Geek Answers Handbook

InvalidCiphertext exception when decrypting ciphertext

I am working on a new protocol for secure communications, and I am having problems decrypting encrypted text.

The data packet is stored in the variable uint8_t * and encrypted. Until this part goes well. But when I try to decrypt, I had the following problems:

1) If I send a vector and size (it's really 20, but I just want to decrypt the last 16 bytes):

CBC_Mode< AES >::Decryption decryptor;
decryptor.SetKeyWithIV( key, CryptoPP::AES::DEFAULT_KEYLENGTH, iv );

CryptoPP::StringSource ss( vector+4, 16 , true,
        new CryptoPP::StreamTransformationFilter( decryptor,
             new CryptoPP::StringSink( decryptedtext ) ) );

I get this:

terminate called after throwing an instance of 'CryptoPP::InvalidCiphertext'
  what():  StreamTransformationFilter: invalid PKCS #7 block padding found

2) If I just send a vector without size:

CryptoPP::StringSource ss( vector+4, true,
       new CryptoPP::StreamTransformationFilter( decryptor,
              new CryptoPP::StringSink( decryptedtext ) ) );

Programs start, but I just get all 00:

Text Encrypted (20 bytes)
8c 97 b7 d8 74 80 3d 9f 9f 62 2e 93 38 c7 d1 b de a4 21 80 

Text Decrypted (16 bytes)
0 0 0 0 0 0 0 0 68 0 0 0 0 0 0 0 0 0 0 0

I read that it may be that the key is not generated correctly, but I work with size 16, and here's how I do it:

 byte key[ CryptoPP::AES::DEFAULT_KEYLENGTH ], iv[      CryptoPP::AES::BLOCKSIZE ];
 memset( key, 0x00, CryptoPP::AES::DEFAULT_KEYLENGTH );
 memset( iv, 0x00, CryptoPP::AES::BLOCKSIZE );

3) I also tried passing the vector to char and sending it as a string:

CryptoPP::StringSource ss( reinterpret_cast<const unsigned char*>( (vector + 4) ), 16, true,
        new CryptoPP::StreamTransformationFilter( decryptor,
            new CryptoPP::StringSink( decryptedtext ) ) );

But again, I get the same thing:

terminate called after throwing an instance of 'CryptoPP::InvalidCiphertext'
  what():  StreamTransformationFilter: invalid PKCS #7 block padding found

, , , , . , .

- , ?

, , - .

Edit:

4) , , - decrypter:

CryptoPP::AES::Decryption aesDecryption(key, CryptoPP::AES::DEFAULT_KEYLENGTH);
CryptoPP::CBC_Mode_ExternalCipher::Decryption cbcDecryption( aesDecryption, iv );


CryptoPP::StreamTransformationFilter stfDecryptor(cbcDecryption, new CryptoPP::StringSink( decryptedtext ) );
stfDecryptor.Put( reinterpret_cast<const unsigned char*>( (vector + 4) ), 16 );
stfDecryptor.MessageEnd();

:

terminate called after throwing an instance of 'CryptoPP::InvalidCiphertext'
  what():  StreamTransformationFilter: invalid PKCS #7 block padding found

Edit2:

(, , , ):

uint8_t* vector;

Edit3:

.

CryptoPP::AES::Encryption aesEncryption(key, CryptoPP::AES::DEFAULT_KEYLENGTH);
        CryptoPP::CBC_Mode_ExternalCipher::Encryption cbcEncryption( aesEncryption, iv );

        CryptoPP::StreamTransformationFilter stfEncryptor(cbcEncryption, new CryptoPP::StringSink( ciphertext ) );
        stfEncryptor.Put( reinterpret_cast<const unsigned char*>( (vector + 4) ), 16 );
        stfEncryptor.MessageEnd();

:

std::cout << std::endl << std::endl;
for(int i=0;i < 16; i++){
    *(vector+ i + 4) = (ciphertext[i]) ; 
}
+2
2

, . , , .

IV:

CBC_Mode< AES >::Encryption encryptor;
encryptor.SetKeyWithIV( key, CryptoPP::AES::DEFAULT_KEYLENGTH, iv );

:

CryptoPP::StringSource ss( vector + 4 , 16, true, 
     new CryptoPP::StreamTransformationFilter( encryptor,
          new CryptoPP::StringSink( ciphertext ),
              CryptoPP::StreamTransformationFilter::NO_PADDING
     ) // StreamTransformationFilter      
); // StringSource

:

CBC_Mode< AES >::Decryption decryptor;
    decryptor.SetKeyWithIV( key, CryptoPP::AES::DEFAULT_KEYLENGTH, iv );

        CryptoPP::StringSource ss( reinterpret_cast<const unsigned char*>( (vector + 4) ), 16, true,
                new CryptoPP::StreamTransformationFilter( decryptor,
                    new CryptoPP::StringSink( decryptedtext ), CryptoPP::StreamTransformationFilter::NO_PADDING) );

, .

