Pycrypto aes 256 Initialization vector size
Aha!
There's a difference of opinion what the "256" refers to.
AES has a fixed block size of 128 bits, so "AES 256" means 128 bit blocks, 256 bit key, 14 rounds.
However, Rijndael allows both the key size and the block size to vary. MCRYPT_RIJNDAEL_256
refers to Rijndael with block size set to 256 (and I don't know how many rounds). So it does indeed take a 32 byte IV. Your PHP script is not using AES 256.
This is confirmed in https://bugs.php.net/bug.php?id=47125 -- the reporter considers it a bug in PHP mcrypt, PHP considers it a bug in libmcrypt, but it's not a bug, since libmcrypt does document what MCRYPT_RIJNDAEL_256
means (at least the linux man page for mcrypt does, my Google-fu has failed to find any actual documentation for libmcrypt). That thing happens not to be the same as what AES 256 means.
So, you're encrypting and decrypting with ciphers that although related, might as well be completely different.
The bad news is that there doesn't appear to be a Crypto.Cipher.RIJNDAEL
in PyCrypto. If you can pass a 256-bit key to MCRYPT_RIJNDAEL_128 in the PHP script, then that would be AES 256 (thanks Paŭlo).
user80287
Updated on June 14, 2022Comments
-
user80287 almost 2 years
here's the case i have a php script that's using aes256 ,CBC the both key and IV size are 32 bytes long
data= '123456789abcdef' from Crypto.Cipher import AES a = AES.new('oqufXQ(?bc=6_hR2I3sMZChDpb6dDlw4',2,'fOaiIOkD8*9Xeu_s4_bb87Ox_UG+D9GA') print a.encrypt(data)
and the error i got
<type 'exceptions.ValueError'>: IV must be 16 bytes long Traceback (most recent call last): File "/base/data/home/apps/s~xxxxxxx/1.155074369696961822/main.py", line 4, in <module>
php code that works
echo base64_encode(encrypt('0123456789abcdef')) ; function encrypt($data) { return mcrypt_encrypt(MCRYPT_RIJNDAEL_256 ,'oqufXQ(?bc=6_hR2I3sMZChDpb6dDlw4', $data , MCRYPT_MODE_CBC, utf8_encode('fOaiIOkD8*9Xeu_s4_bb87Ox_UG+D9GA') ); }
I cant change the IV size
Note that I am Not very Familiar With Python, Just Need a way to encrypt data as it will be one appengine .
-
Steve Jessop over 12 years@user80287. AES 128, 192 and 256 are three specific ways of configuring Rijndael. However, Rijndael has more configuration options than those. So if you have a complete Rijndael implementation then you easily do AES, but implementers don't necessarily write a fully-flexible Rijndael, they might cut it down just to the bits they need. So an AES implementation won't necessarily support block sizes other than 128.
-
user80287 over 12 yearsWow! Thanks For the explanation. I thought AES and Rijndael has a same implementation , I dont have control over the keys or IV i mean i cant change the IV. so I need to use other lib , thanks again.
-
Paŭlo Ebermann over 12 years@user80287, Steve: Actually, MCRYPT_RIJNDAEL_128 ("Rijndael with 128 bit block size") is all three versions of AES - just pass a key of the right size, and it will choose the right algorithm (AES-128, AES-192, AES-256). (This will not help if you can't change the PHP script, though.)