Decrypt using BcryptDecrypt
Werner Koch
wk at gnupg.org
Fri Jun 5 10:32:30 CEST 2020
On Tue, 2 Jun 2020 16:57, Mandar Apte said:
> On windows I am using Bcrypt library which also supports AES 256 in CBC
> mode.
FWIW, Libgcrypt runs very well on Windows.
> Hence, I wanted to check, if the Libgcrypt APIs are doing padding
> internally since I am not passing any such instruction to the Libgcrypt
> library explicitly?
No, Libgcrypt does not do any padding and it expects complete blocks.
gcry_cipher_get_algo_blklen() tells you the block length of the cipher
algorithm.
There is a flag to enable ciphertext stealing (GCRY_CIPHER_CBC_CTS) but
in this case you need to pass the entire plaintext/ciphertext to the
encrypt/decrypt function; there is no way to do this incremental.
For the standard padding as used in CMS (S/MIME), you need to handle the
padding in your code; here is a snippet
if (last_block_is_incomplete)
{
int i,
int npad = blklen - (buflen % blklen);
p = buffer;
for (n=buflen, i=0; n < bufsize && i < npad; n++, i++)
p[n] = npad;
gcry_cipher_encrypt (chd, buffer, n, buffer, n);
}
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gcrypt-devel/attachments/20200605/5aa06331/attachment.sig>
More information about the Gcrypt-devel
mailing list