[PYTHON-CRYPTO] AES in M2Crypto advice
Jason H. Smith
jason at OES.CO.TH
Sat May 31 08:36:31 CEST 2003
Hi, list. Hi, Ng.
First, a quick question, if I may. I did not follow the instructions in
INSTALL saying to modify distutils. Instead, I simply symlinked swig/ to
SWIG, and it looks fine. Did I mess anything up?
But mainly, I want to solicit advice for using AES in CBC mode to send an
entire hard drive image over TCP. The hard drive is much larger than
memory, so I will need to encrypt it piece by piece, sort of like a
stream. My question is, what is the best way to implement this with
M2Crypto.
Thus far, I am basically using this procedure:
1) key = md5 hash of a passphrase
2) iv = whatever
3) create a BIO.MemoryBuffer object
4) read a 10MB chunk
5) a) create a BIO.CipherStream object
b) set_cipher('aes_128_cbc', key, iv, 1)
6) encrypt the block, following demo/bio_ciph_test.py
7) write the ciphertext
7) set new iv = ciphertext[-16:]
8) go back to step 4
Does this look like correct usage? The reason I ask is because it seems
strange to have to instantiate a new BIO.CipherStream object every time.
It feels weird to have to store the last block of ciphertext manually,
and then feed it in as the IV to the next CipherStream object.
Thanks for any feedback.
--
GPG: 03EE 9EB8 E500 874A F509 7B95 9B9A 84A1 26E9 4F79
http://www.ece.utexas.edu/~jhs/public_key.gpg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: signature
URL: <http://mail.python.org/pipermail/python-crypto/attachments/20030531/6c97f28f/attachment.pgp>
More information about the python-crypto
mailing list