decrypting issues</H1>
<B>Dwayne C. Litzenberger</B>
<A HREF="mailto:pycrypto%40lists.dlitz.net?Subject=%5Bpycrypto%5D%20AES%20decrypting%20issues&In-Reply-To=4ACCBC96.2000607%40co.marshall.ia.us"
TITLE="[pycrypto] AES decrypting issues">dlitz at dlitz.net
</A><BR>
<I>Wed Oct 7 21:52:53 CST 2009</I>
<P><UL>
<LI>Previous message: <A HREF="000133.html">[pycrypto] AES decrypting issues
</A></li>
<LI>Next message: <A HREF="000135.html">[pycrypto] AES decrypting issues
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#134">[ date ]</a>
<a href="thread.html#134">[ thread ]</a>
<a href="subject.html#134">[ subject ]</a>
<a href="author.html#134">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>On Wed, Oct 07, 2009 at 11:06:46AM -0500, Mike Driscoll wrote:
><i>Hi,
</I>><i>
</I>><i>I am working on a project where I need to decrypt some data that has
</I>><i>been encrypted with AES. Our webmaster gave me a PHP example that he
</I>><i>uses, but I'm supposed to use Python. Here's the PHP code:
</I>><i>
</I>><i>$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
</I>><i>$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
</I>><i>return rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key,
</I>><i>$data,MCRYPT_MODE_ECB, $iv),"\0");
</I>
ECB is insecure. See the example at:
<A HREF="http://en.wikipedia.org/w/index.php?title=Block_cipher_modes_of_operation&oldid=312409841#Electronic_codebook_.28ECB.29">http://en.wikipedia.org/w/index.php?title=Block_cipher_modes_of_operation&oldid=312409841#Electronic_codebook_.28ECB.29</A>
To decrypt using ECB mode, you define a function like this:
from Crypto.Cipher import AES
def decrypt_my_data(key, data):
if len(key) not in (16, 24, 32):
raise ValueError("Key must be 16, 24, or 32 bytes")
if (len(data) % 16) != 0:
raise ValueError("Message must be a multiple of 16 bytes")
cipher = AES.new(key, AES.MODE_ECB)
return cipher.decrypt(data)
To decrypt using CBC mode (which is better than using ECB mode, but of
course the sender also has to use CBC mode):
from Crypto.Cipher import AES
def decrypt_my_data(key, data, iv):
if len(key) not in (16, 24, 32):
raise ValueError("Key must be 16, 24, or 32 bytes")
if (len(data) % 16) != 0:
raise ValueError("Message must be a multiple of 16 bytes")
if len(iv) != 16:
raise ValueError("IV must be 16 bytes")
cipher = AES.new(key, AES.MODE_ECB, iv)
return cipher.decrypt(data)
><i>I've been told on c.l.py that the iv in this case should be 16 bytes.
</I>><i>
</I>><i>I tried following the example on this blog by modifying it as needed:
</I>><i>
</I>><i><A HREF="http://www.codekoala.com/blog/2009/aes-encryption-python-using-pycrypto/">http://www.codekoala.com/blog/2009/aes-encryption-python-using-pycrypto/</A>
</I>
Beware: Whoever wrote that doesn't know the difference between the cipher
block size and the size of the key, and he uses ECB mode.
><i>But no matter which base64 decode method I use, I get some kind of
</I>><i>error: b32decode, b64decode and decodestring all return a padding error
</I>><i>whereas b16decode claims that I don't have only 16-bit characters in my
</I>><i>data string.
</I>
Base64 has nothing to do cryptography. It just turns binary to printable
ASCII and back:
>>> import base64
>>> x = base64.encodestring("This string contains the unprintable \x00 byte")
>>> print x
VGhpcyBzdHJpbmcgY29udGFpbnMgdGhlIHVucHJpbnRhYmxlIAAgYnl0ZQ==
>>> base64.decodestring(x)
'This string contains the unprintable \x00 byte'
Cheers,
- Dwayne
--
Dwayne C. Litzenberger <<A HREF="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">dlitz at dlitz.net</A>>
Key-signing key - 19E1 1FE8 B3CF F273 ED17 4A24 928C EC13 39C2 5CF7
</PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message: <A HREF="000133.html">[pycrypto] AES decrypting issues
</A></li>
<LI>Next message: <A HREF="000135.html">[pycrypto] AES decrypting issues
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#134">[ date ]</a>
<a href="thread.html#134">[ thread ]</a>
<a href="subject.html#134">[ subject ]</a>
<a href="author.html#134">[ author ]</a>
</LI>
</UL>
<hr>
<a href="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">More information about the pycrypto
mailing list</a><br>
</body></html>
|