Hi,

We are updating a project which uses the ancient cryptopp 4.2, to the 
latest version in order to have better cross platform support (4.2 suffers 
from undefined behaviour under platforms like Android/iOS).
In this project, we use AES to decrypt/encrypt some data, nothing to fancy.

Now, the problem when moving to the newer version lies in generation the IV.
The code used to generate our IV is as follows:

BOOL CCryptorAES101::Init(BYTE* pKey, DWORD dwKeySize)
{
 ASSERT(pKey);


 m_bInit = true;


 try
 {
 CryptoPP::SHA256         hash;
 CryptoPP::RandomPool     rng;
 CryptoPP::MySecByteBlock bufSeedIV(IV_SEED_SIZE);


 m_bufSeed.Resize(hash.DigestSize());
 m_bufIV  .Resize(IV_SIZE);


 hash.CalculateDigest(m_bufSeed,pKey,dwKeySize);
 rng.Put(pKey,dwKeySize);
 rng.GenerateBlock(bufSeedIV,bufSeedIV.Size());


 CryptoPP::MySecByteBlock bufHash(hash.DigestSize());


 hash.CalculateDigest(bufHash,bufSeedIV.Begin(),bufSeedIV.Size());


 ASSERT(2 * m_bufIV.Size() == bufHash.Size());


 for (int i = 0; i < m_bufIV.Size(); i++)
 m_bufIV[i] = bufHash[i] ^ bufHash[i + 16];


 }
 catch (CryptoPP::Exception const& e)
 {
 UNUSED_ALWAYS(e);


 m_bInit = false;
 
 return false;
 }


 return true;
}


The following code does the actual decryption:

BOOL CCryptorAES101::Decrypt(BYTE* pData, DWORD dwSize)
{
 if (!m_bInit)
 return FALSE;


 try
 {
#if CRYPTO_VER == 42
 CryptoPP::AESEncryption aes(m_bufSeed,m_bufSeed.Size());
 CryptoPP::CFBDecryption decryptor(aes,m_bufIV);
#else
 CryptoPP::AES::Encryption                     aes(m_bufSeed,m_bufSeed.size
());
 CryptoPP::CFB_Mode_ExternalCipher::Decryption decryptor(aes,m_bufIV);
#endif
 decryptor.ProcessString(pData,dwSize);
 }
 catch (CryptoPP::Exception const& e)
 {
 UNUSED_ALWAYS(e);


 return FALSE;
 }


 return TRUE;
}



Under cryptopp 4.2, bufSeedIV is always the same, resulting in a bufHash 
and m_bufIV which are always the same. 
Under cryptopp 5.6.4 however, bufSeedIV is always different, this is our 
problem.

As far as I can figure, the RandomPool implementation changed over time, 
but I could be wrong.

Any guidance would be appreciated!

Kind regards,

Edwin

-- 
-- 
You received this message because you are subscribed to the "Crypto++ Users" 
Google Group.
To unsubscribe, send an email to cryptopp-users-unsubscr...@googlegroups.com.
More information about Crypto++ and this group is available at 
http://www.cryptopp.com.
--- 
You received this message because you are subscribed to the Google Groups 
"Crypto++ Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cryptopp-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to