no error returns when a wrong key/iv is used for decrypting

Yves Pagani ypagani at aps.edu.pl
Thu Feb 17 14:00:21 CET 2011


Hi all,

I'm doing some tests with the symmetric crypting functions of gcrypt.
I observed that when I give a wrong key or/and a wrong initialization vector for decrypting data via the gcry_cipher_decrypt function, it returns 0 instead of an error code. 
Of course, with a wrong key/iv, data are not correctly decrypted. 
The code given below shows this fact if uncommenting the second "gcry_randomize(key,key_size,GCRY_STRONG_RANDOM)" line.

To be complete, I'm using :
- the gcrypt 1.4.5 version of fedora 14
- gcc 4.5.1 (fedora 14 version too)
- all is done in the secure memory

Is it a bug or did I miss something ?

Thanks in advance.

Here is the example code :

#include <stdlib.h>
#include <stdio.h>
#include <stddef.h>
#include <gcrypt.h>
#define CIPHER_CHOICE GCRY_CIPHER_SERPENT256 
#define CIPHER_MODE_CHOICE GCRY_CIPHER_MODE_CBC
#define CIPHER_FLAGS_CHOICE GCRY_CIPHER_SECURE|GCRY_CIPHER_CBC_CTS
#define  SECURE_MEMORY_SIZE 60000

int main(void) {
  gcry_cipher_hd_t  hd; /* handle a initialiser */
  gcry_error_t error; /* valeur de retour des fonctions gcry */
  char *key=NULL;
  char *iv=NULL;
  char a[1024]="Hello World!";
  char tmp[1024];
  int key_size;
  int iv_size;
  
   
    if ( !gcry_check_version ( GCRYPT_VERSION ) )
    {
        exit ( EXIT_FAILURE );
    }

    gcry_control ( GCRYCTL_SUSPEND_SECMEM_WARN );
    gcry_control ( GCRYCTL_INIT_SECMEM, SECURE_MEMORY_SIZE ,0 );
    gcry_control ( GCRYCTL_RESUME_SECMEM_WARN );
    gcry_control ( GCRYCTL_INITIALIZATION_FINISHED,0 );

    error=gcry_cipher_open(&hd,CIPHER_CHOICE,CIPHER_MODE_CHOICE,CIPHER_FLAGS_CHOICE);
    printf("Initialization of handler for encryption=%d,%s\n",error,gcry_strerror(error));
     
    /* allocation and creation of a randomized key and randomized IV*/
    key_size=gcry_cipher_get_algo_keylen(CIPHER_CHOICE);
    if ( NULL== ( key=gcry_calloc_secure ( key_size,1) ) )
    {
      printf("Can not allocate memory for the key. Aborting\n.");
      exit ( EXIT_FAILURE );
    }
    
    gcry_randomize(key,key_size,GCRY_STRONG_RANDOM);

    iv_size=gcry_cipher_get_algo_blklen(CIPHER_CHOICE);
    if ( NULL== ( iv=gcry_calloc_secure ( iv_size,1) ) )
    {
      printf("Can not allocate memory for the IV.  Aborting\n.");
      gcry_free(key);
      key=NULL;
      exit ( EXIT_FAILURE );
    }
    gcry_randomize(iv,iv_size,GCRY_STRONG_RANDOM);
    
    error=gcry_cipher_setkey(hd,key,key_size);
    printf("Set the key=%d,%s\n",error,gcry_strerror(error));
    
    error=gcry_cipher_setiv(hd,iv,iv_size);
    printf("Set the IV=%d,%s\n",error,gcry_strerror(error));
    
    error=gcry_cipher_encrypt ( hd,tmp,sizeof ( tmp ),a,sizeof(a) );
    printf("Encryption=%d,%s\n",error,gcry_strerror(error));
  
    /* should be useless but just in case...*/
    gcry_cipher_close ( hd );
    
    error=gcry_cipher_open(&hd,CIPHER_CHOICE,CIPHER_MODE_CHOICE,CIPHER_FLAGS_CHOICE);
    printf("Initialization of handler for decryption=%d,%s\n",error,gcry_strerror(error));
    
    /* if we uncomment this line, decryption will be wrong but no error is returns */
    /*  gcry_randomize(key,key_size,GCRY_STRONG_RANDOM); */
    error=gcry_cipher_setkey(hd,key,key_size);
    printf("Set the key=%d,%s\n",error,gcry_strerror(error));
    
    /* same as above */
   /*  gcry_randomize(iv,iv_size,GCRY_STRONG_RANDOM); */
    error=gcry_cipher_setiv(hd,iv,iv_size);
    printf("Set the IV=%d,%s\n",error,gcry_strerror(error));
    
    error=gcry_cipher_decrypt ( hd,tmp,sizeof ( tmp ),NULL,0 );
    printf("Decryption=%d,%s\n",error,gcry_strerror(error));
    
    gcry_cipher_close ( hd );
    gcry_free(key);
    key=NULL;
    gcry_free(iv);
    iv=NULL;
    
    gcry_control(GCRYCTL_TERM_SECMEM);
    
    printf("a=%s\n",a);
    printf("tmp=%s\n",tmp);
    
    
    exit(EXIT_SUCCESS);
}


  

-- 
There are three rules for writing a novel.  Unfortunately, no one knows
what they are.
		-- Somerset Maugham
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: </pipermail/attachments/20110217/66589fb5/attachment.pgp>


More information about the Gcrypt-devel mailing list