0
terminate called after throwing an instance of CryptoPP::InvalidCiphertext'
    what():  StreamTransformationFilter: invalid PKCS #7 block padding found

. Crypto ++ InvalidCiphertext. . InvalidCiphertext.

-----

If I just send the vector without size:

CryptoPP::StringSource ss( vector+4, true, ...

, StringSource, , true, 1. , StreamTransformationFilter bool pumpAll:

StringSource (const byte *string, size_t length, bool pumpAll, BufferedTransformation *attachment=NULL)

, , . -Wall -Wextra - . ( , bool. . , "bool" C/++ GCC).

-----

If I send the vector and the size (it really 20 but I
just want to decrypt the last 16 bytes):

...
CryptoPP::StringSource ss( vector+4, 16 , true, ...

, , . CBC ( ):

CBC_Mode< AES >::Encryption enc;
cout << "Random access: " << enc.IsRandomAccess() << endl;

:

Random access: 0

, . , , , , , , .

-----

, - . , string vector, , , , .

encrypted.CopyTo(f2) - , . encrypted.CopyTo(f2).

// Creates the memory block and zero it.
SecByteBlock key(AES::DEFAULT_KEYLENGTH), iv(AES::BLOCKSIZE);

/////////////////////////////////////////////////////////////

string m1;
vector<char> v1;

m1 = "Now is the time for all good men to come to the aide of their country";
copy(m1.begin(), m1.end(), back_inserter(v1));

CBC_Mode< AES >::Encryption enc;
enc.SetKeyWithIV(key, key.size(), iv, iv.size());

ByteQueue encrypted;
StreamTransformationFilter f1(enc, new Redirector(encrypted));

f1.PutWord32((uint32_t)v1.size(), BIG_ENDIAN_ORDER);
f1.Put((const unsigned char *) &v1[0], v1.size());
f1.MessageEnd();

/////////////////////////////////////////////////////////////

string m2;
vector<char> v2;

CBC_Mode< AES >::Decryption dec;
dec.SetKeyWithIV(key, key.size(), iv, iv.size());

ByteQueue decrypted;
StreamTransformationFilter f2(dec, new Redirector(decrypted));

encrypted.CopyTo(f2);
f2.MessageEnd();

uint32_t len;
decrypted.GetWord32(len, BIG_ENDIAN_ORDER);

v2.resize(len);
decrypted.Get((unsigned char *) &v2[0], v2.size());

copy(v2.begin(), v2.end(), back_inserter(m2));

/////////////////////////////////////////////////////////////

cout << "Message: " << m1 << endl;
cout << "Decrypted: " << m2 << endl;

:

$ ./cryptopp-test.exe
Message: Now is the time for all good men to come to the aide of their country
Decrypted: Now is the time for all good men to come to the aide of their country

-----

vector + 4: , , . :

// Ciphertext is already decrypted
uint32_t len;
decrypted.GetWord32(len, BIG_ENDIAN_ORDER);

, :

decrypted.Skip(4);

, vector.

-----

, . , , CBC .

, , IPSec () TLS ( ). , . - - IPSec TLS.

- , Authenticated Encryption, . EAX, GCM CCM.

, :

    EAX< AES >::Encryption enc;
    enc.SetKeyWithIV(key, key.size(), iv, iv.size());

    ByteQueue encrypted;
    AuthenticatedEncryptionFilter f1(enc, new Redirector(encrypted));


    EAX< AES >::Decryption dec;
    dec.SetKeyWithIV(key, key.size(), iv, iv.size());

    ByteQueue decrypted;
    AuthenticatedDecryptionFilter f2(dec, new Redirector(decrypted));

-----

, . ( TransferTo):

string encoded;
HexEncoder encoder(new StringSink(encoded));
encrypted.CopyTo(encoder);
encoder.MessageEnd();

Fox CBC ( ):

Encrypted: 7F9FFCAB00704EC79BB5F19C48FE7C668033B16F52E7E00671A38A06F4A7426E7FE31
95CA6A83C7414A76C250B42E63143C93E7A6B97B6304C5782DE3E62BD545706A9F62CD7AD57BC374
19B7510EBED

EAX ( ):

Encrypted: B75347EB75DF8E1F0424979E91CEECD455F5727B506A8AA932AF07E1DF6A7B037A245
FEC7A2270BFAB8110226769E1C0A12E95C455E9C714AF28DA330A2B01B3F2D541D4E68276193C018
7BA0246166AD26624E848EC8330D3

EAX - . .

+3

More articles:


All Articles