Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

AES with stronger (non-default) key size 256 generates a wrong sized byte initialization vector #43

GoogleCodeExporter opened this issue Mar 7, 2015 · 2 comments


Copy link

@GoogleCodeExporter GoogleCodeExporter commented Mar 7, 2015

This is the same issue than the one observed with Java
( Type
Status Priority Milestone Owner Implementation Summary) but for Python this

Pycrypto only accepts AES IV of 16 bytes (when self.block_size is 24 or 32
bytes it fails)

Metada and key are created this way:

python create --location=/home/ookoi/kz --purpose=crypt
python addkey --location=/home/ookoi/kz --status=primary --size=256

Test code:
import keyczar

input = "ttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttt"
crypter = keyczar.Crypter.Read("/home/ookoi/kz")
ciphertext = crypter.Encrypt(input)
plaintext = crypter.Decrypt(ciphertext)
assert(input == plaintext)

Which gives:
Traceback (most recent call last):
  File "", line 5, in <module>
    ciphertext = crypter.Encrypt(input)
"/home/ookoi/Bureau/keyczar-read-only/python/src/keyczar/", line
314, in Encrypt
    return util.Encode(encrypting_key.Encrypt(data))
  File "/home/ookoi/Bureau/keyczar-read-only/python/src/keyczar/",
line 256, in Encrypt
    ciph_bytes =, AES.MODE_CBC, iv_bytes).encrypt(data)
ValueError: IV must be 16 bytes long

Original issue reported on by sebastien.martini on 12 Jan 2009 at 1:52

Copy link

@GoogleCodeExporter GoogleCodeExporter commented Mar 7, 2015

Same fix. You were setting the block size equal to the length of the key, which 
be 16, 24, or 32 bytes. AES' block size is always 16. Patch attached.

Original comment by on 4 Jun 2009 at 11:05


Copy link

@GoogleCodeExporter GoogleCodeExporter commented Mar 7, 2015

Fixed in rev. 417

Original comment by sebastien.martini on 4 Jun 2009 at 12:04

  • Changed state: Fixed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
1 participant