RE: AES encryption/decryption
ia...@ihug.co.nz
thanks for the code, unfortunately that doesnt help either.
What exactly is the following code supposed to be checking?
Im guessing it is supposed to check the first padding byte
to ensure it is valid, however it is actually checking the
last character of the input string, which is 'F' in this
case. It then throws an exception because the integer value
of F is 70, and this is greater than the block size of 16.
Anyone able to help me understand WHY it would be doing this
check?
The ASCII value of space is
"0123456789ABCDEF{0x253}{0x253}...."
Even if pad should be equal to the first non-message byte, I
fail to understand the benefit of ensuring the decimal value
of this is a positive integer less than the block size.
Any help much appreciated
Iain
if (m_padding == PKCS_PADDING)
{
byte pad = space[s-1];
if (pad < 1 || pad > s || std::find_if(space+s-pad,
space+s, std::bind2nd(std::not_equal_to<byte>(), pad)) !=
space+s)
throw InvalidCiphertext("StreamTransformationFilter:
invalid PKCS #7 block padding found");
length = s-pad;
}
ia...@ihug.co.nz
No problems with the validation suite, it passes everything
fine.
Iain
>
>
> Hi Iain,
>
> The code ran OK for me. I've seen others run the same code
> and have errors thrown and core dump. Has Crypto++ passed
> the validation suite?
>
> Jeff
> [Attachment: smime.p7s]
ia...@ihug.co.nz
After scrapping the lot and starting from scratch, it now
works fine.
Thanks for your help Jeff.
Iain
>
>
> Hi Iain,
>
> From what I understand about the padding:
> The method only works when block size is less than 256 (8
> bit octet). A ASCII value is used in the range of 1 to
> block_size (i.e., 1 - 16 in the case of 128 bit AES).
> The length of the message is taken modulo block_size ( m %
> 16 ) to determine the pad value. This value is then
> subtracted from block_size.
>
> So, the actual value that is used to pad the message is
> block_size - m % block_size.
>
> A message that is 28 characters long would be padded to 32
> characters using the value 0x04 ( 16 - 28 % 16 ).
>
> I'm not an expert on the subject. RSA has some good
> documentation that is not too tough to read. See
> http://www.rsasecurity.com/rsalabs/pkcs/index.html
ia...@ihug.co.nz
encryption and decryption using Crypto++ 5.1.
The encryption works fine, however, the decryption throws
the "PKCS #7 block padding found" error from
StreamTransformationFilter::LastPut
case PKCS_PADDING:
The decryption function is
byte *AESDecryptByteArray(byte *bKey, byte *bIV, byte
*bCiphertext, int iLength)
{
byte *bPlaintext;
bPlaintext = (byte *)malloc(iLength);
ZeroMemory((void *)bPlaintext, iLength);
CBC_Mode<AES >::Decryption aes(bKey,
AES::DEFAULT_KEYLENGTH, bIV);
StreamTransformationFilter aes_dec(aes, new
ArraySink(bPlaintext, iLength));
aes_dec.Put((const unsigned char *)bCiphertext,
iLength);
aes_dec.MessageEnd();
return bPlaintext;
}
The calling code is
int main(void)
{
AutoSeededRandomPool rng;
byte *bKey;
byte *bIV;
byte bPlaintext[16];
byte *bCiphertext;
int iLength;
byte *bFinaltext;
bKey = (byte *)malloc(AES::DEFAULT_KEYLENGTH);
bIV = (byte *)malloc(AES::BLOCKSIZE);
bCiphertext = (byte *)malloc(16);
bFinaltext = (byte *)malloc(16);
iLength = 16;
for (int i = 0; i < 32; i++)
bKey[i] = rng.GenerateByte();
for (i = 0; i < AES::BLOCKSIZE; i++)
bIV[i] = rng.GenerateByte();
strcpy((char*)bPlaintext,"0123456789ABCDEF");
bCiphertext = AESEncryptByteArray(bKey,bIV, bPlaintext,
iLength);
bFinaltext = AESDecryptByteArray(bKey, bIV, bCiphertext,
iLength);
cout << bPlaintext << endl;
cout << bCiphertext << endl;
cout << bFinaltext << endl;
return 0;
}
Any ideas as to why this error is occuring would be much
appreciated
Iain