[botan-devel] DataSink/Source issue

Jack Lloyd lloyd at randombit.net
Wed Feb 27 16:40:35 EST 2013


The ofstream destructor should flush the buffers, but if
encryptionPipe in your example continued to exist while decryptionPipe
was started, it's possible data still remained in the (unclosed)
ofstream, and thus unwritten, which would cause the authentication
errors. I expect/hope that if you enclosed your encryption Pipe in a
new scope, forcing destruction before beginning decrypt, things would
work as you expect.

This is hard to fix in the current pipe/filter design, though the
obvious thing would be at the conclusion of the message force a flush
on the buffers. There is currently no way for the Pipe to signal end
of message information to the DataSink_Stream, and flushing on every
write would be far too expensive.

-Jack

On Fri, Feb 15, 2013 at 06:16:23PM -0500, Nick Sorrell wrote:
> I'm not sure if this is an issue, a gotcha, or a feature request:
> 
> The problem was that I kept getting authentication errors (using AES/EAX)
> and incomplete decryption.  When I added code to flush the encryption pipe
> DataSink, the errors went away.  The code looks something like this (all in
> one function):
> 
> DataSource_Stream in("testfile.txt");
> Pipe encryptionPipe(get_cipher("AES-128/EAX", key, iv, Botan::ENCRYPTION),
> new DataSink_Stream("encFile.txt"));
> encryptionPipe.process_msg(in);
> //flush DataSink_Stream here for success
> 
> DataSource_Stream encInput("encFile.txt");
> Pipe decryptionPipe(get_cipher("AES-128/EAX", key, iv, Botan::DECRYPTION),
> new DataSink_Stream("decFile.txt"));
> decryptionPipe.process_msg(encInput);
> 
> This isn't a big issue, as it's not how I will ultimately be using it, but
> it was confusing for testing purposes, and I'm not sure if it points to a
> bigger problem.
> 
> Btw, I love this crypto library. Thanks!
> -Nick Sorrell

> _______________________________________________
> botan-devel mailing list
> botan-devel at randombit.net
> http://lists.randombit.net/mailman/listinfo/botan-devel




More information about the botan-devel mailing list