pycrypto

Wondering the right way to convert a AES_128_CTR encryption by openssl to PyCrypto. First, I did an encryption by openssl as following: openssl enc -aes-128-ctr -in input.mp4 -out output.openssl.mp4 -K 7842f0a1ebc38f44e3e0c81943f68582 -iv d01f40dfc8ec8cd9 And then, I tried to do the same thing through PyCrypto: from Crypto.Cipher import AES from Crypto.Util import Counter key = '7842f0a1ebc38f44e3e0c81943f68582' iv = 'd01f40dfc8ec8cd9' ctr_e = Counter.new(128, initial_value=int(iv, 16)) encryptor = AES.new(key.decode('hex'), AES.MODE_CTR, counter=ctr_e) with open('output.pycrypto.mp4', 'wb')

Why Pycrypto AES decryption gives different output when decrypted with AES object used for encryption and right output when decrypted with AES object used solely for decryption? from Crypto.Cipher import AES obj = AES.new('0123456789012345', AES.MODE_CBC, '0123456789012345') message = '0123456789012345' ciphertext = obj.encrypt(message) plaintext = obj.decrypt(ciphertext) # plaintext here is byte array obj2 = AES.new('0123456789012345', AES.MODE_CBC, '0123456789012345') plaintext = obj2.decrypt(ciphertext) # plaintext here is 0123456789012345 According to BlockAlgo#encrypt from which the AES

I'm trying install pycrypto on osx with easy_install and I'm getting the following error: easy_install pycrypto Searching for pycrypto Reading http://pypi.python.org/simple/pycrypto/ Reading http://pycrypto.sourceforge.net Reading http://www.pycrypto.org/ Reading http://www.amk.ca/python/code/crypto Best match: pycrypto 2.3 Downloading http://ftp.dlitz.net/pub/dlitz/crypto/pycrypto/pycrypto-2.3.tar.gz Processing pycrypto-2.3.tar.gz Running pycrypto-2.3/setup.py -q bdist_egg --dist-dir /var/folders/3D/3D07iptvHZuzuYaeQDMFIU+++TI/-Tmp-/easy_install-00HgRU/pycrypto-2.3/egg-dist-tmp-BWGYsg warning

I'm looking at using a crypto lib such as pycrypto for encrypting/decrypting fields in my python webapp db. But encryption algorithms require a key. If I have an unencrypted key in my source it seems silly to attempt encryption of db fields as on my server if someone has access to the db files they will also have access to my python sourcecode. Is there a best-practice method of securing the key used? Or an alternative method of encrypting the db fields (at application not db level)? UPDATE: the fields I am trying to secure are oauth tokens. UPDATE: I guess there is no common way to avoid this

I tried to install pycrypto module by downloading the source code and executing the following command python setup.py install , then an error came running install running build running build_py running build_ext warning: GMP library not found; Not building Crypto.PublicKey._fastmath. building 'Crypto.Hash.MD2' extension gcc -pthread -fno-strict-aliasing -fwrapv -Wall -Wstrict-prototypes -fPIC -std=c99 -O3 -fomit-frame-pointer -Isrc/ -I/usr/include/python2.5 -c src/MD2.c -o build/temp.linux-x86_64-2.5/src/MD2.o src/MD2.c:31:20: error: Python.h: No such file or directory src/MD2.c:118: error:

Given below is the code(not complete yet) I have written to encrypt and decrypt files using python with the pycrypto module. from Crypto.Hash import SHA256 from Crypto.Cipher import AES import getpass class ED(object): def getfromuser(self,choice): if choice=='key': key=getpass.getpass('Enter AES Key (minimum 16 characters): ') if len(key)<16: print 'Key entered too short. Please try again.' self.getfromuser(choice) key=key+str(8-len(key)%8)*(8-len(key)%8) return key if choice=='IV': IV_seed=raw_input('Enter a seed for the IV: ') IV=SHA256.new() IV.update(IV_seed) IV.digest() return str(IV)[0

I'm trying to decrypt data using PyCrypto. The data was encoded in Java with the javax.crypto package. The encryption is Triple DES (referred to as " DESede " in Java). As far as I can tell, default settings are used for everything. However, when I go to decrypt the data in Python there is always a problem with the data. Here's the Java code that does encrypting/decrypting: import sun.misc.BASE64Decoder; import sun.misc.BASE64Encoder; import javax.crypto.Cipher; import javax.crypto.SecretKey; import javax.crypto.SecretKeyFactory; import javax.crypto.spec.DESedeKeySpec; import java.security