Encrypt & Decrypt using PyCrypto AES 256

Here is my implementation and works for me with some fixes and enhances the alignment of the key and secret phrase with 32 bytes and iv to 16 bytes:

import base64import hashlibfrom Crypto import Randomfrom Crypto.Cipher import AESclass AESCipher(object):    def __init__(self, key):         self.bs = AES.block_size        self.key = hashlib.sha256(key.encode()).digest()    def encrypt(self, raw):        raw = self._pad(raw)        iv = Random.new().read(AES.block_size)        cipher = AES.new(self.key, AES.MODE_CBC, iv)        return base64.b64encode(iv + cipher.encrypt(raw.encode()))    def decrypt(self, enc):        enc = base64.b64decode(enc)        iv = enc[:AES.block_size]        cipher = AES.new(self.key, AES.MODE_CBC, iv)        return self._unpad(cipher.decrypt(enc[AES.block_size:])).decode('utf-8')    def _pad(self, s):        return s + (self.bs - len(s) % self.bs) * chr(self.bs - len(s) % self.bs)    @staticmethod    def _unpad(s):        return s[:-ord(s[len(s)-1:])]

You may need the following two functions: pad- to pad(when doing encryption) and unpad- to unpad (when doing decryption) when the length of input is not a multiple of BLOCK_SIZE.

BS = 16pad = lambda s: s + (BS - len(s) % BS) * chr(BS - len(s) % BS) unpad = lambda s : s[:-ord(s[len(s)-1:])]

So you're asking the length of key? You can use the md5sum of the key rather than use it directly.

More, according to my little experience of using PyCrypto, the IV is used to mix up the output of a encryption when input is same, so the IV is chosen as a random string, and use it as part of the encryption output, and then use it to decrypt the message.

And here's my implementation, hope it will be useful for you:

import base64from Crypto.Cipher import AESfrom Crypto import Randomclass AESCipher:    def __init__( self, key ):        self.key = key    def encrypt( self, raw ):        raw = pad(raw)        iv = Random.new().read( AES.block_size )        cipher = AES.new( self.key, AES.MODE_CBC, iv )        return base64.b64encode( iv + cipher.encrypt( raw ) )     def decrypt( self, enc ):        enc = base64.b64decode(enc)        iv = enc[:16]        cipher = AES.new(self.key, AES.MODE_CBC, iv )        return unpad(cipher.decrypt( enc[16:] ))

Let me address your question about "modes." AES256 is a kind of block cipher. It takes as input a 32-byte key and a 16-byte string, called the block and outputs a block. We use AES in a mode of operation in order to encrypt. The solutions above suggest using CBC, which is one example. Another is called CTR, and it's somewhat easier to use:

from Crypto.Cipher import AESfrom Crypto.Util import Counterfrom Crypto import Random# AES supports multiple key sizes: 16 (AES128), 24 (AES192), or 32 (AES256).key_bytes = 32# Takes as input a 32-byte key and an arbitrary-length plaintext and returns a# pair (iv, ciphtertext). "iv" stands for initialization vector.def encrypt(key, plaintext):    assert len(key) == key_bytes    # Choose a random, 16-byte IV.    iv = Random.new().read(AES.block_size)    # Convert the IV to a Python integer.    iv_int = int(binascii.hexlify(iv), 16)     # Create a new Counter object with IV = iv_int.    ctr = Counter.new(AES.block_size * 8, initial_value=iv_int)    # Create AES-CTR cipher.    aes = AES.new(key, AES.MODE_CTR, counter=ctr)    # Encrypt and return IV and ciphertext.    ciphertext = aes.encrypt(plaintext)    return (iv, ciphertext)# Takes as input a 32-byte key, a 16-byte IV, and a ciphertext, and outputs the# corresponding plaintext.def decrypt(key, iv, ciphertext):    assert len(key) == key_bytes    # Initialize counter for decryption. iv should be the same as the output of    # encrypt().    iv_int = int(iv.encode('hex'), 16)     ctr = Counter.new(AES.block_size * 8, initial_value=iv_int)    # Create AES-CTR cipher.    aes = AES.new(key, AES.MODE_CTR, counter=ctr)    # Decrypt and return the plaintext.    plaintext = aes.decrypt(ciphertext)    return plaintext(iv, ciphertext) = encrypt(key, 'hella')print decrypt(key, iv, ciphertext)

This is often referred to as AES-CTR. I would advise caution in using AES-CBC with PyCrypto. The reason is that it requires you to specify the padding scheme, as exemplified by the other solutions given. In general, if you're not very careful about the padding, there are attacks that completely break encryption!

Now, it's important to note that the key must be a random, 32-byte string; a password does not suffice. Normally, the key is generated like so:

# Nominal way to generate a fresh key. This calls the system's random number# generator (RNG).key1 = Random.new().read(key_bytes)

A key may be derived from a password, too:

# It's also possible to derive a key from a password, but it's important that# the password have high entropy, meaning difficult to predict.password = "This is a rather weak password."# For added # security, we add a "salt", which increases the entropy.## In this example, we use the same RNG to produce the salt that we used to# produce key1.salt_bytes = 8 salt = Random.new().read(salt_bytes)# Stands for "Password-based key derivation function 2"key2 = PBKDF2(password, salt, key_bytes)

Some solutions above suggest using SHA256 for deriving the key, but this is generally considered bad cryptographic practice.Check out wikipedia for more on modes of operation.