[Botan-devel] Re: Stream cipher operations

Jack Lloyd lloyd at randombit.net
Thu Oct 13 17:17:41 EDT 2005

On Thu, Oct 13, 2005 at 05:11:01PM -0400, Carlton Davis wrote:

>   SecureVector<byte> bits = skey.bits_of();
>   PK_Encryptor* enc = get_pk_encryptor(*pubkey, "Raw");
>   SecureVector<byte> ciphertext = enc->encrypt(bits,sizeof(bits));
>   PK_Decryptor* dec = get_pk_decryptor(*privkey, "Raw");
>   SecureVector<byte> plaintext = dec->decrypt(ciphertext, sizeof(ciphertext));

This should be ciphertext.size(), not sizeof(ciphertext). In the call, the
ciphertext is truncated so you get a basically random number as the
output. Since you're using Raw encoding here, this wasn't detected as an
encoding error as it would if you were using OAEP or PKCS #1 v1.5. So the value
of plaintext iends up being a random integer less than n, which will usually
end up being around the modulus size (in this case, 1024 bits, or 128 bytes),
and WiderWAKE only supports 128-bit keys so it blows up when you try to pass
this to set_key.


More information about the botan-devel mailing list