«

hi,
i was learning to do AES encryption using inlineIVs .I used an input
byte[] of 16X3 bytes, secretkey from a byte[] of 24 bytes and an iv
byte[] of 16 bytes.

<code snippet>

byte[]input = new byte[] {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,0x08, 0x09, 0x0a, 0x0b,
0x0c, 0x0d, 0x0e, 0x0f,0x0f, 0x00, 0x03, 0x09, 0x0d, 0x04, 0x05, 0x02,
0x06,0x01, 0x07,0x08, 0x0a, 0x0b, 0x0c, 0x0e, 0x00, 0x01, 0x02, 0x03,
0x04, 0x05, 0x06, 0x07 ,0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e,
0x0f};

byte[] ivBytes=new byte[]{
0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,0x08, 0x09, 0x0a, 0x0b,
0x0c, 0x0d, 0x0e, 0x0f };

byte[]keyBytes = new byte[] {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17 };

SecretKeySpec key=new SecretKeySpec(keyBytes,"AES");
IvParameterSpec ivSpec=new IvParameterSpec(new byte[16]);
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
cipher.init(Cipher.ENCRYPT_MODE,key,ivSpec);
byte[] cipherText=new byte[cipher.getOutputSize(ivBytes.length
+input.length)];
int ctLength=cipher.update(ivBytes,0,ivBytes.length,ci pherText,0);
System.out.println("encryption::ctLength="+ctLengt h);
ctLength+=cipher.update(input,0,input.length,ciphe rText,ctLength);
debug("encryption::ctLength="+ctLength);
ctLength+=cipher.doFinal(cipherText,ctLength);
debug("encryption::ctLength="+ctLength);

<code snippet/>
when i ran this code ,i get these values for the number of bytes
stored in the input after each update() call

encryption::ctLength=0
encryption::ctLength=48
encryption::ctLength=80

Why is the number of bytes stored in the output 0 after the first
update call?shouldn't it be equal to the size of iv?

also,I tried the decryption ,

<code snippet>
cipher.init(Cipher.DECRYPT_MODE, key, ivSpec);
byte[] decryptBuf=new byte[cipher.getOutputSize(ctLength)];
int bufLength=cipher.update(cipherText,0,cipherText.le ngth,decryptBuf,
0);
debug("decryption:: bufLength="+bufLength);
bufLength+=cipher.doFinal(decryptBuf,bufLength);
debug("decryption:: bufLength="+bufLength);
//need to remove the iv from output plaintext
byte[] plainText=new byte[bufLength-ivBytes.length];
System.arraycopy
(decryptBuf, ivBytes.length,plainText,0,plainText.length);

<code snippet/>

here i get ,
decryption:: bufLength=64
decryption:: bufLength=64

shouldn't these be 48 instead?
If someone can explain how these numbers occur..it wd help me a lot.I
am a beginner in this topic.
thanks
jim

On Tue, 2 Dec 2008 08:18:15 -0800 (PST), jimgardener
<> wrote, quoted or indirectly quoted someone who
said :

>hi,

Encryption seems to like padding your messages in subtle ways. A
brute force way to deal with the problem is to put the length of your
message on the front so it gets encrypted too and only use that many
bytes of the result.
--
Roedy Green Canadian Mind Products
http://mindprod.com
"Humanity is conducting an unintended, uncontrolled, globally pervasive experiment
whose ultimate consequences could be second only to global nuclear war."
~ Environment Canada (The Canadian equivalent of the EPA on global warming)

jimgardener wrote:
> i was learning to do AES encryption using inlineIVs .I used an input
> byte[] of 16X3 bytes, secretkey from a byte[] of 24 bytes and an iv
> byte[] of 16 bytes.
>
> <code snippet>
>
> byte[]input = new byte[] {
> 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,0x08, 0x09, 0x0a, 0x0b,
> 0x0c, 0x0d, 0x0e, 0x0f,0x0f, 0x00, 0x03, 0x09, 0x0d, 0x04, 0x05, 0x02,
> 0x06,0x01, 0x07,0x08, 0x0a, 0x0b, 0x0c, 0x0e, 0x00, 0x01, 0x02, 0x03,
> 0x04, 0x05, 0x06, 0x07 ,0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e,
> 0x0f};
>
> byte[] ivBytes=new byte[]{
> 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,0x08, 0x09, 0x0a, 0x0b,
> 0x0c, 0x0d, 0x0e, 0x0f };
>
> byte[]keyBytes = new byte[] {
> 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
> 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
> 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17 };
>
> SecretKeySpec key=new SecretKeySpec(keyBytes,"AES");
> IvParameterSpec ivSpec=new IvParameterSpec(new byte[16]);
> Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
> cipher.init(Cipher.ENCRYPT_MODE,key,ivSpec);
> byte[] cipherText=new byte[cipher.getOutputSize(ivBytes.length
> +input.length)];
> int ctLength=cipher.update(ivBytes,0,ivBytes.length,ci pherText,0);
> System.out.println("encryption::ctLength="+ctLengt h);
> ctLength+=cipher.update(input,0,input.length,ciphe rText,ctLength);
> debug("encryption::ctLength="+ctLength);
> ctLength+=cipher.doFinal(cipherText,ctLength);
> debug("encryption::ctLength="+ctLength);
>
> <code snippet/>
> when i ran this code ,i get these values for the number of bytes
> stored in the input after each update() call
>
> encryption::ctLength=0
> encryption::ctLength=48
> encryption::ctLength=80
>
> Why is the number of bytes stored in the output 0 after the first
> update call?shouldn't it be equal to the size of iv?

It apparently does some buffering.

The API works according to specs - you should not worry
about the implementation.

> also,I tried the decryption ,
>
> <code snippet>
> cipher.init(Cipher.DECRYPT_MODE, key, ivSpec);
> byte[] decryptBuf=new byte[cipher.getOutputSize(ctLength)];
> int bufLength=cipher.update(cipherText,0,cipherText.le ngth,decryptBuf,
> 0);
> debug("decryption:: bufLength="+bufLength);
> bufLength+=cipher.doFinal(decryptBuf,bufLength);
> debug("decryption:: bufLength="+bufLength);
> //need to remove the iv from output plaintext
> byte[] plainText=new byte[bufLength-ivBytes.length];
> System.arraycopy
> (decryptBuf, ivBytes.length,plainText,0,plainText.length);
>
> <code snippet/>
>
> here i get ,
> decryption:: bufLength=64
> decryption:: bufLength=64
>
> shouldn't these be 48 instead?

No. You encrypted 64 bytes (16 iv + 48 input) so it is
correct.

Arne

Roedy Green wrote:
> On Tue, 2 Dec 2008 08:18:15 -0800 (PST), jimgardener
> <> wrote, quoted or indirectly quoted someone who
> said :
>> hi,
>
> Encryption seems to like padding your messages in subtle ways. A
> brute force way to deal with the problem is to put the length of your
> message on the front so it gets encrypted too and only use that many
> bytes of the result.

Nonsense.

The Java Cipher code is perfectly capable of adding and removing
padding.

Arne