pep272_encryption
Subclass and overwrite the PEP272Cipher.encrypt_block and PEP272Cipher.decrypt_block methods and the block_size attribute.
pep272_encryption.PEP272Cipher
Note
For mote details about different modes of operation, see Discussions/discussion-modes
.
Block ciphers can be used in different modes of operation. The mode of operation can be set by passing one of the constants to the cipher object. Different modes of operation may require to pass extra arguments to the constructor.
Below is an example from the mostly PEP-272 compliant PyCryptodome.
>>> from Crypto.Cipher import AES
>>> iv = b'random 16 bytes!'
>>> key = b'0123456789abcdef'
>>> cipher = AES.new(key, mode=AES.MODE_CBC, IV=iv)
>>> cipher.encrypt(b'\00'*16)
b'j\xa2\xb5\x80\xf7\xbd\xb4I\xda\xea\x9aN\x9d\xb5\x9a\x17'
This library supports following modes of operation:
- Electronic code book (ECB)
- Cipher Block Chaining (CBC)
- Cipher Feedback (CFB)
- Output Feedback (OFB)
- Counter (CTR)
Not supported is, but may be implemented in the future:
- PGP variant of CFB (PGP)
Planned modes are (extending to PEP-272):
- Propagating Cipher Block Chaining (PCBC), used in older Kerberos versions
- Infinite Garble Extension (IGE), used by Telegram.
- OpenPGP mode, compatible to PyCrypto or PyCryptodome.
Authenticated encryption (AE) or authenticated encryption with associated data (AEAD) will probably not be supported, as they would require additional methods to finalize the encryption and sometimes have special requirements.
pep272_encryption.MODE_ECB
Warning
The ECB mode is not semantically secure.
The ECB mode of operation is the simplest one - each plaintext block is independently encrypted.
- param test
bla
pep272_encryption.MODE_CBC
To solve the problems of the ECB mode, a plaintext block is xored to the previous ciphertext block. For the very "first" ciphertext an initialization vector (IV) is used.
Plain- / ciphertexts must be multiple of blocksize in length.
pep272_encryption.MODE_CFB
The CFB mode of operation makes a stream cipher out of the block cipher. The block size of the cipher is reduced to segment_size
.
Plain- and ciphertext must be a multiple of segment_size
in length.
pep272_encryption.MODE_OFB
OFB uses a CBC encryption of a stream of null bytes to create a keystream.
pep272_encryption.MODE_CTR
CTR encrypts a counter to create a keystream.
pep272_encryption.util
pep272_encryption.version
pep272_encryption.version.__version__
pep272_encryption.version.__author__
pep272_encryption.version.__email__
pep272_encryption.version.__license__
pep272_encryption.version.__url__