Messages

1

Encryption / Re: AES CBC/PKCS7 encryption of empty msg fails

« on: February 08, 2018, 09:58:24 AM »

Thanks a lot for your offer! I replaced the encryption routines with cryptopp temporarily - which works fine.
I retest this issue with your next release and switch back, when working fine.

Sorry for the confusion with the test vector, of course it's AES128, made a copy/paste error. But the given vector is valid, anyway.

When taking PKCS7 padding, an empty msg is invalid - as far as I interpret the padding spec.

Good to hear that it's working fine now.

2

Encryption / Re: AES CBC/PKCS7 encryption of empty msg fails

« on: January 25, 2018, 06:17:46 AM »

Is this fixed already?

A possible (valid) AES256-CBC-PKCS7 testvector is:
key: "06a9214036b8a15b512e03d534120006",
iv:  "3dafba429d9eb430b422da802c9fac41",
pt:  "",
ct:  "79bbff7c3e845f5abf59a1f30129d9d4"

3

Encryption / AES CBC/PKCS7 encryption of empty msg fails

« on: December 19, 2017, 05:51:49 AM »

Following C code:

CkCrypt2 c;
c.UnlockComponent(CHILKAT_CRYPT_UNLOCK);
c.put_CryptAlgorithm("aes");
c.put_CipherMode("cbc");
c.put_KeyLength(256);   // key length in bits
c.put_PaddingScheme(0);   // PKCS7 padding

// set key
CkByteData _key;
_key.append2(&key[0], key.size());
c.put_SecretKey(_key);

// set IV
CkByteData _iv;
std::vector<std::uint8_t> rnd_iv(16);
crypt::random::rand(rnd_iv, 16);
_iv.append2(&rnd_iv[0], 16);
c.put_IV(_iv);

// encrypt data
CkByteData _cipher, _plain;
if (plain.size()) {
  _plain.append2(&plain[0], plain.size());
}
if (!c.EncryptBytes(_plain, _cipher)) {
  return false;
}

Problem is, when plain (and _plain) has size zero, returned _cipher has size zero, too.
So it's not possible to encrypt empty messages.
Expected: Padding must pad the first block with 16 x 0x10, XOR it with the IV and return an encrypted 16 byte block.

Is something wrong here?