Update DefaultEncryptor, DefaultEncryptorWithMAC and friends
32 views
Skip to first unread message
Jeffrey Walton
Dec 11, 2016, 5:14:25 AM12/11/16
to Crypto++ Users
Hi Everyone,
DefaultEncryptor, DefaultEncryptorWithMAC and friends were updated tonight. The new defaults us AES and SHA256. You can still access the previous classes through LegacyEncryptor, LegacyEncryptorWithMAC and friends.
Also see http://github.com/weidai11/cryptopp/issues/345 and http://github.com/weidai11/cryptopp/commit/bfbcfeec7ca7a0487978391803496a1d4aada37c.
Jeff
DefaultEncryptor, DefaultEncryptorWithMAC and friends were updated tonight. The new defaults us AES and SHA256. You can still access the previous classes through LegacyEncryptor, LegacyEncryptorWithMAC and friends.
Also see http://github.com/weidai11/cryptopp/issues/345 and http://github.com/weidai11/cryptopp/commit/bfbcfeec7ca7a0487978391803496a1d4aada37c.
Jeff
mark Gu
Sep 10, 2018, 1:57:18 AM9/10/18
to Crypto++ Users
Hi, I update from 5.6.2。
I encrypted sometext ,using DefaultEncryptorWithMAC(5.6.2). When I decrypt using LegacyDecryptorWithMAC(6.1), a expection throwed: DataDecryptorWithMAC: MAC check failed
It seems DefaultDecryptorWithMAC(5.6.2) is not compatible with LegacyDecryptorWithMAC(6.1)。
I notice that in "default.h" 255~256 line
typedef DataEncryptorWithMAC<LegacyBlockCipher,LegacyHashModule,DefaultMAC,LegacyParametersInfo> LegacyEncryptorWithMAC;
typedef DataDecryptorWithMAC<LegacyBlockCipher,LegacyHashModule,DefaultMAC,LegacyParametersInfo> LegacyDecryptorWithMAC;
They use DefaultMAC, rather than LegacyMAC, it seems like a bug.
在 2016年12月11日星期日 UTC+8下午6:14:25,Jeffrey Walton写道:
Jeffrey Walton
Sep 10, 2018, 8:33:20 PM9/10/18
to Crypto++ Users
On Monday, September 10, 2018 at 1:57:18 AM UTC-4, mark Gu wrote:
Hi, I update from 5.6.2。I encrypted sometext ,using DefaultEncryptorWithMAC(5.6.2). When I decrypt using LegacyDecryptorWithMAC(6.1), a expection throwed: DataDecryptorWithMAC: MAC check failedIt seems DefaultDecryptorWithMAC(5.6.2) is not compatible with LegacyDecryptorWithMAC(6.1)。I notice that in "default.h" 255~256 linetypedef DataEncryptorWithMAC<LegacyBlockCipher,LegacyHashModule,DefaultMAC,LegacyParametersInfo> LegacyEncryptorWithMAC;typedef DataDecryptorWithMAC<LegacyBlockCipher,LegacyHashModule,DefaultMAC,LegacyParametersInfo> LegacyDecryptorWithMAC;They use DefaultMAC, rather than LegacyMAC, it seems like a bug.
Thanks Mark.
Yeah, that may be a problem. Looking at 5.6.2 the old encryptors used SHA1 (5.6.2 release: https://github.com/weidai11/cryptopp/blob/789f81f048c9).
Let me get some tests together to confirm it. Once we confirm I'll open an issue for you.
Thanks again.
Jeff
Jeffrey Walton
Sep 10, 2018, 9:52:46 PM9/10/18
to Crypto++ Users
On Monday, September 10, 2018 at 8:33:20 PM UTC-4, Jeffrey Walton wrote:
On Monday, September 10, 2018 at 1:57:18 AM UTC-4, mark Gu wrote:Hi, I update from 5.6.2。I encrypted sometext ,using DefaultEncryptorWithMAC(5.6.2). When I decrypt using LegacyDecryptorWithMAC(6.1), a expection throwed: DataDecryptorWithMAC: MAC check failedIt seems DefaultDecryptorWithMAC(5.6.2) is not compatible with LegacyDecryptorWithMAC(6.1)。I notice that in "default.h" 255~256 linetypedef DataEncryptorWithMAC<LegacyBlockCipher,LegacyHashModule,DefaultMAC,LegacyParametersInfo> LegacyEncryptorWithMAC;typedef DataDecryptorWithMAC<LegacyBlockCipher,LegacyHashModule,DefaultMAC,LegacyParametersInfo> LegacyDecryptorWithMAC;They use DefaultMAC, rather than LegacyMAC, it seems like a bug.Thanks Mark.Yeah, that may be a problem. Looking at 5.6.2 the old encryptors used SHA1 (5.6.2 release: https://github.com/weidai11/cryptopp/blob/789f81f048c9).
Thanks again Mark. Yeah, we (me) screwed that up. Sigh...
Now open "LegacyDecryptor and LegacyDecryptorWithMAC use wrong MAC", https://github.com/weidai11/cryptopp/issues/714 .
Jeff
Jeffrey Walton
Sep 10, 2018, 9:56:59 PM9/10/18
to Crypto++ Users
On Monday, September 10, 2018 at 9:52:46 PM UTC-4, Jeffrey Walton wrote:
On Monday, September 10, 2018 at 8:33:20 PM UTC-4, Jeffrey Walton wrote:
On Monday, September 10, 2018 at 1:57:18 AM UTC-4, mark Gu wrote:Hi, I update from 5.6.2。I encrypted sometext ,using DefaultEncryptorWithMAC(5.6.2). When I decrypt using LegacyDecryptorWithMAC(6.1), a expection throwed: DataDecryptorWithMAC: MAC check failedIt seems DefaultDecryptorWithMAC(5.6.2) is not compatible with LegacyDecryptorWithMAC(6.1)。I notice that in "default.h" 255~256 linetypedef DataEncryptorWithMAC<LegacyBlockCipher,LegacyHashModule,DefaultMAC,LegacyParametersInfo> LegacyEncryptorWithMAC;typedef DataDecryptorWithMAC<LegacyBlockCipher,LegacyHashModule,DefaultMAC,LegacyParametersInfo> LegacyDecryptorWithMAC;They use DefaultMAC, rather than LegacyMAC, it seems like a bug.
Reply all
Reply to author
Forward
0 new messages