no error returns when a wrong key/iv is used for decrypting

Nikos Mavrogiannopoulos nmav at gnutls.org
Thu Feb 17 15:03:15 CET 2011


On Thu, Feb 17, 2011 at 2:00 PM, Yves Pagani <ypagani at aps.edu.pl> wrote:
> Hi all,
> I'm doing some tests with the symmetric crypting functions of gcrypt.
> I observed that when I give a wrong key or/and a wrong initialization vector for decrypting data via the gcry_cipher_decrypt function, it returns 0 instead of an error code.
> Of course, with a wrong key/iv, data are not correctly decrypted.

It is not possible for libgcrypt to know whether data are wrongly
decrypted (you have to define wrong). What you want is to add an
authentication layer to that. I.e. add an HMAC to your encrypted data.

regards,
Nikos



More information about the Gcrypt-devel mailing list