Hi,
In method "void CBC_CTS_Encryption::ProcessLastBlock" in modes.cpp
(version 5.1) there's this block of code:
if (length <= BlockSize())
{
if (!m_stolenIV)
throw InvalidArgument("CBC_Encryption: message is too short
for ciphertext stealing");
// steal from IV
memcpy(outString, m_register, length);
outString = m_stolenIV;
}
This has two effects:
1. Plaintext < BlockSize() (which is 16 for AES) throws the
"too short" error.
2. You must pad the plaintext to BlockSize() + 1 to overcome
this problem.
Potential bug #1: should the test be:
if (length < BlockSize())
(i.e. "less than" instead of "less than or equal")?
Potential bug #2: is it intended to work this way? Should CTS mode
really require the plaintext to be > the block size for a symmetric
stream cipher?
--
Russell Robinson (mailto:[EMAIL PROTECTED])
Author of Tectite (CRM and Licensing for Software Developers)
Download your free CRM from: http://www.tectite.com/
