© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
PEP 272 says the following about the IV attribute:
"After encrypting or decrypting a string,
this value is updated to reflect the modified feedback text.
It is read-only, and cannot be assigned a new value".
PyCrypto 2.5 was not truly PEP272 compliant in that the IV could be modified.
PyCrypto 2.6 is not truly PEP272 compliant either even if the IV is read-only because it is not updated on encryption or decryption.
Of the two, I find the second non-compliancy better than the first and even better than PEP272,
because in case the crypto implementation was actually via an external engine (OpenSSL, etc),
it is not guaranteed that such engine would expose the updated IV.
Apart from that, I don't personally think that "modifying the IV" is a clear operation,
especially because its behavior is strongly dependent on the type of chaining and therefore error prone.
For the reasons above, I don't think this is really a bug.
In the example application you present, it is customary to use other chaining modes, like CTR and XTS.
They are actually designed on purpose to work with streaming or random access.
CBC is not "often used for streaming" and the way you use it is highly suboptimal (although probably not dangerous).