A self-contained cryptographic library for Python

PyCrypto had the RSA.decrypt method to decrypt textbook RSA encoded values. I understand that PyCryptodome doesn't support encrypting or decrypting these values through the same method, but is there an alternative/hidden/private method that would achieve the same result? If not, is there a suggested alternative? I understand that it's not secure, but I'm just looking to decrypt some previously-encrypted values.

Hello,

Cryptodome works perfectly on my Windows 64 machine. I am trying to upload Cryptodome to a AWS lambda function but I am getting this error:

module initialization error: Cannot load native module 'Cryptodome.Cipher._raw_ecb'

What could be the issue?

Thank you!

In initialization of dnspython, pycryptodome 3.9.7 gets a signal 4 in Math/_IntegerGMO with gmp-6.2.0. Reverting to gmp-6.1.2 fixes the problem. Platform: FreeBSD 12.1-RELEASE-p3 Versions: pycryptodome 3.9.7 dnspython 1.16.0 python37-3.7.6 gmp-6.2.0

backtrace attached 3201.txt

Python 3.7.3 Pycryptodome Ubuntu 16.04

Tried running with python 3.5 and got the same error but when i do the self test it runs successfully under python 3.5

[Thu Aug 13 12:04:38.419037 2020] [wsgi:error] [pid 27768] [remote 157.55.39.158:13599] from Cryptodome.Cipher import AES [Thu Aug 13 12:04:38.419041 2020] [wsgi:error] [pid 27768] [remote 157.55.39.158:13599] File "/usr/local/lib/python3.7/site-packages/Cryptodome/Cipher/init.py", line 27, in [Thu Aug 13 12:04:38.419047 2020] [wsgi:error] [pid 27768] [remote 157.55.39.158:13599] from Cryptodome.Cipher._mode_ecb import _create_ecb_cipher [Thu Aug 13 12:04:38.419051 2020] [wsgi:error] [pid 27768] [remote 157.55.39.158:13599] File "/usr/local/lib/python3.7/site-packages/Cryptodome/Cipher/_mode_ecb.py", line 47, in [Thu Aug 13 12:04:38.419058 2020] [wsgi:error] [pid 27768] [remote 157.55.39.158:13599] """ [Thu Aug 13 12:04:38.419061 2020] [wsgi:error] [pid 27768] [remote 157.55.39.158:13599] File "/usr/local/lib/python3.7/site-packages/Cryptodome/Util/_raw_api.py", line 308, in load_pycryptodome_raw_lib [Thu Aug 13 12:04:38.419068 2020] [wsgi:error] [pid 27768] [remote 157.55.39.158:13599] raise OSError("Cannot load native module '%s': %s" % (name, ", ".join(attempts))) [Thu Aug 13 12:04:38.419079 2020] [wsgi:error] [pid 27768] [remote 157.55.39.158:13599] OSError: Cannot load native module 'Cryptodome.Cipher._raw_ecb': Trying '_raw_ecb.x86_64-linux-gnu.so': /usr/local/lib/python3.7/site-packages/Cryptodome/Util/../Cipher/_raw_ecb.x86_64-linux-gnu.so: cannot open shared object file: No such file or directory, Trying '_raw_ecb.so': /usr/local/lib/python3.7/site-packages/Cryptodome/Util/../Cipher/_raw_ecb.so: cannot open shared object file:

Finally trying to port a project from pycrypto to pycryptodome. Could be screwing something up is a bug in decryption that works in pycrypto but doesn't work in pycryptodome.

