Re: AES (Rijndael) Encryption with CryptoAPI

From: Abe Simpson (abe_at_simpson.com)
Date: 06/25/04 

Date: Fri, 25 Jun 2004 11:40:03 -0400

Thanks to both of you, I managed to verify the correctness of encryption.

Abe

"Ryan Menezes [MSFT]" <ryanmen@online.microsoft.com> wrote in message
news:%23ze$X1kWEHA.4064@TK2MSFTNGP11.phx.gbl...
> Trying passing FALSE for the Final flag to CryptEncrypt() if you don't
want
> a whole extra block added to data which is already a multiple of block
size.
>
> --
> Thanks,
> Ryan Menezes [MS]
> This posting is provided "AS IS" with no warranties, and confers no
rights.
>
>
> "Pieter Philippaerts" <Pieter.nospam@mentalis.org> wrote in message
> news:eBpIqkkWEHA.2576@TK2MSFTNGP10.phx.gbl...
> > "Abe Simpson" <abe@simpson.com> wrote in message
> > > When I encrypt plaintext that is 1 to 15 bytes long, the resultant
> > > ciphertext is always 16 bytes, and a 16-byte plaintext results in a
> > 32-byte
> > > cipher text.
> >
> > This is normal behavior. The AES is a block cipher, which means it
always
> > operates on 16 byte blocks.
> > If the input data is not an exact multiple of 16, the data will be
padded
> > until it has a length that is a multiple of 16.
> > If the input data is an exact multiple of 16, the CryptoAPI will add a
> full
> > 16-byte padding block at the end of the data.
> >
> > > Rijndael specs provide sample results where 16-byte plaintext becomes
> > > 16-byte ciphertext. How do I achieve the same result?
> >
> > You can simply ignore the last 16 bytes, since they are the encrypted
> > padding.
> >
> > Regards,
> > Pieter Philippaerts
> >
> > P.S.: in case the results of your code are not the same as the results
> > you're trying to verify it with, a common mistake is that the CryptoAPI
is
> > little endian and virtually every other platform is big endian (Java,
> .NET,
> > and probably the AES reference too). So you may need to reverse the key
> and
> > IV.
> >
> >
>
>

Relevant Pages