Crypto++ 5.6, CCM Mode, Decryption/Verification

Mon, 02 Mar 2009 16:15:03 -0800 

Hi All/Wei,

Sorry to be wearing out the list today. I'm catching some odd
behavior, part of which is surely due to my mistakes. But if I make
the mistake, others will also since there is nothing special about me
(theory of mediocrity).

// Cipher text generated as follows
string adata="Authenticated";
string pdata="Authenticated Encryption";
string cipher;

CCM< AES, 96 >::Encryption e;
AuthenticatedEncryptionFilter ef( e,
    new StringSink( cipher )
); // AuthenticatedEncryptionFilter

Taking default values, I expect to get either 1) authenticated data or
2) decrypted and authenticated data:

CCM< AES >::Decryption d;
AuthenticatedDecryptionFilter df( d,
    new StringSink( recovered )
); // AuthenticatedDecryptionFilter

df.Put( cipher.c_str(), cipher.length() );
df.MessageEnd();

When I inspected recovered, I found I had a truncated string from the
default (encrypted and authenticated) channel.
Presented: "Authenticated Encryption"
Recovered: "Authenticated Encryp"

The problem was that the encryptor specified a 96 bit tag, and the
decryptor took a default tag length. I expected that since the tag
length was encoded through the formatting function, the tag length
used to encrypt would be available.

First Observation: Is there any way to protect me from myself?

Next issue: I am able to extract the encrypted data from the default
channel, but upon calling MessageEnd(), the filter throws "message
length does not match that given in SpecifyDataLengths". So I get the
data and the exception is thrown.

Any ideas on how to feed the cipher text into the decryptor and call
MessageEnd() without an exception? I've tried specifying flags,
pading, and PutChannel(...).

CCM< AES, 96 >::Encryption e;
e.SetKeyWithIV( key, sizeof(key), iv );
...
AuthenticatedEncryptionFilter ef( e,
    new StringSink( cipher )
); // AuthenticatedEncryptionFilter

// Add ADATA and PDATA
ef.MessageEnd();
...

CCM< AES, 96 >::Decryption d;
d.SetKeyWithIV( key, sizeof(key), iv );

AuthenticatedDecryptionFilter df( d,
    new StringSink( recovered )
); // AuthenticatedDecryptionFilter

df.Put( cipher.c_str(), cipher.length() );
df.MessageEnd( );

Jeff

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the "Crypto++ Users" 
Google Group.
To unsubscribe, send an email to [email protected].
More information about Crypto++ and this group is available at 
http://www.cryptopp.com.
-~----------~----~----~----~------~----~------~--~---

Reply via email to