Decrypt using BcryptDecrypt

Mandar Apte mandar.apte409 at gmail.com
Wed Jun 10 18:38:09 CEST 2020 

Hello Team,

          Are there any APIs in Libgcrypt using which I can get padded data
along with my plain text data which I can encrypt using
gcry_cipher_encrypt?


Thanks in advance.
Best Regards,
Mandar

On Fri, 5 Jun 2020, 7:16 pm Mandar Apte, <mandar.apte409 at gmail.com> wrote:

> Hello Werner,
>
>           Thank you very much for the response.
>
> The way you have shown in the email chain below, I had done same thing in
> my code as well. Also, I am passing the data of block length size only to
> gcry_cipher_encrypt and gcry_cipher_decrypt APIs.
> Now, my goal is to check, if the AES256 encryption/decryption is same for
> libgcrypt and Bcrypt library. Thats the reason I am trying to decrypt the
> data, which was encrypted using Libgcrypt APIs, using Bcrypt APIs on
> windows.
>
> I am pretty sure if I use windows version of Libgcrypt my problem wont be
> there at all.
>
> I think I myself have to handle the padding while encrypting using
> Libgcrypt library APIs.
>
> Since, I have to handle padding in my code, is there any APIs in libgcrypt
> with which I ensure that I am padding the data in standard way?
>


Are there any APIs in Libgcrypt using which I can get padded data along
> with my plain text data which I can encrypt using gcry_cipher_encrypt?
>
>
> Thank you in advance.
> Best Regards,
> Mandar
>
>
>
> On Fri, 5 Jun 2020, 2:05 pm Werner Koch, <wk at gnupg.org> wrote:
>
>> On Tue,  2 Jun 2020 16:57, Mandar Apte said:
>> > On windows I am using Bcrypt library which also supports AES 256 in CBC
>> > mode.
>>
>> FWIW, Libgcrypt runs very well on Windows.
>>
>> > Hence, I wanted to check, if the Libgcrypt APIs are doing padding
>> > internally since I am not passing any such instruction to the Libgcrypt
>> > library explicitly?
>>
>> No, Libgcrypt does not do any padding and it expects complete blocks.
>> gcry_cipher_get_algo_blklen() tells you the block length of the cipher
>> algorithm.
>>
>> There is a flag to enable ciphertext stealing (GCRY_CIPHER_CBC_CTS) but
>> in this case you need to pass the entire plaintext/ciphertext to the
>> encrypt/decrypt function; there is no way to do this incremental.
>>
>> For the standard padding as used in CMS (S/MIME), you need to handle the
>> padding in your code; here is a snippet
>>
>>  if (last_block_is_incomplete)
>>    {
>>       int i,
>>       int npad = blklen - (buflen % blklen);
>>
>>       p = buffer;
>>       for (n=buflen, i=0; n < bufsize && i < npad; n++, i++)
>>         p[n] = npad;
>>       gcry_cipher_encrypt (chd, buffer, n, buffer, n);
>>     }
>>
>>
>>
>> Shalom-Salam,
>>
>>    Werner
>>
>>
>> --
>> Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gcrypt-devel/attachments/20200610/603b85f7/attachment.html>

More information about the Gcrypt-devel mailing list