Code to replicate, setup:

from Crypto.Cipher import PKCS1_OAEP
from Crypto.PublicKey import RSA

private_key = b'''-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAsOmwZaRjGBXhoKsHMJ1qR0CRd0r0v9suLXX/8J3aHmb7t/Vo
SbCj3f+VYJw7mK7Q0OYBAN4+tueTUVQMAHOSY1YSVTUO+rG2gytGlpDsRRmB3SRp
QReuCi3GYl7kUCnTL/s/rhoE8LzL4OmmGIpqIJPEDo7G7Odre3tU0OkvI6Twxbhg
m3FnB/z1khKbddp7EsCwzB8LsszW+0Pw0Ukjv0H/fgVG82SokMcTJujO1cVsJ22W
7c/Uqx84stDipclEHKBSRR7eXr7lpbDD8N311VxXhp9T8OB5J9xiJde8ZsewVRU/
gugQUdCzRs8vhhTidAOw15clnyUNcOrsENaccwIDAQABAoIBAHaaNEfwDP74rGqq
Pge5gKaEAwGWnr6AklSn5w3IxZHcOKT7QQ8l/LW3ws0h8FJL4HIrwEB0vlagqYK8
dc9Xq6ws59131LL8sP7+5DPMtJkeoJFA989LsMHiLj2EoEudvpdMOUTe7LD34TbH
bTLGmJ9+cNHRpkrsWoJODG6B5bhem5YKTVOiNXBLbVCZ66/ga4aaGhRr8kQYi6gD
iHef8oZ7xNkc98VQzJsptz2y+X+Q1Xx/Wx+CJ9f9JBGIBgtL7jgJzOKFlWn1q6GO
AhXNd8eGWpXXGEAFveQwY2xsDmKmbutJQ37U//ObobRKMCUKgCQQ+eyCCeAcC1iC
8PHMrwECgYEAueJESf02bcwii7qoDQvFAr442mmkaZweGP47XJoOP/cQr6a9JjTH
pEzIwnqHoDmKHXftsVtV95RV3nb4Max19WAQl+dQAz+c3RjnUXMVO28jASU4ziGq
jPkXdZwxpHppdrnLBROMpLFKlqDPfD7Vgh2Fuyq6U/s829NfF6YLOsUCgYEA86Uk
04HMil917d+T+HL2i64uhcCaSox1OQtNSLsA1/98YuyG3Tw7lXFbnvC/lB6Ai5P4
NTG5B0LyZSYlvthnqzGzT9R4kz8jZjNTlnRe7hxmQqN9AFxeBas8lRwcVb1yci9h
E2tMguIuWtS6r9VbIKwpIqAFVdKsFtU2YRF/TdcCgYBNxlNmVdEZPalSp4W696q1
zBuDn2IQYibhtDXoN/kwYFKV/AD2ZG0H3Ky/Wn821fxo+g31AE9G6MTI8SRFvHAa
e9hVho4e3dXnWI0osis3E/gkeYt8C/ANTge3yOOoeyN3bqN4e0aEfj3EKoLF7JBv
AaU7u9P8YYmEPLtz7KCUNQKBgC3MShrT2D3eac137FmUSpHBAQ+1P4tp0ZMSc8mL
FUKEzL3Plh459z1FHKLIwEo4XZNfEhX1rcEWrXej7w5roTkF053a43tSL/ZDCaBL
aZi6j+JQ1utdcXMBWBbzPMRFIyEhlM7QqYYku+/o8tqgcUu38NeIWthiDGUSWPFw
F4zrAoGAZYVFgQAyZFWKtt4n5jhLmzD6PsMEplLQIUZK/rfoj3ffiA7mx45CMxyx
mRWWJpP7FmaWJpCZSgxWyCbYE3L7XQwU+MJGOCnaa0Jofaep+w3fnlo+hS2BbGtY
ds9YzKHzERl+Wi9icR1BCJnT7APNj8dIxh8qye6V2CzcBlYiIqk=
-----END RSA PRIVATE KEY-----'''

