2013-05-05 05:21:01 |
Darsey Litzenberger |
bug |
|
|
added bug |
2013-05-05 05:23:24 |
Darsey Litzenberger |
pycrypto: status |
New |
Confirmed |
|
2013-05-05 05:24:30 |
Darsey Litzenberger |
summary |
IV silently changed meaning in PyCrypto 2.6 |
IV silently changed meaning in PyCrypto 2.6; violates PEP 272 |
|
2013-05-05 05:25:17 |
Darsey Litzenberger |
description |
The meaning of the 'IV' attribute on cipher objects silently changed in PyCrypto 2.6. The 'IV' attribute in PyCrypto 2.5 and below returned a value that could be passed to the .new() parameter in order to restore its current state. In PyCrypto 2.6, this was changed to be the initial IV that was passed to the .new() parameter.
PyCrypto 2.5 and below:
>>> from Crypto.Cipher import AES
>>> ciph = AES.new("\0"*16, AES.MODE_CBC, "ABCDEFGHIJKLMNOP")
>>> ciph.encrypt("\0"*16)
'a\xd7\x82X\xeb\x1a\xbdo\xffG\x9d\x1d\xab\xb6\x10;'
>>> ciph.IV
'a\xd7\x82X\xeb\x1a\xbdo\xffG\x9d\x1d\xab\xb6\x10;'
PyCrypto 2.6:
>>> from Crypto.Cipher import AES
>>> ciph = AES.new("\0"*16, AES.MODE_CBC, "ABCDEFGHIJKLMNOP")
>>> ciph.encrypt("\0"*16)
'a\xd7\x82X\xeb\x1a\xbdo\xffG\x9d\x1d\xab\xb6\x10;'
>>> ciph.IV
'ABCDEFGHIJKLMNOP' |
The meaning of the 'IV' attribute on cipher objects silently changed in PyCrypto 2.6. The 'IV' attribute in PyCrypto 2.5 and below returned a value that could be passed to the .new() parameter in order to restore its current state. In PyCrypto 2.6, this was changed to be the initial IV that was passed to the .new() parameter.
PyCrypto 2.5 and below:
>>> from Crypto.Cipher import AES
>>> ciph = AES.new("\0"*16, AES.MODE_CBC, "ABCDEFGHIJKLMNOP")
>>> ciph.encrypt("\0"*16)
'a\xd7\x82X\xeb\x1a\xbdo\xffG\x9d\x1d\xab\xb6\x10;'
>>> ciph.IV
'a\xd7\x82X\xeb\x1a\xbdo\xffG\x9d\x1d\xab\xb6\x10;'
PyCrypto 2.6:
>>> from Crypto.Cipher import AES
>>> ciph = AES.new("\0"*16, AES.MODE_CBC, "ABCDEFGHIJKLMNOP")
>>> ciph.encrypt("\0"*16)
'a\xd7\x82X\xeb\x1a\xbdo\xffG\x9d\x1d\xab\xb6\x10;'
>>> ciph.IV
'ABCDEFGHIJKLMNOP'
The new behavior violates PEP 272:
IV
Contains the initial value which will be used to start a
cipher feedback mode; it will always be a string exactly one
block in length. After encrypting or decrypting a string,
this value is updated to reflect the modified feedback text.
It is read-only, and cannot be assigned a new value. |
|
2013-05-05 05:40:44 |
Darsey Litzenberger |
description |
The meaning of the 'IV' attribute on cipher objects silently changed in PyCrypto 2.6. The 'IV' attribute in PyCrypto 2.5 and below returned a value that could be passed to the .new() parameter in order to restore its current state. In PyCrypto 2.6, this was changed to be the initial IV that was passed to the .new() parameter.
PyCrypto 2.5 and below:
>>> from Crypto.Cipher import AES
>>> ciph = AES.new("\0"*16, AES.MODE_CBC, "ABCDEFGHIJKLMNOP")
>>> ciph.encrypt("\0"*16)
'a\xd7\x82X\xeb\x1a\xbdo\xffG\x9d\x1d\xab\xb6\x10;'
>>> ciph.IV
'a\xd7\x82X\xeb\x1a\xbdo\xffG\x9d\x1d\xab\xb6\x10;'
PyCrypto 2.6:
>>> from Crypto.Cipher import AES
>>> ciph = AES.new("\0"*16, AES.MODE_CBC, "ABCDEFGHIJKLMNOP")
>>> ciph.encrypt("\0"*16)
'a\xd7\x82X\xeb\x1a\xbdo\xffG\x9d\x1d\xab\xb6\x10;'
>>> ciph.IV
'ABCDEFGHIJKLMNOP'
The new behavior violates PEP 272:
IV
Contains the initial value which will be used to start a
cipher feedback mode; it will always be a string exactly one
block in length. After encrypting or decrypting a string,
this value is updated to reflect the modified feedback text.
It is read-only, and cannot be assigned a new value. |
The meaning of the 'IV' attribute on cipher objects silently changed in PyCrypto 2.6. The 'IV' attribute in PyCrypto 2.5 and below returned a value that could be passed to the .new() parameter in order to restore its current state. In PyCrypto 2.6, this was changed to be the initial IV that was passed to the .new() parameter.
PyCrypto 2.5 and below:
>>> from Crypto.Cipher import AES
>>> ciph = AES.new("\0"*16, AES.MODE_CBC, "ABCDEFGHIJKLMNOP")
>>> ciph.encrypt("\0"*16)
'a\xd7\x82X\xeb\x1a\xbdo\xffG\x9d\x1d\xab\xb6\x10;'
>>> ciph.IV
'a\xd7\x82X\xeb\x1a\xbdo\xffG\x9d\x1d\xab\xb6\x10;'
PyCrypto 2.6:
>>> from Crypto.Cipher import AES
>>> ciph = AES.new("\0"*16, AES.MODE_CBC, "ABCDEFGHIJKLMNOP")
>>> ciph.encrypt("\0"*16)
'a\xd7\x82X\xeb\x1a\xbdo\xffG\x9d\x1d\xab\xb6\x10;'
>>> ciph.IV
'ABCDEFGHIJKLMNOP'
The new behavior violates PEP 272:
IV
Contains the initial value which will be used to start a
cipher feedback mode; it will always be a string exactly one
block in length. After encrypting or decrypting a string,
this value is updated to reflect the modified feedback text.
It is read-only, and cannot be assigned a new value.
Also, despite what PEP 272 says, it was possible in PyCrypto 2.5 to modify the cipher's behavior by assigning to the 'IV' attribute. In PyCrypto 2.6, the assignment works, but has no effect. |
|
2013-05-08 05:34:23 |
Legrandin |
bug |
|
|
added subscriber Legrandin |