2

I'm trying to encrypt files like PDFs or executables, but I can't pad it.

I try to read the file in this method:

with('file', 'rb') as file_read:
    line = file_read.read(n) --> n multple of 16
    encrypt(line, key)

Then I pass the line to my encrypt function, but when I reach a line that isn't a multiple of 16, my program crashes.

How can I correctly pad a sequence of bytes?

Improve this question
1
  • 2
    What are you using for the encrypt function? Commented Aug 17, 2016 at 18:34

2 Answers 2

Reset to default
4

This is a simplified (edited) version of a previous answer.

Assuming a file is read in a loop using line = f.read(N) (where N is the block size) until EOF.

1) Trivial zero padding; just add this after the read:

elen = len(line) % N
if elen:
    line += bytes(N - elen)

Zero padding is the simplest, but has drawbacks.

2) PKCS#7 padding, N < 256; add this after the read and make sure the loop will be exited afterward:

if len(line) < N:
    elen = 1 + (len(line) - 1) % N
    line += bytes(elen for _ in range(elen))

Please note that reading from files differs from reading from network sockets. A buffer is needed to read blocks of fixed length from network.

Improve this answer
Sign up to request clarification or add additional context in comments.

16 Comments

How will you remove the bytes after decryption if the data might end on a null byte? That is why PKCS#7 padding is generally used and not particularly more difficult, it just pads with the number of padding bytes.
@zaph I saw your earlier answer, but the original question lacks details. That's why I started the answer with a disclaimer and posted the most trivial case to have some code to begin with.
@VPfB i'm trying to encrypt only files.
This is the great thing about software development, it is very egalitarian in that everybody's methods are equal. It is not like engineering where methods have to be proved and the better methods must be used. We are free to ignore substantial research and do out own thing. I saw today a developer creating his own encryption, ignoring the tremendous work in creating, researching and vetting the standard methods just because he would rather not use some else's code. We are not locked into being professional, we are more like free-range coding monkeys. ;-)
@apollo9 Now we know that we can ignore partial network read()s. Let's concentrate on the main question. Please be more specific regarding the padding - could you answer zaph's question what encrypt function are you using?
|
2

Most encryption implementations support a padding option, usually PKCS#7 (née PKCS#5) that adds the padding on encryption and removed it on decryption.

Note: mcrypt does not support PKCS#7 padding, stay away from it.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.