Python-Crypto

RFE: add a reinit method to block ciphers

Bug #241117 reported by Respawned on 2008-06-18

This bug affects 5 people

Affects		Status	Importance	Assigned to	Milestone
	Python-Crypto	New	Wishlist	Unassigned

Bug Description

Could you consider adding a reinit() method to block ciphers? Most crypto libraries provide one.
This would save creating a new object instead of resetting the cipher to the original IV. Below is a usage
comparison with python-mcrypt.

import base64
from mcrypt import MCRYPT
from Crypto.Cipher import AES

def beh64(data):
return base64.encodestring(data).strip().replace("\n", "")

CZ_KEY = "f52412c4ff1dacd2111f4951f3db1260"
CZ_IV = "0e32f4c96203f892"

aes = MCRYPT("rijndael-128", "cbc")
aes.init(CZ_KEY, CZ_IV)

def cz_arg(strn):
aes.reinit()
return beh64(aes.encrypt(strn))

def cz_arg2(strn):
    aes2 = AES.new(CZ_KEY, AES.MODE_CBC, CZ_IV) # no reinit
    pad = len(strn) % 16
    if pad != 0:
        strn = strn + ('\x00' * (16 - pad))
    return beh64(aes2.encrypt(strn))

print cz_arg('abc')
print cz_arg2('abc')
print cz_arg('def')
print cz_arg2('def')

Revision history for this message

Darsey Litzenberger (dlitz) wrote on 2008-09-21:

What would be the purpose of this? In general, (key, IV) pairs should never be reused for encryption, so I'm hesitant to add an interface that would encourage doing so.

Changed in pycrypto:
importance:	Undecided → Wishlist

Revision history for this message

Ryan Kelly (rfkelly) wrote on 2009-02-11:

I've wanted a similar functionality myself in the past, but mostly to re-run a decryption rather than an encryption as in this example. I have a library for transparently accessing encrypted files as a file-like objects, that allows random access by resetting the cipher whenever seek() is called.

In this case I simply keep a copy of the original IV, and reset the cipher object by assigning this to its "IV" property; this seems to work correctly but I suspect that's an accident, and the block-cipher PEP specifically forbids setting the IV property.

Revision history for this message

Darsey Litzenberger (dlitz) wrote on 2012-06-25:

There has been another request for similar functionality: https://bugs.launchpad.net/pycrypto/+bug/1014715

As I mentioned there, this could be useful for implementing disk encryption modes of operation (e.g. ESSIV, XTS, etc.). I'm not sure what the API should look like yet, but I think it would be good if we had an API that allowed a cipher to be reinitialized with the same key without necessarily running the key-scheduling algorithm again.

Revision history for this message

Richard Mitchell (mitchellrj) wrote on 2014-04-29:

This would be useful for parsing & writing OpenPGP version 3 secret keys.

"With V3 keys [...] the CFB state is resynchronized at the beginning of each new MPI value, so that the CFB block boundary is aligned with the start of the MPI data."

~ https://tools.ietf.org/html/rfc4880#page-44

Report a bug

This report contains Public information

Everyone can see this information.

Duplicates of this bug

Bug #1014715

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.