bytes_encrypted_256 = b'tiB]"\xc5\xf9Q\xe6\xc1\xc1V\x99\x16\xbb\x7f\xe6\x8a\xe0\xc4-\xcc\x8c\xa1\x8e\xce\x82L\xd8\x9f\xa7\x1d)\x11+,\xfc\x91l\xceo\xf8\[email protected]\x04\x81\x98\xfd\xf6\x1e\xc5\xbeg\x82\xac,\xac\xf1-\x9aXlf:\xb6\xb1e(\xd0[[&\x04\x81`*YiI\xa1\x90\xad*\x94)\x81b.\x8f\\\x8e#mz\xab\x01=Cv3\xf7\x05.w;\x92\xd3\xc0\x8c)\xc0l\xde*(\x19\xd9\xb3k\x82\xc4\x9c\xa81W\x95\xc0%\x8cj\x07\xa51\x7f\xbf\n\xdc\x8cGH\x10G=\x85\x8c\x84,\xf1\xbc\x9dO\xac\xd3\x9a\x85OF\xc1k\xcb}\x06<HW\xc5\xb1\x02\xea\xa9u\xe3\xce\xab\xf2\xfe\xbf\x8c\xfd;\xef\xb6\xa8j\xc2Q\xa6\xe4\xd2\x9b\xc8\xb3I\xd3\xfdm\xf5\xce|.T\xd4\x85c\x06D\t\xb8C\xbd\xa3\xa7%|\xa1\xcf\x1f\xa0\xb0C\xe7\xbeG\x91\xbe\x8c\x19\xe4,@\xb0\xe7t)\x83\x89Yk\x8fS4\x9e\x1e\x9e\x00\xa0\x8d\na\xb4d\x19\x9cb'

When running under the old pycrypto the following works, the output is correct:

pycrypto_cipher = RSA.importKey(private_key)
pycrypto_cipher.decrypt(bytes_encrypted_256)

Out[2]: b'1YUPcxwbkzSr-FDPwlUHfA=='

When run under the new pycryptodome pattern on the same data the following occurs:

pycryptodome_RSA_key = RSA.importKey(private_key)
pycryptodome_cipher = PKCS1_OAEP.new(pycryptodome_RSA_key)
pycryptodome_cipher.decrypt(bytes_encrypted_256)

<ipython-input-1-c34372672827> in <module>
     41 pycryptodome_RSA_key = RSA.importKey(private_key)
     42 pycryptodome_cipher = PKCS1_OAEP.new(pycryptodome_RSA_key)
---> 43 pycryptodome_cipher.decrypt(bytes_encrypted_256)

~/.pyenv/versions/3.6.10/envs/test2/lib/python3.6/site-packages/Crypto/Cipher/PKCS1_OAEP.py in decrypt(self, ciphertext)
    198             invalid |= bord(x)
    199         if invalid != 0:
--> 200             raise ValueError("Incorrect decryption.")
    201         # Step 4
    202         return db[hLen + one_pos + 1:]

ValueError: Incorrect decryption.

Running python 3.6.10 via pyenv, tested on Ubuntu 19.04 and 19.10.

On python 3.5, I replaced pycrypto with pycryptodome and got the error 'Only byte strings can be passed to C code' when running my program which previously worked with pycrypto.

Is there a solution?

Hi,

I'm trying a very simple encryption with this code

    bkey = '0123456789abcdef'.encode('utf-8')
    bclave = "A160".encode('utf-8')

    cipher = AES.new(bkey, AES.MODE_ECB)
    ciphertext = cipher.encrypt(bclave)

but I'm getting "ValueError: Error 3 while encrypting in ECB mode" I have no idea what "Error 3" means, could you help me please

Python version: 3.9.2 Pycryptodome version: 3.15.0 Arrived here migrating from pycrypto which has recently stopped working (syntax error in the code) unless I used to run python2 for my program, I'm not entirely sure. Issue: Crypto.Util.Counter.new(...) returns a dictionary when the documentation clearly says "Returns: An object that can be passed with the :data:counter parameter to a CTR mode cipher."

This is a problem starting from PyCrypto.

The implementation of ElGamal is not secure -- the problem is that DDH assumption does not hold for the group modulus $p$.

It is only believed to hold for a safe prime $p=2q+1$, where $q$ and $p$ are primes. And the generator $g$ is not the generator of order $p-1$. It should be the order $q$.

Only, in this case, the ElGamal is safe because the underlying DDH assumption holds.

You can check the page 3 of this scribe note for a small explanation. Note that in many IEEE standards for ElGamal, their generator is also not the one here.

https://people.eecs.berkeley.edu/~alexch/docs/CS276-F2015/lecture-14.pdf

My problem:

1. Disable ElGamal?

2. Let me submit a PR to correct this one? Note that the secure ElGamal takes a super long time to find a good prime.

And also, I notice that in the documentation, ElGamal is not preferred. However, actually, it is better than RSA, if we want to use the homomorphism.

