AES decryption padding with PKCS5 Python

empyreanphoenix picture empyreanphoenix · Sep 24, 2012 · Viewed 32.4k times · Source

I have been trying to implement AES CBC decryption in Python. Since the ciphered text is not a multiple of 16bytes, padding was necessary. Without padding, this error surfaced

"TypeError: Odd-length string"

But I could not find a proper reference for implementing PKCS5 in PyCrypto Python. Are there any commands to implement this? Thanks

After looking into Marcus's suggestion I did this.

My goal actually is to decrypt a hex message(128bytes) using this code. However, the output is " ?:" which is very small and the unpad command is deleting those bytes. This is the code.

from Crypto.Cipher import AES
BS = 16
pad = lambda s: s + (BS - len(s) % BS) * chr(BS - len(s) % BS) 
unpad = lambda s : s[0:-ord(s[-1])]

class AESCipher:
    def __init__( self, key ):
    self.key = key 

    def encrypt( self, raw ):
        raw = pad(raw)
        iv = raw[:16]
        raw=raw[16:]
        #iv = Random.new().read( AES.block_size )
        cipher = AES.new( self.key, AES.MODE_CBC, iv )
        return ( iv + cipher.encrypt( raw ) ).encode("hex")

    def decrypt( self, enc ):
        iv = enc[:16]
        enc= enc[16:]
        cipher = AES.new(self.key, AES.MODE_CBC, iv )
        return unpad(cipher.decrypt( enc))

mode = AES.MODE_CBC
key = "140b41b22a29beb4061bda66b6747e14"
ciphertext = "4ca00ff4c898d61e1edbf1800618fb2828a226d160dad07883d04e008a7897ee2e4b7465d5290d0c0e6c6822236e1daafb94ffe0c5da05d9476be028ad7c1d81";
key=key[:32]
decryptor = AESCipher(key)
decryptor.__init__(key)
plaintext = decryptor.decrypt(ciphertext)
print plaintext 

Answer

Akdeniz picture Akdeniz · Dec 15, 2012

You need to decode your hex encoded value before decryption. If you want to work with hex encoded keys, decode it as well..

Here, this should work.

from Crypto.Cipher import AES
from Crypto import Random

BS = 16
pad = lambda s: s + (BS - len(s) % BS) * chr(BS - len(s) % BS) 
unpad = lambda s : s[0:-ord(s[-1])]

class AESCipher:
    def __init__( self, key ):
        """
        Requires hex encoded param as a key
        """
        self.key = key.decode("hex")

    def encrypt( self, raw ):
        """
        Returns hex encoded encrypted value!
        """
        raw = pad(raw)
        iv = Random.new().read(AES.block_size);
        cipher = AES.new( self.key, AES.MODE_CBC, iv )
        return ( iv + cipher.encrypt( raw ) ).encode("hex")

    def decrypt( self, enc ):
        """
        Requires hex encoded param to decrypt
        """
        enc = enc.decode("hex")
        iv = enc[:16]
        enc= enc[16:]
        cipher = AES.new(self.key, AES.MODE_CBC, iv )
        return unpad(cipher.decrypt( enc))

if __name__== "__main__":
    key = "140b41b22a29beb4061bda66b6747e14"
    ciphertext = "4ca00ff4c898d61e1edbf1800618fb2828a226d160dad07883d04e008a7897ee2e4b7465d5290d0c0e6c6822236e1daafb94ffe0c5da05d9476be028ad7c1d81"
    key=key[:32]
    decryptor = AESCipher(key)
    plaintext = decryptor.decrypt(ciphertext)
    print "%s" % plaintext