ECB mode accepts IV
Bug #1222775 reported by
Legrandin
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Python-Crypto |
Fix Committed
|
Undecided
|
Unassigned |
Bug Description
The following code works fine:
from Crypto.Cipher import AES
ecb_cipher = AES.new(b"\x00" * 16, AES.MODE_ECB, b"\x00" * 16)
That is quite bad: a user might have wanted to actually set up the CBC mode (given the presence of the IV).
However, PyCrypto does not complain and creates the ECB cipher by ignoring the IV.
Instead, presence of the IV should lead to an exception when the mode is ECB.
To post a comment you must log in.
Fixed: https:/ /github. com/dlitz/ pycrypto/ commit/ 8dbe0dc3eea5c68 9d4f76b37b93fe2 16cf1f00d4