[Botan-devel] cipher + hex_decoder/encoder

Jack Lloyd lloyd at randombit.net
Sat Jul 15 17:10:54 EDT 2006


While the input is a single block of 16 bytes, the PKCS7 padding mode
for CBC must be able to pad in an unamgious way. So if the input is
exactly aligned with the block size, the padding mode will actually
add a full additional block of padding (the only alternative would be
to add no padding at all, but this would make unpadding unpredicable -
for example, the decryption side wouldn't be able to tell if a
decrypted text of 0x0107070707070707 was a full block of 8 plaintext
bytes, or a single byte (0x01) with seven bytes of padding at the
end). If you drop the size of the message down by one byte you'll find
that the ciphertext then only takes up one block (because the one free
byte at the end allows for an unambigious padding without the need to
add an extra block).

Two ways around this that come to mind:

1) If your input is always a multiple of the block size, you can specify
   the mode as /CBC/NoPadding. However, this will fail (exception throw) if
   the plaintext isn't actually a multiple of the block size.

2) Use a different mode, like counter, or CBC with ciphertext stealing.

-Jack

On Sat, Jul 15, 2006 at 10:57:23PM +0200, Larrson wrote:
> Hi all,
> 
> In the following program i can't understood, why encrypted message is
> twice longer as should be. The first part is ok,
> E353779C1079AEB82708942DBE77181A, but from is
> B97C825E1C785146542D396941BCE55D i don't know.
> 
> 
> Output:
>       Key = 06A9214036B8A15B512E03D534120006
>        IV = 3DAFBA429D9EB430B422DA802C9FAC41
>     Input = Single block msg
> Encrypted = E353779C1079AEB82708942DBE77181AB97C825E1C785146542D396941BCE55D
> Decrypted = Single block msg
> 
> 
> Regards,
> Thomas
> 
> ********************************************************************
> 
> #include <botan/botan.h>
> #include <botan/base.h>
> #include <iostream>
> #include <string>
> #include <fstream>
> using namespace std;
> using namespace Botan;
> int main()
> {
> 	try
> 	{
> 	  Botan::LibraryInitializer init;
> 		
>  	  SymmetricKey key("06a9214036b8a15b512e03d534120006");
> 	  InitializationVector iv ("3dafba429d9eb430b422da802c9fac41");
> 		
> 		string msg = "Single block msg";
> 		
> 		cout << "      Key = "<< key.as_string() << endl;
> 		cout << "       IV = "<< iv.as_string() << endl;
> 		cout << "    Input = "<< msg << endl;
> 		
> 	  Pipe enc(get_cipher("AES/CBC/PKCS7", key,iv, ENCRYPTION), new
> Hex_Encoder);
> 	  Pipe dec(new Hex_Decoder, get_cipher("AES/CBC/PKCS7", key, iv,
> DECRYPTION));
> 		
> 		enc.process_msg(msg);
> 		string encrypted = enc.read_all_as_string();
> 		cout << "Encrypted = " << encrypted << endl;
> 		
> 		dec.process_msg(encrypted);
> 		string decrypted = dec.read_all_as_string();
> 		cout << "Decrypted = " << decrypted << endl;
> 		
> 	}
> 	catch (std::exception &e) {
> 		std::cerr << "exc caught: " << e.what() << std::endl;
> 	}
> 	return 0;
> }
> _______________________________________________
> botan-devel mailing list
> botan-devel at randombit.net
> http://www.randombit.net/mailman/listinfo/botan-devel



More information about the botan-devel mailing list