[pycrypto] PyCrypto Blowfish CFB limitation

Legrandin gooksankoo at hoiptorrow.mailexpire.com
Wed Jun 6 13:11:47 EDT 2012

> I am getting "ValueError: Input strings must be a multiple of the
> segment size 8 in length" when trying to decrypt a file by using
> Blowfish in CFB mode. The file length is not a multiple of 8. However,
> OpenSSL doesn't require file length to be multiple of 8 and it
> successfully decrypts the file.
> 1. Is this a limitation imposed by PyCrypto?
Yes. I actually opened a
bug<https://bugs.launchpad.net/pycrypto/+bug/996207>about this, but in
the meanwhile I have read in Section 5.2 of NIST 800 38A
(the only standard I am aware of that describes CFB) that the input
*must*be a multiple of the segment size.

That means that strictly speaking OpenSSL is *not *standard compliant,
unless other standards saying that the last block can be shorter exists.

> 2. I could successfully decrypt and inflate the file by padding it
> with "x" (randomly chosen). Is this safe and correct?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dlitz.net/pipermail/pycrypto/attachments/20120606/4e405bad/attachment.html>

More information about the pycrypto mailing list