gcry_cipher_decrypt usage

Joe the Shmoe news at edrusb.is-a-geek.org
Thu Apr 7 22:14:58 CEST 2011

Werner Koch a écrit :
> On Thu,  7 Apr 2011 10:55, news at edrusb.is-a-geek.org said:
>> Cipher used is blowfish. In this buggy situation, gcry_cipher_decrypt()
> What cipher mode (CBC, CFB, CTR, ...) and depending on that what kind of
> padding to you use.  How do you call gcry_cipher_open?

gcry_cipher_hd_t clef;

err = gcry_cipher_open(&clef,
	               algo_id, // equal to GCRY_CIPHER_BLOWFISH

>> The fact that clear data is located after the ciphered data is not
> Sure it can't know that and will happlity decrypt this.

OK, I better see the picture now, and understand my mistake.

> gcry_cipher_decrypt can's distinguish between cleartext and ciphertext.
> The upper layer (i.e. the protocol) must define how this can be done.

Yep, I must review this upper layer in Disk ARchive, to handle the
particular and rare situation in which this condition occur  and thus
avoid having clear text after ciphered one being passed to

>> time, gcry_cipher_decrypt() returns an error as expected, because the
> gcry_cipher_decrypt can't return an error except for cases where you you
> pass an invalid data length (e.g. not a multiple of the blocklength).
> Shalom-Salam,
>    Werner

Werner, Thank you for your clear explanations. And also, at this
occasion, thank you for GnuPG. ;-)

Best Regards,
Denis Corbin.

More information about the Gcrypt-devel mailing list