Skip to main content

AES-CBC-CTS Decryption using OpenSSL

Recently I was testing few test streams encrypted with AES-CBC-CTS mode, which is another block cipher mode that allows encrypting of data that is not evenly divisible into blocks (unlike AES-CBC mode).

I also found that decryption of such streams is not possible using OpenSSL, as it does not support this block cipher mode. Since OpenSSL does support encryption/decryption for AES-CBC mode, I decided to extend this logic to support AES-CBC-CTS mode.

I found following article on wikipedia which explains CBC-CTS encryption/decryption in detail.

Following C Routine can be used to decrypt data encrypted with AES-CBC-CTS block cipher mode.

_DecryptData(DRM_KeyCtx_T  KEY_CTX, // KeyCtx_T is a structure containing the Key and IV.
                     UINT8 *data, // encrypted data
                     UINT32 inputLength, // encrypted data length
                     UINT8 *outData, // decrypted data
                     UINT32 *outputLength ) // decrypted data length
{
UINT8 Iv[WV_IV_SIZE];
void* lastIvData = NULL;
UINT8 Tn1[16], Tn[16], resBlk[16];
int extraBytes = 0;
int olen=0;
UINT32 tlen=0;
int actualLength = inputLength;

 if (inputLength<16)
 {
    if (data!=outData)
    memcpy(outData, data, inputLength);
    *outputLength = inputLength;
     return SUCCESS;
 }
 // Get Last IV
 if (inputLength&0xf) // not aligned by 16 : CTS
 {
    if (inputLength>=32) // Use Cn-2 Block
    {
       lastIvData = (void*)(data+(inputLength&0xfffffff0)-(IV_SIZE*2)); // IV_SIZE is maximum size of IV.
       memcpy(Iv, lastIvData, 16);
     }
  }

  *outputLength = 0;

   if(!EVP_DecryptInit (&opensslCtx.ctx, opensslCtx.cipher, KEY_CTX.key, KEY_CTX.iv))
        {
            return FAILURE;
        }

   EVP_CIPHER_CTX_set_padding(&opensslCtx.ctx, 0);

   extraBytes = inputLength%16;
   if(extraBytes)
   {
      inputLength -= extraBytes+IV_SIZE;
      if(!inputLength)
         {
              return SUCCESS;
          }
    }

    if (EVP_DecryptUpdate (&opensslCtx.ctx, outData, &olen, data, inputLength) != 1)
    {
       return FAILURE;
    }

    if (EVP_DecryptFinal (&opensslCtx.ctx, outData + olen, (int *)&tlen) != 1)
    {
       return FAILURE;
    }

    olen +=tlen;
    *outputLength += olen;

    // For CBC CTS and handling extrabytes at the end of the inputbuffer
    if(extraBytes)
    {
        memset(resBlk, 0, IV_SIZE);
        memcpy(resBlk, data+inputLength+IV_SIZE, extraBytes);

        olen = 0;
        tlen = 0;

        if(!EVP_DecryptInit (&opensslCtx.ctx, opensslCtx.cipher, KEY_CTX.key, resBlk))
        {
            return FAILURE;
        }

          
        EVP_CIPHER_CTX_set_padding(&opensslCtx.ctx, 0);

        if (EVP_DecryptUpdate (&opensslCtx.ctx, Tn1, &olen, data+inputLength, IV_SIZE) != 1)
        {
           return FAILURE;
         }

         if (EVP_DecryptFinal (&opensslCtx.ctx, Tn1 + olen, (int *)&tlen) != 1)
         {
            return FAILURE;
         }

         olen = 0;
         tlen = 0;

         memcpy(resBlk+extraBytes, Tn1+extraBytes, IV_SIZE-extraBytes);

         if(!EVP_DecryptInit (&opensslCtx.ctx, opensslCtx.cipher, KEY_CTX.key, Iv))
         {
             return FAILURE;
         }

