what's wrong with this decrypt code?

hany bee Mon, 06 Dec 2004 20:05:14 -0800

I wrote the following test code to encrypt and decrypt using AES. But somehow, the EVP_DecryptUdpate() is behaving in a way I don't quite understand. The first time it is invoked, the return number of bytes decrypted (parameter "out1" in the API) is always 0. That means, I get one chunk less of data after decryption. I was expecting it to return 16 bytes (the default block size of aes-128-ecb), but it just returns 0. Subsequent call seems ok.

Here's the code:

#define MD5_DIGESTSIZE 16

static int RawToKey(const char *raw, int rawsize, char *key)
{
        MD5_CTX ctxt;

        MD5Init(&ctxt);
        MD5Update(&ctxt, raw, rawsize);
        MD5Final((unsigned char*)key, &ctxt);

        char buf[512];
        memset(buf, 0, sizeof(buf));
        printf("key = %s\n", BytesToB64(buf, key, MD5_DIGESTSIZE));

        return MD5_DIGESTSIZE * 8;
}

static void Encrypt(const char *rawkey, const int keysize,
                                        const char *in, const int insize,
                                        char *out, int* outsize)
{
        char key[MD5_DIGESTSIZE];
        EVP_CIPHER_CTX ctx;

        int bitlen = RawToKey(rawkey, keysize, key);

EVP_CIPHER_CTX_init(&ctx); int ret = EVP_EncryptInit(&ctx, EVP_aes_128_ecb(), (unsigned char*)key, NULL);

        int tmpinsize = insize;
        int inoffset = 0;
        int outoffset = 0;
        int count;
        while (tmpinsize > 0)
        {
                if (tmpinsize > MD5_DIGESTSIZE)
                {
                        ret = EVP_EncryptUpdate(&ctx, (unsigned char*)(out + 
outoffset),
                                &count, (unsigned char*)(in + inoffset), 
MD5_DIGESTSIZE);
                        tmpinsize = tmpinsize - MD5_DIGESTSIZE;
                        outoffset = outoffset + count;
                }
                else
                {
                        ret = EVP_EncryptUpdate(&ctx, (unsigned char*)(out + 
outoffset),
                                &count, (unsigned char*)(in + inoffset), 
tmpinsize);
                        tmpinsize = 0;
                        outoffset = outoffset + count;
                }
        }

        ret = EVP_EncryptFinal(&ctx, (unsigned char*)(out + outoffset), &count);

        *outsize = outoffset + count;

        EVP_CIPHER_CTX_cleanup(&ctx);
}

static void Decrypt(const char *rawkey, const int keysize,
                                        const char *in, const int insize,
                                        char *out, int* outsize)
{
        char key[MD5_DIGESTSIZE];
        EVP_CIPHER_CTX ctx;

        int bitlen = RawToKey(rawkey, keysize, key);

EVP_CIPHER_CTX_init(&ctx); int ret = EVP_DecryptInit(&ctx, EVP_aes_128_ecb(), (unsigned char*)key, NULL);

int tmpinsize = insize; int inoffset = 0; int outoffset = 0; int count; while (tmpinsize > 0) { if (tmpinsize > MD5_DIGESTSIZE) { // ====> Problem here: it returns a value of 0 for count the first time it is invoked.... ret = EVP_DecryptUpdate(&ctx, (unsigned char*)(out + outoffset), &count, (unsigned char*)(in + inoffset), MD5_DIGESTSIZE); tmpinsize = tmpinsize - MD5_DIGESTSIZE; outoffset = outoffset + count; } else { ret = EVP_DecryptUpdate(&ctx, (unsigned char*)(out + outoffset), &count, (unsigned char*)(in + inoffset), tmpinsize); tmpinsize = 0; outoffset = outoffset + count; } }

        ret = EVP_DecryptFinal(&ctx, (unsigned char*)(out + outoffset), &count);

        *outsize = outoffset + count;

        EVP_CIPHER_CTX_cleanup(&ctx);
}

int _tmain(int argc, _TCHAR* argv[]) { char * text = "This is a test||This is a test||This is a test"; // /NFmuQrTeXTsAXf2OiR7mlrpyE6jNQ8NTYeQGcB6ny9LLePkJdVYtCF.amn3XBC4 char * fromjava = "/NFmuQrTeXTsAXf2OiR7mlrpyE6jNQ8NTYeQGcB6ny9LLePkJdVYtCF.amn3XBC4";

        char * K = "81.EymZR.iMM/Qb7gpKohRvdSZL";
        char raw[128];
        char buf[1024];
        int bufcount;
        char buf2[1024];
        int buf2count;
        char tmp[1024];

        memset(raw, 0, sizeof(raw));
        int keysize = B64ToBytes(raw, K);

        memset(tmp, 0, sizeof(tmp));
        memset(buf, 0, sizeof(buf));
        memset(buf2, 0, sizeof(buf2));

        Encrypt(raw, keysize, text, strlen(text), buf, &bufcount);
        Decrypt(raw, keysize, buf, bufcount, buf2, &buf2count);
        buf2[buf2count] = '\0';

        printf("text : '%s'\n", text);
//      printf("enc len : %d\n", strlen(buf));
        memset(tmp, 0, sizeof(tmp));
        printf("encrypted: '%s'\n", BytesToB64(tmp, buf, strlen(buf)));

        printf("after : '%s'\n", buf2);

        //==============================
        memset(buf, 0, sizeof(buf));
        int size = B64ToBytes(buf, fromjava);
        Decrypt(raw, keysize, buf, size, buf2, &buf2count);
        printf("dec from java: %s\n", buf2);

        return 0;
}

Thanks for any help.

_________________________________________________________________ Express yourself instantly with MSN Messenger! Download today - it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

what's wrong with this decrypt code?

Reply via email to