Decrypt using BcryptDecrypt

Werner Koch wk at
Fri Jun 5 10:32:30 CEST 2020

On Tue,  2 Jun 2020 16:57, Mandar Apte said:
> On windows I am using Bcrypt library which also supports AES 256 in CBC
> mode.

FWIW, Libgcrypt runs very well on Windows.

> Hence, I wanted to check, if the Libgcrypt APIs are doing padding
> internally since I am not passing any such instruction to the Libgcrypt
> library explicitly?

No, Libgcrypt does not do any padding and it expects complete blocks.
gcry_cipher_get_algo_blklen() tells you the block length of the cipher

There is a flag to enable ciphertext stealing (GCRY_CIPHER_CBC_CTS) but
in this case you need to pass the entire plaintext/ciphertext to the
encrypt/decrypt function; there is no way to do this incremental.

For the standard padding as used in CMS (S/MIME), you need to handle the
padding in your code; here is a snippet

 if (last_block_is_incomplete)
      int i,
      int npad = blklen - (buflen % blklen);
      p = buffer;
      for (n=buflen, i=0; n < bufsize && i < npad; n++, i++)
        p[n] = npad;
      gcry_cipher_encrypt (chd, buffer, n, buffer, n);



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <>

More information about the Gcrypt-devel mailing list