Re: interop: PaddingMode.None TripleDES with CrptoAPI
From: casey chesnut (casey_at_MORE_spam_PLEASEbrains-N-brawn.com)
Date: 06/19/04
- Previous message: Rob Bolton: "Re: Basic security question"
- In reply to: John Banes [MS]: "Re: interop: PaddingMode.None TripleDES with CrptoAPI"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 18 Jun 2004 21:28:59 -0500
i'll have to give that i shot,
below is what i have working right now ...
for CryptEncrypt, i just threw away the last 8 bytes of padding.
for CryptDecrypt, i set the last 8 cipher bytes to the IV,
then Encrypt 0x0808080808080808.
that returned 16 bytes, with the 1st 8 bytes being the pad that i needed.
Thanks,
casey
http://www.brains-N-brawn.com
"John Banes [MS]" <jbanes@online.microsoft.com> wrote in message
news:uf14iIZVEHA.2816@TK2MSFTNGP11.phx.gbl...
> You might try calling CryptEncrypt/CryptDecrypt without the 'final' flag.
> That way, the function won't know that it's the final block and thus won't
> add/remove any padding.
>
> This approach will probably work with most or all CSPs that are out there.
>
> Regards,
> John Banes
> [Microsoft Security Developer]
>
> This posting is provided "AS IS" with no warranties, and confers no
rights.
> Please do not send email directly to this alias. This alias is for
newsgroup
> purposes only.
>
> "casey chesnut" <casey@braSPAMins-N-braSPAMwn.com> wrote in message
> news:OjHGGfIVEHA.2360@TK2MSFTNGP10.phx.gbl...
> > i'm trying to do TripleDES with no padding in the CryptoAPI
> >
> > going off this article here:
> > http://www.di-mgt.com.au/cryptopad.html#example3des
> >
> > which lists these expected results:
> > Example using Triple DES with key
> > 0x0123456789ABCDEFFEDCBA987654321089ABCDEF01234567
> > 3DES INPUT BLOCKS: 12345376 06666665 55551205
> > 3DES OUTPUT: 7ADE45981580DB32 421E3D90B5B47D5B 1175FA3DD8B932D7
> > using an 8 byte IV of all zero.
> >
> > if i take the 1st block and encrypt it with the CryptoAPI.
> > then i get 7ADE45981580DB32 (as expected) plus 8 more bytes of padding.
> > ok, so if i want to encrypt with no padding,
> > i just do that for 8 block chunks and strip off the trailing 8 each
time.
> > so that should be compatible with the desktop.
> >
> > but the problem is when i try to decrypt with the CryptoAPI.
> > if i take the result 7ADE45981580DB32 and append 8 bytes of padding:
> > 0808080808080808,
> > when i try to decrypt, i get BAD DATA.
> >
> > what else do i need to do?
> >
> > Thank you,
> > casey
> >
> >
>
>
- Previous message: Rob Bolton: "Re: Basic security question"
- In reply to: John Banes [MS]: "Re: interop: PaddingMode.None TripleDES with CrptoAPI"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
