What are the requirement to complete this task?

Implement PKCS7 padding as described on http://code.google.com/p/slowaes/wiki/OpenSSLStandards

Please use labels and text to provide additional information.

Comment deleted

Comment deleted

I started using this module and it seems to me that padding is absolutely necessary for CBC mode. Otherwise you have to store the length of the original message, which is a bad idea. So I added some high level functions complete with tests that include padding/depadding. This required one change in the original code that looks for "originalsize", which is now just passed in as None.

Also, I'm wondering why "size" (keysize) is an argument to AESModeOfOperation.encrypt/decrypt since it can be determined from the key itself. Am I missing something here?

The functions I added simplify usage. An example:

key = aes.generateRandomKey() cipher = aes.encryptData(key, plaintext_data) decoded_message = aes.decryptData(key, cipher)

I attached an svn diff.

-Randall

Great, thanks berryman77 -- your patch is fine and I have now committed it (SVN revision 36). If you want committer status on this project just let me know!

Randall,

The likely reason for the size argument is because the code was originally converted directly from ANSI C and in that context it probably made more sense. After the initial conversion and some bug fixes this has remained largely untouched. As you work through the code please make corrections you feel will improve performance, reliability, and readability.

Josh

The functions I added (encryptData and decryptData) apply padding regardless of the mode. Only CBC mode requires padding, so I added a check in the attached diff.

I chose to use this module because it's written in Python so I don't have to compile for each platform I deploy on. My current needs aren't performance sensitive. I'm more focused on usability as is (hopefully) evident in the additions I made. I'll be glad to help if/when fixes and improvements are needed.

-Randall

aleaxit,

I would like committer status so I can apply this fix and any future fixes.

berryman77, I'll be very happy to add you, but need your email address -- if you want to communicate it privately, I'm aleaxit at gmail period com;-).