[Botan-devel] Botan C++ vs TPLockBox

Jack Lloyd lloyd at randombit.net
Mon Sep 17 15:45:31 EDT 2007

On Tue, Sep 18, 2007 at 12:04:02AM +0600, atlantida wrote:
> Thanks, You was right about GenerateKey :) but it don't solved a
> problem... My test program (that uses Botan) print: 
> "terminate called after throwing an instance of 'Botan::Decoding_Error'
>   what():  Botan: Decoding error: PKCS7"
> How to interpretate this message? 

CBC mode requires its input to be an even multiple of the block
size. PKCS#7 specifies a way of performing this data which is commonly
implemented. This error indicates that the padding PKCS #7 expected
some padding information but saw something that was not consistent.

I think this is some different code from what you sent previously,
though, since that did not use CBC mode at all.

> I saw sources of TPLockBox, and it seems that in CBC-mode this library
> uses not standart form of storing encrypted message...
> Is there a standart of storing encrypted message in CBC-mode?

Depends on what you mean by standard. There are things like CMS, but that
is pretty complicated. Effectively: no.

> Since first block it uses for storing InitializationVector encrypted
> before, also last block for storing last data, length of which less than
> size of block and in that block last byte for storing length of that
> data in last block: last_block(last_data, strlen(last_data));
> last_block[BLOCKSIZE-1] = strlen(last_data); encrypt(last_block);

This is very close to PKCS #7... what does it put into the bytes (if
any) between the last byte of actual data and the byte with the length
of the block? Does it just leave those as whatever they were in the
last ciphertext block, or ?

You can disable padding and remove the trailing bytes yourself, or
write a new BlockCipherModePaddingMethod class (mode_pad.h) and
register it with the library.

More information about the botan-devel mailing list