1. If we want to use RSA with homomorphism, this can only be the textbook RSA, which is insecure. If we use the one with padding, we lose the homomorphism of RSA.

2. But ElGamal can remain secure if we want homomorphism.

Hi Team,

I am using pysnmp package which uses pycryptodome for encryption. I am observing "Segmentation fault" when AES encryption is attempted. Below is the call stack for it. Any suggestion on what could be going wrong? FYI, I am running this on "CentOS release 6.4 (R3.1.0)"

Program received signal SIGSEGV, Segmentation fault.  
0xf651dfb5 in AESNI_encrypt (bb=0x87f3ab8, in=0xf625f328 "", out=0x87af5e0 "", data_len=16) at src/AESNI.c:156
156     src/AESNI.c: No such file or directory.
        in src/AESNI.c
Missing separate debuginfos, use: debuginfo-install bzip2-libs-1.0.5-7.SCLC6_4.R3.0.2.i686 glibc-2.12-1.192.SCLC6_4.R3.0.1.i686 iveopenssl-1.0.2n-2.SCLC6_4.R3.0.2.i686 python36-libs-3.6
.2-2.SCLC6_4.R3.0.2.i686 xz-libs-4.999.9-0.3.beta.20091007git.SCLC6_4.R3.0.2.i686
(gdb) bt
#0  0xf651dfb5 in AESNI_encrypt (bb=0x87f3ab8, in=0xf625f328 "", out=0x87af5e0 "", data_len=16) at src/AESNI.c:156
#1  0xf69e4969 in CFB_start_operation (cipher=0x87f3ab8, iv=0xf625f328 "", iv_len=16, segment_len=16, pResult=0x879a4f4) at src/raw_cfb.c:97
#2  0xf690744f in ffi_call_SYSV () at src/x86/sysv.S:61
#3  0xf6907280 in ffi_call (cif=0xf6265188, fn=0xf69e4820 <CFB_start_operation>, rvalue=0xf62651e8, avalue=0xf62651d0) at src/x86/ffi.c:213
#4  0xf669adca in cdata_call (cd=0xf645f038, args=0xf644be3c, kwds=0x0) at c/_cffi_backend.c:3025
#5  0xf74d1a34 in _PyObject_FastCallDict () from /usr/lib/libpython3.6m.so.1.0
#6  0xf74d2467 in _PyObject_FastCallKeywords () from /usr/lib/libpython3.6m.so.1.0
#7  0xf75966e1 in ?? () from /usr/lib/libpython3.6m.so.1.0
#8  0xf759c060 in _PyEval_EvalFrameDefault () from /usr/lib/libpython3.6m.so.1.0
#9  0xf7594f9c in PyEval_EvalFrameEx () from /usr/lib/libpython3.6m.so.1.0
#10 0xf759508c in ?? () from /usr/lib/libpython3.6m.so.1.0
#11 0xf7596461 in _PyFunction_FastCallDict () from /usr/lib/libpython3.6m.so.1.0
#12 0xf74d1b50 in _PyObject_FastCallDict () from /usr/lib/libpython3.6m.so.1.0
#13 0xf74d260c in _PyObject_Call_Prepend () from /usr/lib/libpython3.6m.so.1.0
#14 0xf74e972a in ?? () from /usr/lib/libpython3.6m.so.1.0
#15 0xf74d26ba in PyObject_Call () from /usr/lib/libpython3.6m.so.1.0
#16 0xf75389ce in ?? () from /usr/lib/libpython3.6m.so.1.0
#17 0xf7535744 in ?? () from /usr/lib/libpython3.6m.so.1.0
#18 0xf74d1a34 in _PyObject_FastCallDict () from /usr/lib/libpython3.6m.so.1.0
#19 0xf74d2467 in _PyObject_FastCallKeywords () from /usr/lib/libpython3.6m.so.1.0
#20 0xf75966e1 in ?? () from /usr/lib/libpython3.6m.so.1.0
#21 0xf759c060 in _PyEval_EvalFrameDefault () from /usr/lib/libpython3.6m.so.1.0
#22 0xf7594f9c in PyEval_EvalFrameEx () from /usr/lib/libpython3.6m.so.1.0
#23 0xf75960bc in ?? () from /usr/lib/libpython3.6m.so.1.0
#24 0xf759699f in PyEval_EvalCodeEx () from /usr/lib/libpython3.6m.so.1.0
#25 0xf750142c in ?? () from /usr/lib/libpython3.6m.so.1.0
#26 0xf74d26ba in PyObject_Call () from /usr/lib/libpython3.6m.so.1.0
#27 0xf759bc84 in _PyEval_EvalFrameDefault () from /usr/lib/libpython3.6m.so.1.0
#28 0xf7594f9c in PyEval_EvalFrameEx () from /usr/lib/libpython3.6m.so.1.0
#29 0xf75960bc in ?? () from /usr/lib/libpython3.6m.so.1.0
#30 0xf759699f in PyEval_EvalCodeEx () from /usr/lib/libpython3.6m.so.1.0
#31 0xf750142c in ?? () from /usr/lib/libpython3.6m.so.1.0
#32 0xf74d26ba in PyObject_Call () from /usr/lib/libpython3.6m.so.1.0
#33 0xf759bc84 in _PyEval_EvalFrameDefault () from /usr/lib/libpython3.6m.so.1.0
#34 0xf7594f9c in PyEval_EvalFrameEx () from /usr/lib/libpython3.6m.so.1.0
#35 0xf75960bc in ?? () from /usr/lib/libpython3.6m.so.1.0
#36 0xf7596542 in ?? () from /usr/lib/libpython3.6m.so.1.0
#37 0xf7596752 in ?? () from /usr/lib/libpython3.6m.so.1.0

