Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

C_Decrypt sometimes fails to decrypt properly #720

Open
bgh34056 opened this issue Aug 23, 2023 · 0 comments
Open

C_Decrypt sometimes fails to decrypt properly #720

bgh34056 opened this issue Aug 23, 2023 · 0 comments

Comments

@bgh34056
Copy link

The data which ai am passing for encryption is "1111111111111111" no IV , no padding used .

Code To Encrypt :
`
encryptMech = { CKM_AES_ECB, NULL, 0 };

//CK_BYTE plainText[] = "Hello, this is the plaintext to be encrypted.";

// Initialize encryption
std::vector<unsigned char> plainText(challenge.begin(), challenge.end());
CK_ULONG ulPlainTextLen = plainText.size();

CK_ULONG ulCipherTextLen;
rv = pFunctionList->C_EncryptInit(session, &encryptMech, hKey);
if (rv != CKR_OK) {
    std::cerr << "Failed to initialize encryption. Error: " << rv << std::endl;
    cleanupSessionAndFinalize(session);
    return std::vector<unsigned char>(); // Return an empty vector to indicate failure
}

// Get the required buffer size for the ciphertext
rv = pFunctionList->C_Encrypt(session, plainText.data(), ulPlainTextLen, nullptr, &ulCipherTextLen);
if (rv != CKR_OK) {
    std::cerr << "1. Encryption failed. Error: " << rv << std::endl;
    cleanupSessionAndFinalize(session);
    return std::vector<unsigned char>(); // Return an empty vector to indicate failure
}

// Resize the ciphertext vector to accommodate the encrypted data
ciphertext.resize(ulCipherTextLen);

// Perform the encryption
rv = pFunctionList->C_Encrypt(session, plainText.data(), ulPlainTextLen, ciphertext.data(), &ulCipherTextLen);
if (rv != CKR_OK) {
    std::cerr << "2. Encryption failed. Error: " << rv << std::endl;
    cleanupSessionAndFinalize(session);
    return std::vector<unsigned char>(); // Return an empty vector to indicate failure
}

Code To Decrypt : // Perform the decryption
CK_BYTE_PTR tempCipherText = const_cast<CK_BYTE_PTR>(cipherText.data());
CK_ULONG ulCipherTextLen = cipherText.size();

CK_MECHANISM decryptMech = { CKM_AES_ECB, NULL, 0 };
rv = pFunctionList->C_DecryptInit(session, &decryptMech, hKey);
if (rv != CKR_OK) {
    std::cerr << "Failed to initialize decryption. Error: " << rv << std::endl;
    cleanupSessionAndFinalize(session);
    return std::vector<CK_BYTE>(); // Return an empty vector on error
}

CK_ULONG ulPlainTextLen = 0; // Initialize to 0 to get the actual length after decryption
rv = pFunctionList->C_Decrypt(session, tempCipherText, ulCipherTextLen, nullptr, &ulPlainTextLen);
if (rv != CKR_OK && rv != CKR_DATA_LEN_RANGE) {
    std::cerr << "Failed to determine decrypted data length. Error: " << rv << std::endl;
    cleanupSessionAndFinalize(session);
    return std::vector<CK_BYTE>(); // Return an empty vector on error
}

std::vector<CK_BYTE> decryptedText(ulPlainTextLen);
//CK_BYTE_PTR tempPlainText = decryptedText.data();

//rv = pFunctionList->C_Decrypt(session, tempCipherText, ulCipherTextLen, tempPlainText, &ulPlainTextLen);
rv = pFunctionList->C_Decrypt(session, tempCipherText, ulCipherTextLen, &decryptedText.front(), &ulPlainTextLen);
if (rv != CKR_OK) {
    std::cerr << "Decryption failed. Error: " << rv << std::endl;
    cleanupSessionAndFinalize(session);
    return std::vector<CK_BYTE>(); // Return an empty vector on error
}

`
When C_Decrypt is successful but the decrypted data sometimes is not matching the original value.

Like when it is matching Output is :

Encrypted data length: 16
Encrypted plainText:
79 eb 4d cf bc b2 26 ce 54 d3 24 ec 99 b3 79 ba
Decrypted data length: 16
Decrypted decryptedText:
11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11
decrypted challenge: 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11
original challenge: 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11
Authentication successful!

When it is matching the Output is :

Connection from: 127.0.0.1, Port: 39944
Generated challenge: 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11
SSL_write: challenge 16
SSL_read: responseBuffer : 1048
responseReceived: 79 eb 4d cf bc b2 26 ce 54 d3 24 ec 99 b3 79 ba
bytes read: 16
Encrypted data length: 16
Encrypted plainText:
79 eb 4d cf bc b2 26 ce 54 d3 24 ec 99 b3 79 ba
Decrypted data length: 16
Decrypted decryptedText:
ed 7a 9f 59 52 36 88 49 98 3c 38 81 9e 37 7a 62
decrypted challenge: ed 7a 9f 59 52 36 88 49 98 3c 38 81 9e 37 7a 62
original challenge: 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11 11
Authentication failed!

I would Like to know if the above code is correct or is there an issue with C_Decrypt itself
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@bgh34056