Hi,
I am using CryptoPP library (version 5.21) on 64-bit Linux OS with GNU
g++ compiler (version 3.3.2).
I am trying to encrypt multiple blocks of data using AES CTR mode, for
which I am using two classes AESCTREncryption and AESCTRDecryption. In
both these classes, I have a StreamTransformationFilter member pointer,
apart from keys and other data. When I try to place multiple blocks of
data in the StreamTransformationFilter, I do not get the desired output.
The gist of what I am trying to accomplish follows:
(Inside my encryption method, called MessageEnd)
void AESCTREncryption::MessageEnd() {
// we already have the plaintext and keys in a byte block.
CTR_Mode<AES>::Encryption aes(textKey, textKey.size(), textIV);
// Encrypt my plaintext
aes.ProcessString(plaintext, plaintextLen);
// Create StreamTransformationFilter, if none exists
if (!m_pStreamTransform)
m_pStreamTransform = new StreamTransformationFilter(aes);
// Place multiple blocks of data: padding, encrypted plaintext (now
stored
// in plaintext), message digest
m_pStreamTransform->Put(padding, paddingLen);
m_pStreamTransform->Put(plaintext, plaintextLen);
m_pStreamTransform->Put(digest, HMAC<SHA>::DIGESTSIZE);
m_pStreamTransform->MessageEnd();
}
This doesn't work well. In my decryptor, when I try to verify the digest
I have placed, the digest verification fails. I am getting an exception
I have defined. After debugging with gdb, I am seeing that somehow
multiple Put's with the StreamTransformationFilter, is not returning the
ciphertext my decryptor expects.
This works if I do a single PutMessageEnd(plaintext, plaintextLen) in my
StreamTransformationFilter object. But this is not an option for me, as
I need to minimally place the digest along with the encrypted text for
later verification.
Am I doing something wrong? Any suggestion gratefully appreciated.
Thanks,
Nandan Sinha
