[PYTHON-CRYPTO] block cipher API
phr-pycrypt at nightsong.com
Tue Jan 28 18:52:34 CET 2003
So ... crypto built into Python would be great. However, I do have
some comments on your proposed API.
Thanks for the response. Re your comments:
1) __call__(self, data, dir)
where "dir must be 'd' (decrypt) or 'e' (encrypt)"
seems a little odd. Why not just have an 'encrypt' and 'decrypt'
The idea is that a codebook might be able to only encrypt, or only
decrypt, or setting up could be expensive. I also wanted to simplify
the C API by having fewer entry points. But maybe these reasons are
bogus. Either way is ok.
2) class CBC (_mode):
def __init__ (self, codebook, dir, iv=None):
I like iv=None, if this means that iv is automatic (random, or whatever
is required) when left as None. Setting iv in the __init__ is wrong
though ... The iv can change per CBC encrypted data unit.
The iv in the cipher context does change as you encrypt stuff. I
don't see any conflict between that with passing an IV to the init.
In CBC mode, the default IV is all zeros. But in CFB mode, that's
much more dangerous, so you can't use a CFB context without supplying
There's a set_random_iv operation but I think I'll remove it. I don't
want the API to depend on having secure random numbers available.
If I do that, I'll make the iv arg mandatory for CFB mode.
3) padding... I like that you're doing auto padding on the CBC mode.
Pad modes can vary, so this would be better off as a pd class that was
set at initialization
What other padding modes are important? Can you describe what kind of
API you have in mind for a pad class?
4) what's with the 'finalized'? Why not let a cipher operate on more
than one block/packet of data without having to create a new instance?
If the application uses a finalized context by accident, I wanted to
catch the error. Making a new context is a pretty lightweight
operation (you can re-use the same codebook). I guess 'final' could
somehow reset the context instead of locking it, or I could add a
reset operation. I'll check the docs to see how the java cipher
classes do it.
Bryan Olson points out there should also be some standardization at
the C level, so the modes layer can call the cookbook layer without
going through the Python API.
More information about the python-crypto