GCM

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



dear all
i'm trying to use AES-GCM model for encryption i use a sample code for that

and my problem is

 ret = EVP_DecryptFinal_ex(ctx, plaintext + len, &len);

ret all the time is 0 this means that

the plaintext is not trustworthy.

encryption function

int
Server::AuthenticationEncryption(unsigned char plaintext[], int ptextsize,
        unsigned char aad[], int aadlen, unsigned char key[],int keysize,
        unsigned char iv[],int ivsize, unsigned char ciphertext[], unsigned
char tag[])
{
    int len;
    int ciphertext_len;
    EVP_CIPHER_CTX *ctx;
    ctx = EVP_CIPHER_CTX_new();

    //Initialize the encryption operation
     if (1 == EVP_EncryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL))
     {
         cout<<"success inttialize"<<endl;
     }
     else
     {
         cout<<"something wrong"<<endl;
     }
     //Set IV length should be more than 12 byte or 96 bit normally 16
     if (1 == EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, ivsize,
NULL))
     {
         cout<<"success adding iv"<<endl;
     }
     else
     {
         cout<<"something wrong"<<endl;
     }
     //Initialize key and IV
     if (1 == EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv))
     {
         cout<<"success initialize key and iv "<<endl;
     }
     else
     {
         cout<<"something wrong"<<endl;
     }
     //add AAD data
     if (1 == EVP_EncryptUpdate(ctx, NULL, &len, aad, aadlen))
     {
         cout<<"success adding AAD"<<endl;
     }
     else
     {
         cout<<"something wrong"<<endl;
     }
     //encrypt the message
     if (1 == EVP_EncryptUpdate(ctx, ciphertext, &len, plaintext,
ptextsize))
     {
         cout<<"success encryption"<<endl;
         ciphertext_len = len;
     }
     else
     {
         cout<<"something wrong"<<endl;
     }
     //finalize the encryption
     if (1 == EVP_EncryptFinal_ex(ctx, ciphertext + len, &len))
     {
         cout<<"success final encryption"<<endl;
         ciphertext_len += len;
         cout<<"cipher length is "<<ciphertext_len<<endl;
     }
     else
     {
         cout<<"something wrong"<<endl;
     }
     //get the tag
     EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, 16, tag);
    return ciphertext_len;
}

decryption function

int
Server::AuthenticationDecryption(unsigned char ciphertext[], int ctextsize,
        unsigned char aad[], int aadlen, unsigned char tag[],
        unsigned char key[], int keysize, unsigned char iv[], int ivsize,
        unsigned char plaintext[])
{
    int len;
    int plaintext_len;

    EVP_CIPHER_CTX *ctx;
    ctx = EVP_CIPHER_CTX_new();

    //Initialize the encryption operation
    if (1 == EVP_DecryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL))
     {
         cout<<"success initialize"<<endl;
     }
     else
     {
         cout<<"something wrong"<<endl;
     }
    //Set IV length should be more than 12 byte or 96 bit normally 16
    if (1 == EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, ivsize, NULL))
     {
         cout<<"success adding iv"<<endl;
     }
     else
     {
         cout<<"something wrong"<<endl;
     }
    //Initialize key and IV
    if (1 == EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv))
     {
         cout<<"success adding key and iv"<<endl;
     }
     else
     {
         cout<<"something wrong"<<endl;
     }
    //add AAD data
    if (1 == EVP_DecryptUpdate(ctx, NULL, &len, aad, aadlen))
     {
         cout<<"success adding AAD"<<endl;
     }
     else
     {
         cout<<"something wrong"<<endl;
     }
    //Decrypt the message
    if (1 == EVP_DecryptUpdate(ctx, plaintext, &len , ciphertext,
ctextsize))
     {
         cout<<"success decryption"<<endl;
         plaintext_len = len;
     }
     else
     {
         cout<<"something wrong"<<endl;
     }
    //add the tag
    if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, 16, tag))
     {
         cout<<"success adding tag"<<endl;
     }
     else
     {
         cout<<"something wrong"<<endl;
     }
    //finalize the Decryption
    int ret = 1;
    ret = EVP_DecryptFinal_ex(ctx, plaintext + len, &len);

    cout<<" ret value is "<<ret<<endl;

    if (ret > 0)
     {
         cout<<"success final decryption"<<endl;
         plaintext_len += len;
         cout<<"palin text is "<<plaintext_len<<endl;
         return plaintext_len;

