1 (edited by Iguananaut 2017-01-12 11:54:51)

Topic: [SOLVED] Problem with AesCtrEncrypt

Greetings, and happy new(-ish) year,

I have an application that's using AES in CTR mode, and I've been working with it for quite a while (thankfully not in production yet) just assuming that my encryption was working.  I feel like I've tested it before but it would have been a few weeks ago.  In any case, I was recently doing some verification tests and found that my AES-encrypted data was not being decrypted properly, and now as far as I can tell CTR mode just isn't working properly.  To confirm it wasn't just a problem elsewhere in my code I wrote a simple test program almost exactly following the docs here:

https://www.wolfssl.com/wolfSSL/Docs-wo … i-aes.html (under wc_AesCtrEncrypt).

To be clear, my exact test code is as follows:

#include <wolfssl/options.h>
#include <wolfssl/wolfcrypt/aes.h>
#include <wolfssl/wolfcrypt/types.h>
#include <wolfssl/wolfcrypt/random.h>
#include <stdio.h>

int main(void) {
    byte msg[16] = "abcdefghijklmnop";
    byte cipher[16];
    byte decrypted[16];
    Aes enc_dec;
    RNG rng;
    int idx;

    byte *key = malloc(32);
    byte *iv = malloc(16);

    wc_InitRng(&rng);

    wc_RNG_GenerateBlock(&rng, key, 32);
    wc_RNG_GenerateBlock(&rng, iv, 32);

    if(wc_AesSetKeyDirect(&enc_dec, key, 32, iv, AES_ENCRYPTION) < 0) {
        printf("Error setting key\n");
        return -1;
    }

    wc_AesCtrEncrypt(&enc_dec, cipher, msg, sizeof(msg));
    wc_AesCtrEncrypt(&enc_dec, decrypted, cipher, sizeof(cipher));
    for (idx = 0; idx < 16; idx++) {
        printf("%c", (char)decrypted[idx]);
    }
    printf("\n");
    return 0;
}

I would expect `decrypted` to contain the original message, but instead it just prints gibberish.  Am I missing something obvious?

Share

Re: [SOLVED] Problem with AesCtrEncrypt

Nevermind; a glance at the WolfSSL test suite pointed me in the right direction.  One needs separate Aes structs for encryption and decryption.  Looking at the source code makes it clear why, at least for the native implementation: The counter state is maintained on the Aes struct, so it would have to be reset before decryption (or otherwise, just use a different instance).

Consider this then a bug report against the documentation, which isn't clear about this smile

Share

Re: [SOLVED] Problem with AesCtrEncrypt

Hi Iguananaut,

Thank you for your feedback! We are always looking to improve our documentation and are very appreciative whenever we receive feedback of this nature from the community. I have updated that section in the manual to the following:

wc_AesCtrEncrypt
Synopsis:
#include <wolfssl/wolfcrypt/aes.h>

void wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);

Description:
Encrypts/Decrypts a message from the input buffer in, and places the resulting cipher text in the output buffer out using CTR mode with AES. This function is only enabled if WOLFSSL_AES_COUNTER is enabled at compile time. The AES structure should be initialized through AesSetKey before calling this function. Note that this function is used for both decryption and encryption.

Return Values:
No return value for this function.
Parameters:
aes - pointer to the AES object used to decrypt data
out - pointer to the output buffer in which to store the cipher text of the encrypted message
in - pointer to the input buffer containing plain text to be encrypted
sz - size of the input plain text

NOTE: Regarding using same API for encryption and decryption.
    User should differentiate between Aes structures for encrypt/decrypt.

Example:
Aes enc;
Aes dec;
/* initialize enc and dec with AesSetKeyDirect, using direction AES_ENCRYPTION
* since the underlying API only calls Encrypt and by default calling encrypt on
* a cipher results in a decryption of the cipher
*/

byte msg[AES_BLOCK_SIZE * n]; //n being a positive integer making msg some multiple of 16 bytes
// fill plain with message text
byte cipher[AES_BLOCK_SIZE * n];
byte decrypted[AES_BLOCK_SIZE * n];

wc_AesCtrEncrypt(&enc, cipher, msg, sizeof(msg)); // encrypt plain
wc_AesCtrEncrypt(&dec, decrypted, cipher, sizeof(cipher)); // decrypt cipher text

See Also:
wc_AesSetKey

These changes will be reflected the next time the website is updated.


Warm Regards,

Kaleb

Re: [SOLVED] Problem with AesCtrEncrypt

Sounds good, thanks!

Share