         EVP_CIPHER_CTX_set_padding(&opensslCtx.ctx, 0);

         if (EVP_DecryptUpdate (&opensslCtx.ctx, Tn, &olen, resBlk, IV_SIZE) != 1)
         {
             return FAILURE;
         }

         if (EVP_DecryptFinal (&opensslCtx.ctx, Tn + olen, (int *)&tlen) != 1)
         {
             return FAILURE;
         }

         memcpy(outData+*outputLength, Tn, IV_SIZE);
         memcpy(outData+*outputLength+IV_SIZE, Tn1, extraBytes);
         *outputLength = actualLength;
    }
    return SUCCESS;
}

Comments

  1. Fonts ManiaApril 30, 2020 at 2:27 AM

    Hello Guys, Use this online converter for file converting to other formats like these;

    Best File Converter

    ReplyDelete
  2. Fonts ManiaApril 30, 2020 at 2:28 AM

    And this converter will transfer one file to other formats like these;

    Pptm to Pdf

    Psd to Ai

    Caf to Aiff

    Tga to Jpg

    Swf to Mp4

    ReplyDelete

Post a Comment

Popular posts from this blog

Getting and Setting Microphone Gain or Microphone Boost on Windows 7 / 8 Programmatically

After hours of searching the net I have finally figured out a way to programmatically get and set the microphone gain (boost) value. The code mentioned below can be built on VS and does the job of setting gain value. #include "stdafx.h" #include <mmdeviceapi.h> #include <endpointvolume.h> #include <Functiondiscoverykeys_devpkey.h> #include "Audioclient.h" #include "comutil.h" #define EXIT_ON_ERROR(hres)   if (FAILED(hres)) { goto Exit; } #define SAFE_RELEASE(punk)   if ((punk) != NULL)  { (punk)->Release(); (punk) = NULL; } HRESULT getMicrophoneBoostVolumeLevel(IMMDevice *pEndptDev, IAudioVolumeLevel** ppVolumeLevel) { HRESULT hr = S_OK; DataFlow flow; IDeviceTopology *pDeviceTopology = NULL; IConnector *pConnFrom = NULL; IConnector *pConnTo = NULL; IPart *pPartPrev = NULL; IPart *pPartNext = NULL; *ppVolumeLevel = NULL; wchar_t microphoneBoostName[] = L"Microphone Boost";//if your system ...
8 comments
Read more

Simple example of strong and weak pointers on Android using RefBase class

Here is a simple example explaining the usage of strong and weak pointers using android's RefBase class and the Android.mk to compile the same. Its a modified version of code written by Daniel in the following link. http://himmele.blogspot.com/2012/03/androids-c-reference-counting.html strong_pointer.cpp file:  #include <stdio.h> #include "utils/RefBase.h" namespace android {  class RefTest : public RefBase { public:     RefTest(int32_t id) : mID(id) {         printf("RefTest ctor: %d\n", mID);     }     virtual ~RefTest() {         printf("RefTest dtor: %d\n", mID);     }     int32_t id() const {         return mID;     } private:     int32_t mID; }; int strong_pointer() {     sp<RefTest> ref1 = new RefTest(1);     sp<RefTest> ref5;   ...
3 comments
Read more

Acts Automation Framework For Android

1. Introduction The Android Comms Test Suite, is a lightweight Python-based automation tool set that is used to perform automated testing of current and upcoming Android devices. It provides a simple execution interface; a set of pluggable libraries for accessing commercially available devices, Android devices, and a collection of utility functions to further ease test development. It is an ideal desktop tool for a wireless stack developer or integrator whether exercising a new code path, performing sanity testing, or running extended regression test suites. Included in the tests/google directory are a bundle of tests, many of which can be run with as little as one or two Android devices with wifi, cellular, or bluetooth connectivity, including: 1. Wifi tests for access point interopability, enterprise server integration, WiFi scanning, WiFi auto join, and round trip time. 2. Bluetooth tests for low energy, GATT, SPP, and bonding. 3. Cellular tests for circuit switch and...
4 comments
Read more