Thanks in advance...

Hi,

And thank you for PyCryptodome! I am looking into using it to replace PyCrypto in this open-source project: https://github.com/chevah/python-package.

Unfortunately, building Crypto.Math._montgomery extension fails on Solaris with:

building 'Crypto.Math._montgomery' extension
cc -DNDEBUG -O -m64 -Kpic -DPYCRYPTO_LITTLE_ENDIAN -DLTC_NO_ASM -Isrc/ -I/srv/buildslave/runtime/build-solaris11-x64/slave/python-package-solaris-11/build/build/python2.7-solaris11-x64/include/python2.7 -c src/montgomery.c -o build/temp.solaris-2.11-i86pc.64bit-2.7/src/montgomery.o
"src/multiply.h", line 54: syntax error before or at: t
"src/multiply.h", line 54: warning: undefined or missing type for: t
"src/multiply.h", line 54: warning: undefined or missing type for: const
"src/multiply.h", line 54: warning: undefined or missing type for: uint64_t
"src/multiply.h", line 54: warning: undefined or missing type for: uint64_t
"src/multiply.h", line 54: warning: undefined or missing type for: size_t
cc: acomp failed for src/montgomery.c
error: command 'cc' failed with exit status 2

The above was from the 5.12 Sun C compiler bundled with Solaris Studio 12.3 on Solaris 11.2 X86 while building 64bit binaries, but the build fails similarly for Solaris 11.2 SPARC (while building 32bit binaries) and latest Solaris 10 (when building 64bit X86 binaries and 32bit SPARC binaries).

On a related note, some more warnings common to all these variations:

Testing support for 128-bit integer
Target does not support 128-bit integer
Testing support for intrin.h header
Target does not support intrin.h header
Testing support for cpuid.h header
Target does not support cpuid.h header
Warning: compiler does not support AESNI instructions
Warning: compiler does not support CLMUL instructions

"src/raw_cbc.c", line 44: warning: zero or negative subscript

"src/raw_ofb.c", line 50: warning: zero or negative subscript

"src/scrypt.c", line 83: warning: operands have incompatible pointer types: op "!="

And a warning specific to Solaris 10 builds:

"src/common.h", line 121: warning: implicit function declaration: posix_memalign