<div dir="ltr"><div><div><div>dear all<br></div>i'm trying to use AES-GCM model for encryption i use a sample code for that <br><br></div><div>and my problem is <br><br> ret = EVP_DecryptFinal_ex(ctx, plaintext + len, &len);<br><br><div>ret all the time is 0 this means that <br><pre>the plaintext is not trustworthy.<br></pre></div></div>encryption function <br><br>int<br>Server::AuthenticationEncryption(unsigned char plaintext[], int ptextsize,<br> unsigned char aad[], int aadlen, unsigned char key[],int keysize,<br> unsigned char iv[],int ivsize, unsigned char ciphertext[], unsigned char tag[])<br>{<br> int len;<br> int ciphertext_len;<br> EVP_CIPHER_CTX *ctx;<br> ctx = EVP_CIPHER_CTX_new();<br><br> //Initialize the encryption operation<br> if (1 == EVP_EncryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL))<br> {<br> cout<<"success inttialize"<<endl;<br> }<br> else<br> {<br> cout<<"something wrong"<<endl;<br> }<br> //Set IV length should be more than 12 byte or 96 bit normally 16<br> if (1 == EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, ivsize, NULL))<br> {<br> cout<<"success adding iv"<<endl;<br> }<br> else<br> {<br> cout<<"something wrong"<<endl;<br> }<br> //Initialize key and IV<br> if (1 == EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv))<br> {<br> cout<<"success initialize key and iv "<<endl;<br> }<br> else<br> {<br> cout<<"something wrong"<<endl;<br> }<br> //add AAD data<br> if (1 == EVP_EncryptUpdate(ctx, NULL, &len, aad, aadlen))<br> {<br> cout<<"success adding AAD"<<endl;<br> }<br> else<br> {<br> cout<<"something wrong"<<endl;<br> }<br> //encrypt the message<br> if (1 == EVP_EncryptUpdate(ctx, ciphertext, &len, plaintext, ptextsize))<br> {<br> cout<<"success encryption"<<endl;<br> ciphertext_len = len;<br> }<br> else<br> {<br> cout<<"something wrong"<<endl;<br> }<br> //finalize the encryption<br> if (1 == EVP_EncryptFinal_ex(ctx, ciphertext + len, &len))<br> {<br> cout<<"success final encryption"<<endl;<br> ciphertext_len += len;<br> cout<<"cipher length is "<<ciphertext_len<<endl;<br> }<br> else<br> {<br> cout<<"something wrong"<<endl;<br> }<br> //get the tag<br> EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, 16, tag);<br> return ciphertext_len;<br>}<br><br></div>decryption function<br><div><br>int<br>Server::AuthenticationDecryption(unsigned char ciphertext[], int ctextsize,<br> unsigned char aad[], int aadlen, unsigned char tag[],<br> unsigned char key[], int keysize, unsigned char iv[], int ivsize,<br> unsigned char plaintext[])<br>{<br> int len;<br> int plaintext_len;<br><br> EVP_CIPHER_CTX *ctx;<br> ctx = EVP_CIPHER_CTX_new();<br><br> //Initialize the encryption operation<br> if (1 == EVP_DecryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL))<br> {<br> cout<<"success initialize"<<endl;<br> }<br> else<br> {<br> cout<<"something wrong"<<endl;<br> }<br> //Set IV length should be more than 12 byte or 96 bit normally 16<br> if (1 == EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, ivsize, NULL))<br> {<br> cout<<"success adding iv"<<endl;<br> }<br> else<br> {<br> cout<<"something wrong"<<endl;<br> }<br> //Initialize key and IV<br> if (1 == EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv))<br> {<br> cout<<"success adding key and iv"<<endl;<br> }<br> else<br> {<br> cout<<"something wrong"<<endl;<br> }<br> //add AAD data<br> if (1 == EVP_DecryptUpdate(ctx, NULL, &len, aad, aadlen))<br> {<br> cout<<"success adding AAD"<<endl;<br> }<br> else<br> {<br> cout<<"something wrong"<<endl;<br> }<br> //Decrypt the message<br> if (1 == EVP_DecryptUpdate(ctx, plaintext, &len , ciphertext, ctextsize))<br> {<br> cout<<"success decryption"<<endl;<br> plaintext_len = len;<br> }<br> else<br> {<br> cout<<"something wrong"<<endl;<br> }<br> //add