Comments (8)
[deleted comment]
from slowaes.
[deleted comment]
from slowaes.
I started using this module and it seems to me that padding is absolutely
necessary
for CBC mode. Otherwise you have to store the length of the original message,
which
is a bad idea. So I added some high level functions complete with tests that
include
padding/depadding. This required one change in the original code that looks for
"originalsize", which is now just passed in as None.
Also, I'm wondering why "size" (keysize) is an argument to
AESModeOfOperation.encrypt/decrypt since it can be determined from the key
itself.
Am I missing something here?
The functions I added simplify usage. An example:
key = aes.generateRandomKey()
cipher = aes.encryptData(key, plaintext_data)
decoded_message = aes.decryptData(key, cipher)
I attached an svn diff.
-Randall
Original comment by [email protected]
on 26 Jul 2009 at 10:11
Attachments:
from slowaes.
Great, thanks berryman77 -- your patch is fine and I have now committed it (SVN
revision 36). If you want committer status on this project just let me know!
Original comment by [email protected]
on 27 Jul 2009 at 1:14
- Changed state: Fixed
from slowaes.
Randall,
The likely reason for the size argument is because the code was originally
converted
directly from ANSI C and in that context it probably made more sense. After the
initial conversion and some bug fixes this has remained largely untouched. As
you
work through the code please make corrections you feel will improve performance,
reliability, and readability.
Josh
Original comment by [email protected]
on 27 Jul 2009 at 1:39
from slowaes.
The functions I added (encryptData and decryptData) apply padding regardless of
the
mode. Only CBC mode requires padding, so I added a check in the attached diff.
I chose to use this module because it's written in Python so I don't have to
compile
for each platform I deploy on. My current needs aren't performance sensitive.
I'm
more focused on usability as is (hopefully) evident in the additions I made.
I'll be
glad to help if/when fixes and improvements are needed.
-Randall
Original comment by [email protected]
on 27 Jul 2009 at 6:30
Attachments:
from slowaes.
aleaxit,
I would like committer status so I can apply this fix and any future fixes.
Original comment by [email protected]
on 4 Aug 2009 at 9:18
from slowaes.
berryman77, I'll be very happy to add you, but need your email address -- if
you want to communicate it
privately, I'm aleaxit at gmail period com;-).
Original comment by [email protected]
on 5 Aug 2009 at 11:42
from slowaes.
Related Issues (20)
- Arguments should be array of bytes HOT 2
- Implement PKCS7 padding
- Javascript AES-CBC: PKCS7 Padding broken for 16 bytes long blocks (and multiples) HOT 3
- shouldn't need originalsize when decrypting HOT 9
- Typo in cryptoHelpers.js:172 ( base64.decode() )
- I make for my self python 3 version with bytes and bytearrays used HOT 1
- Unable to decrypt a message if the unencrypted text is not known HOT 1
- __main__ example too short for block sequencing test
- Test examples for PHP & JS HOT 1
- Minor syntax errors in cryptoHelpers.js (effects non-browsers) HOT 5
- error in base64 decoding
- Python version: should be possible to supply IV instead of generating it randomly
- There is a typo in error messages of strip_PKCS7_padding(): PCKS7 -> PKCS7
- trying to create a working output against known config HOT 2
- IV problem HOT 3
- Patch for /trunk/php/aes_small.php
- bug in CBC implementation of AES OpenSSL-256 encryption
- Fixed variable call
- Add License File
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from slowaes.