All geek questions in one place

AES ECB encrypt / decrypt only decrypts the first 16 bytes

I had a function decoding an AES 256 string, but it only returns 16 char

bool decrypt_block(unsigned char* cipherText, unsigned char* plainText, unsigned char* key) { AES_KEY decKey; if (AES_set_decrypt_key(key, 256, &decKey) < 0) return false; AES_decrypt(cipherText, plainText, &decKey); return true; } 
 decrypt_block( encoded, resultText, ( unsigned char *) "57f4dad48e7a4f7cd171c654226feb5a");

Any idea

+4
source share
2 answers

AES is a block cipher. It encrypts and decrypts a block of 128 bits (16 bytes). AES_decrypt and AES_encrypt act on one block at a time. So, you only get the first 16 bytes. You need to manually decrypt or encrypt other blocks.

If you know the mode (e.g. CBC, ECB, etc.), you can call such functions AES_decrypt_cbc, etc.

You need to change the code as follows (I gave just an example):

  int len = strlen(ciphertext); //or get cipher text length by any mean. int i; for(i=0; i<=len; i+=16) AES_decrypt(cipherText+i, plainText+i, &decKey);

If you are confident in the mode, call the cbc / ecb / cfb / ofb functions.

In case of any doubt, please let me know.

+4
source

It looks like you are confusing the key length and block size.

AES can be used with 3 different long keys : 128-bit, 192-bit and 256-bit.

AES always uses a block size of 128 bits (16 bytes). For messages longer than 16 bytes, you need to decrypt (or encrypt) 16 bytes each time and expect to receive 16 bytes each time. (You will also need to decide which mode to use - for example, CBC, CTR, ECB, etc. If you decrypt the text provided by someone else, this decision is already made for you. If you make the decision yourself, bear in mind that the ECB is almost never the right choice.) If the message is not a multiple of 16 bytes, you need to pad it so that it is. PKCS # 7 gasket is the most common.

See the AES Wikipedia article for more information.

+3
source

Source: https://habr.com/ru/post/1468872/

More articles:


All Articles