the tag<br> if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, 16, tag))<br> {<br> cout<<"success adding tag"<<endl;<br> }<br> else<br> {<br> cout<<"something wrong"<<endl;<br> }<br> //finalize the Decryption<br> int ret = 1;<br> ret = EVP_DecryptFinal_ex(ctx, plaintext + len, &len);<br><br> cout<<" ret value is "<<ret<<endl;<br><br> if (ret > 0)<br> {<br> cout<<"success final decryption"<<endl;<br> plaintext_len += len;<br> cout<<"palin text is "<<plaintext_len<<endl;<br> return plaintext_len;<br><br> }<br> else<br> {<br> cout<<"decrypt fail"<<endl;<br> return -1;<br> }<br> return ret;<br><br>}<br clear="all"><div><div><div><br></div><div>and in main () i use that<br><br> unsigned char plaintext[120] = {'f','a','3','1','3','2','2','5','f','8','8','4','0','6','e','5','a','5','5','9','0','9','c','5','a','f','f','5','2','6','9','a','8','6','a','7','a','9','5','3','1','5','3','4','f','7','d','a','2','e','4','c','3','0','3','d','8','a','3','1','8','a','7','2','1','c','3','c','0','c','9','5','9','5','6','8','0','9','5','3','2','f','c','f','0','e','2','4','4','9','a','6','b','5','2','5','b','1','6','a','e','d','f','5','a','a','0','d','e','6','5','7','b','a','6','3','7','b','3','9'};<br> unsigned char key [32] = {'f','e','f','f','e',9,9,2,8,6,6,5,7,3,1,'c',6,'d',6,'a',8,'f',9,4,6,7,3,0,8,3,0,8};<br> <br> unsigned char aad[40] = {'f','e','e','d','f','a','c','e','d','e','a','d','b','e','e','f','f','e','e','d','f','a','c','e','d','e','a','d','b','e','e','f','a','b','a','d','d','a','d',2};<br><br> unsigned char iv[120] = {9,3,1,3,2,2,5,'d','f',8,8,4,0,6,'e',5,5,5,9,0,9,'c',5,'a','f','f',5,2,6,9,'a','a',6,'a',7,'a',9,5,3,8,5,3,4,'f',7,'d','a',1,'e',4,'c',3,0,3,'d',2,'a',3,1,8,'a',7,2,8,'c',3,'c',0,'c',9,5,1,5,6,8,0,9,5,3,9,'f','c','f',0,'e',2,4,2,9,'a',6,'b',5,2,5,4,1,6,'a','e','d','b','f',5,'a',0,'d','e',6,'a',5,7,'a',6,3,7,'b',3,9,'b'};<br> unsigned char cipher[120];<br> unsigned char tag[16];<br><br> unsigned char extractedpalintext[120];<br><br> int encryptionsize = 0;<br> encryptionsize = servertest.AuthenticationEncryption(plaintext,120,aad,40,key,32,iv,120,cipher,tag);<br> //servertest.AuthenticationEncryption(NULL,0,NULL,0,key,48,iv,24,cipher,tag);<br> cout<<"size of encrypted data is "<<encryptionsize<<endl;<br> cout<<"cipher text is "<<endl;<br> for (int i = 0 ; i<120 ; i++)<br> {<br> printf("0x%.2x ", cipher[i]);<br> }<br> cout<<endl;<br> cout<<"tag is "<<endl;<br> for (int j = 0 ; j<16 ; j++)<br> {<br> printf("0x%.2x ", tag[j]);<br> }<br> cout<<endl;<br><br> servertest.AuthenticationDecryption(cipher,120,aad,40,tag,key,32,iv,120,extractedpalintext);<br> cout<<"extracted palin text is "<<endl;<br> for (int i = 0 ; i<120 ; i++)<br> {<br> printf("%c ", extractedpalintext[i]);<br> //cout<<extractedpalintext[i];<br> }<br> cout<<endl;<br><br></div><div>the encryption and decryption process are ok but i have a problem with function <br><br> ret = EVP_DecryptFinal_ex(ctx, plaintext + len, &len);<br><br></div><div>all the time is 0 this means that <br><pre>the plaintext is not trustworthy.<br><br></pre><pre>what i did wrong please guide me<br></pre></div><div><br>-- <br><div class="gmail_signature"><div dir="ltr"><div><font face="Times New Roman, Times, Serif"><font color="#ff8040"><span style="font-family:Garamond;color:blue;font-size:12pt"><font face="Arial Black, Geneva, Arial, Sans-serif"><font color="#ff8040">Warmest regards and best wishes for a good health</font></font><font face="Arial Black, Geneva, Arial, Sans-serif">,</font></span><font face="Arial Black, Geneva, Arial, Sans-serif" size="3"><b>urs sincerely </b></font></font></font><br><b><font color="#ff8040" face="Arial Black, Geneva, Arial, Sans-serif" size="3">mero</font></b><br></div></div></div>
</div></div></div></div></div>