AES has a number of modes, including ECB, OFB, and so on. In the following code we use AES to encrypt using padded string. The 256-bit key is generated by taking a SHA-256 hash of the password:
AES Modes (Python) |
Try an example
- Try "aaa..." and you will see ECB repeats with blocks.. aes
In this example we take "aaa...aaa" and a password of "pass" and you should be able to see that we have repeated blocks with ECB:
8fbf523fb6fbd6334b6cde0a02440cbd 8fbf523fb6fbd6334b6cde0a02440cbd 63f8472a91b26673b31ab570a5f61dd3
where you can see the padding at the end of the string has changed the last block (32 hex characters is 256 bit blocks).
Sample
The following is a sample run with an IV of 3, and data of "hello" and a password of "napier123":
IV: 0000000000000003 Input data (CMS): 68656c6c6f0b0b0b0b0b0b0b0b0b0b0b Cipher (ECB): 0a7ec77951291795bac6690c9e7f4c0d decrypt: hello Cipher (CBC): c91f59b001f502bec8c8359796d63d68 decrypt: hello Cipher (CFB): 5724326a85c1afba88dc936f590ac1ba decrypt: hello Cipher (OFB): 5773f7c72bb54e13bf807c22c21cdb31 decrypt: hello
Code
The following outlines the code. ECB does not use an IV, but the other methods do:
# https://asecuritysite.com/encryption/aes_modes from Crypto.Cipher import AES import hashlib import sys import binascii import Padding val='hello' password='hello' ival=10 if (len(sys.argv)>1): val=sys.argv[1] if (len(sys.argv)>2): password=str(sys.argv[2]) if (len(sys.argv)>3): ival=int(sys.argv[3]) plaintext=val def encrypt(plaintext,key, mode): encobj = AES.new(key,mode) return(encobj.encrypt(plaintext)) def decrypt(ciphertext,key, mode): encobj = AES.new(key,mode) return(encobj.decrypt(ciphertext)) def encrypt2(plaintext,key, mode,iv): encobj = AES.new(key,mode,iv) return(encobj.encrypt(plaintext)) def decrypt2(ciphertext,key, mode,iv): encobj = AES.new(key,mode,iv) return(encobj.decrypt(ciphertext)) key = hashlib.sha256(password.encode()).digest() iv= hex(ival)[2:8].zfill(16) print ("IV: "+iv) plaintext = Padding.appendPadding(plaintext,blocksize=Padding.AES_blocksize,mode=0) print ("Input data (CMS): "+binascii.hexlify(plaintext.encode()).decode()) ciphertext = encrypt(plaintext.encode(),key,AES.MODE_ECB) print ("Cipher (ECB): "+binascii.hexlify(bytearray(ciphertext)).decode()) plaintext = decrypt(ciphertext,key,AES.MODE_ECB) plaintext = Padding.removePadding(plaintext.decode(),mode=0) print (" decrypt: "+plaintext) plaintext=val plaintext = Padding.appendPadding(plaintext,blocksize=Padding.AES_blocksize,mode=0) ciphertext = encrypt2(plaintext.encode(),key,AES.MODE_CBC,iv.encode()) print ("Cipher (CBC): "+binascii.hexlify(bytearray(ciphertext)).decode()) plaintext = decrypt2(ciphertext,key,AES.MODE_CBC,iv.encode()) plaintext = Padding.removePadding(plaintext.decode(),mode=0) print (" decrypt: "+plaintext) plaintext=val plaintext = Padding.appendPadding(plaintext,blocksize=Padding.AES_blocksize,mode=0) ciphertext = encrypt2(plaintext.encode(),key,AES.MODE_CFB,iv.encode()) print ("Cipher (CFB): "+binascii.hexlify(bytearray(ciphertext)).decode()) plaintext = decrypt2(ciphertext,key,AES.MODE_CFB,iv.encode()) plaintext = Padding.removePadding(plaintext.decode(),mode=0) print (" decrypt: "+plaintext) plaintext=val plaintext = Padding.appendPadding(plaintext,blocksize=Padding.AES_blocksize,mode=0) ciphertext = encrypt2(plaintext.encode(),key,AES.MODE_OFB,iv.encode()) print ("Cipher (OFB): "+binascii.hexlify(bytearray(ciphertext)).decode()) plaintext = decrypt2(ciphertext,key,AES.MODE_OFB,iv.encode()) plaintext = Padding.removePadding(plaintext.decode(),mode=0) print (" decrypt: "+plaintext)