     }
     else
     {
         cout<<"decrypt fail"<<endl;
         return -1;
     }
    return ret;

}

and in main () i use that

    unsigned char plaintext[120] =
{'f','a','3','1','3','2','2','5','f','8','8','4','0','6','e','5','a','5','5','9','0','9','c','5','a','f','f','5','2','6','9','a','8','6','a','7','a','9','5','3','1','5','3','4','f','7','d','a','2','e','4','c','3','0','3','d','8','a','3','1','8','a','7','2','1','c','3','c','0','c','9','5','9','5','6','8','0','9','5','3','2','f','c','f','0','e','2','4','4','9','a','6','b','5','2','5','b','1','6','a','e','d','f','5','a','a','0','d','e','6','5','7','b','a','6','3','7','b','3','9'};
    unsigned char key [32] =
{'f','e','f','f','e',9,9,2,8,6,6,5,7,3,1,'c',6,'d',6,'a',8,'f',9,4,6,7,3,0,8,3,0,8};

    unsigned char aad[40] =
{'f','e','e','d','f','a','c','e','d','e','a','d','b','e','e','f','f','e','e','d','f','a','c','e','d','e','a','d','b','e','e','f','a','b','a','d','d','a','d',2};

    unsigned char iv[120] =
{9,3,1,3,2,2,5,'d','f',8,8,4,0,6,'e',5,5,5,9,0,9,'c',5,'a','f','f',5,2,6,9,'a','a',6,'a',7,'a',9,5,3,8,5,3,4,'f',7,'d','a',1,'e',4,'c',3,0,3,'d',2,'a',3,1,8,'a',7,2,8,'c',3,'c',0,'c',9,5,1,5,6,8,0,9,5,3,9,'f','c','f',0,'e',2,4,2,9,'a',6,'b',5,2,5,4,1,6,'a','e','d','b','f',5,'a',0,'d','e',6,'a',5,7,'a',6,3,7,'b',3,9,'b'};
    unsigned char cipher[120];
    unsigned char tag[16];

    unsigned char extractedpalintext[120];

    int encryptionsize = 0;
    encryptionsize =
servertest.AuthenticationEncryption(plaintext,120,aad,40,key,32,iv,120,cipher,tag);

//servertest.AuthenticationEncryption(NULL,0,NULL,0,key,48,iv,24,cipher,tag);
    cout<<"size of encrypted data is "<<encryptionsize<<endl;
    cout<<"cipher text is "<<endl;
    for (int i = 0 ; i<120 ; i++)
    {
        printf("0x%.2x ", cipher[i]);
    }
    cout<<endl;
    cout<<"tag is "<<endl;
    for (int j = 0 ; j<16 ; j++)
    {
        printf("0x%.2x ", tag[j]);
    }
    cout<<endl;


servertest.AuthenticationDecryption(cipher,120,aad,40,tag,key,32,iv,120,extractedpalintext);
    cout<<"extracted palin text is "<<endl;
    for (int i = 0 ; i<120 ; i++)
    {
        printf("%c ", extractedpalintext[i]);
        //cout<<extractedpalintext[i];
    }
    cout<<endl;

the encryption and decryption process are ok but i have a problem with
function

    ret = EVP_DecryptFinal_ex(ctx, plaintext + len, &len);

all the time is 0 this means that

the plaintext is not trustworthy.

what i did wrong please guide me


-- 
Warmest regards and best wishes for a good health,*urs sincerely *
*mero*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150109/55757dac/attachment-0001.html>


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux