Opened at 2011-03-18T20:46:27Z
Closed at 2012-02-06T01:30:08Z
#70 closed defect (fixed)
passing IVs smaller than 16 bytes to pycryptopp.cipher.aes.AES uses uninitialized memory
| Reported by: | bj0 | Owned by: | davidsarah |
|---|---|---|---|
| Priority: | major | Milestone: | 0.6.0 |
| Version: | 0.5.19 | Keywords: | security |
| Cc: | Launchpad Bug: |
Description
test:
from pycryptopp.cipher import aes
import os
k = os.urandom(16)
N = 4
print repr(aes.AES(k, iv='\x00'*N).process('testing'))
print repr(aes.AES(k, iv='\x00'*N).process('testing'))
print repr(aes.AES(k, iv='\x00'*N).process('testing'))
The results from the first and second calls are different, making the encryption useless. It seems that if a full IV is not passed, uncleared/uninitialized memory is used, making the results unpredictable.
This constructor should throw an exception for IV lengths that don't match the block size (16).
Sort of related: http://tahoe-lafs.org/trac/pycryptopp/ticket/18
Change History (3)
comment:1 Changed at 2011-12-09T22:50:18Z by zooko
- Milestone set to 0.6.0
comment:2 Changed at 2011-12-10T04:28:06Z by davidsarah
- Keywords security added
- Owner set to davidsarah
- Status changed from new to assigned
comment:3 Changed at 2012-02-06T01:30:08Z by warner
- Resolution set to fixed
- Status changed from assigned to closed
Note: See
TracTickets for help on using
tickets.
Fixed by [c89e25aa/git]