Menu
▾
▴
[Pycrypto-checkins] [ pycrypto-Bugs-1364920 ] bug in Zooko's fast-CTR-mode patch
|
From: SourceForge.net <no...@so...> - 2005-12-05 20:12:34
|
Bugs item #1364920, was opened at 2005-11-23 19:07 Message generated for change (Comment added) made by zooko You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=120937&aid=1364920&group_id=20937 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None Status: Open Resolution: None Priority: 5 Submitted By: Zooko O'Whielacronx (zooko) Assigned to: Nobody/Anonymous (nobody) Summary: bug in Zooko's fast-CTR-mode patch Initial Comment: My patch for fast CTR mode (all in C -- no Python) has a bug in that it isn't "restartable" -- if you encrypt or decrypt some data which is not itself a multiple of the block length, then subsequent calls to encrypt/decrypt will give incorrect results. I'll make fixes for this soon. In the meantime, here's a unit test showing how it doesn't work. https://yumyum.zooko.com:19144/cgi-bin/darcs.cgi/pycrypto-zookopatches/?c=patches Wed Nov 23 15:00:57 AST 2005 zo...@zo... * add unit test that shows that CTR mode is not restartable -- this is a bug diff -rN -u old-pycrypto-2.0.1-varlength-cctr/pycrypto-2.0.1/Util/test.py new-pycrypto-2.0.1-varlength-cctr/pycrypto-2.0.1/Util/test.py --- old-pycrypto-2.0.1-varlength-cctr/pycrypto-2.0.1/Util/test.py 2005-11-23 15:06:39.000000000 -0400 +++ new-pycrypto-2.0.1-varlength-cctr/pycrypto-2.0.1/Util/test.py 2005-11-23 15:06:39.000000000 -0400 @@ -146,6 +146,23 @@ print_timing(256, end-start, verbose) del obj1, obj2 + if verbose: print ' CTR mode, variable length, restart:', + strv = str[:-1] + obj1=ciph.new(password, ciph.MODE_CTR, counterstart=long_to_bytes(startctr, ciph.block_size)) + obj2=ciph.new(password, ciph.MODE_CTR, counterstart=long_to_bytes(startctr, ciph.block_size)) + start=time.time() + tempstrv = strv + while tempstrv: + chunksiz = random.randrange(1, len(tempstrv)+1) + ciphertext = obj1.encrypt(tempstrv[:chunksiz]) + tempstrv = tempstrv[chunksiz:] + plaintext=obj2.decrypt(ciphertext) + end=time.time() + if (plaintext!=strv): + die('Error in resulting plaintext from CTR mode, variable length, restart') + print_timing(256, end-start, verbose) + del obj1, obj2 + # Test the IV handling if verbose: print ' Testing IV handling' obj1=ciph.new(password, ciph.MODE_CBC, IV) ---------------------------------------------------------------------- >Comment By: Zooko O'Whielacronx (zooko) Date: 2005-12-05 20:12 Message: Logged In: YES user_id=52562 The latest version fixes this bug in "restarting" ctr mode usage by preserving the offset-within-the-block between calls to crypt(). https://yumyum.zooko.com:19144/cgi-bin/darcs.cgi/pycrypto-zookopatches/?c=patches https://yumyum.zooko.com:19144/pub/repos/pycrypto-zookopatches/ http://zooko.com/repos/pycrypto/ ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=120937&aid=1364920&group_id=20937 |
