Crypto ++异常调用messageEnd [英] Crypto++ exception calling messageEnd

问题描述

我使用以下代码解密文件:

I use following code to decrypt a file:

FileSource fe(fileUrl.c_str(), false,
                  new AuthenticatedDecryptionFilter(decryptor, new FileSink(
                          std::string(fileUrl).c_str()), CryptoPP::AuthenticatedDecryptionFilter::THROW_EXCEPTION |  CryptoPP::AuthenticatedDecryptionFilter::MAC_AT_END ));

        size_t BLOCK_SIZE = 16384;
    while (remaining && !fe.SourceExhausted()) {
        const unsigned int req = STDMIN(remaining, BLOCK_SIZE);
        fe.Pump(req);
        fe.Flush(false);

        remaining -= req;
    }
    fe.MessageEnd();

如果我尝试在没有fe.MessageEnd()的情况下执行此操作，则我的解密文件要短16个字节.所以我认为我需要调用MessageEnd()来解决此问题.但是，如果我调用MessageEnd()，则会出现以下异常:BufferedTransformation:此对象不允许输入

If i try to do this without the fe.MessageEnd(), my decrypted File is 16 bytes short. So i thought i need to call MessageEnd() to fix this problem. But if i call MessageEnd() i get Follwing Exception: BufferedTransformation: this object doesn't allow input

推荐答案

如果我调用MessageEnd()，则会出现以下异常: BufferedTransformation:此对象不允许输入 ...

正确. FileSource 是源，并且消息必须存在.您不能在源上调用 Put 或 Put2 向消息中添加其他数据.

Correct. The FileSource is a source, and the message must exist. You can't call Put or Put2 on the source to add additional data to the message.

我认为您有两种选择可以更好地控制信号.

I think you have two options to take more control over the signals.

第一

First

在 Source 上调用 Flush .

const int opts = AuthenticatedDecryptionFilter::THROW_EXCEPTION |
    AuthenticatedDecryptionFilter::MAC_AT_END;

FileSource fe(fileUrl.c_str(), false,
    new AuthenticatedDecryptionFilter(decryptor, new FileSink(
        std::string(fileUrl).c_str()), opts));

fe.Flush(true);

另请参见过滤器中的 Flush 注释.:冲洗.

Also see the comments for Flush at Filter::Flush in the manual.

第二

Second

存储指向过滤器的指针，并在其上调用 MessageEnd .

Stash a pointer to the filter and call MessageEnd on it.

const int opts = AuthenticatedDecryptionFilter::THROW_EXCEPTION |
     AuthenticatedDecryptionFilter::MAC_AT_END;
AuthenticatedDecryptionFilter* adf = NULL;

FileSource fe(fileUrl.c_str(), false,
    adf = new AuthenticatedDecryptionFilter(decryptor, new FileSink(
        std::string(fileUrl).c_str()), opts));
adf.MessageEnd();

这有点不寻常，所以我不确定您会遇到什么副作用.

This is kind of unusual, so I'm not sure what side effects you will encounter.

不删除指针.当 FileSource 超出范围时，将其删除.

Don't delete the pointer. The FileSource will delete it when it goes out of scope at the closing brace.

...我的解密文件短16个字节...

... my decrypted file is 16 bytes short...

我认为，如果在 Source 上调用 Flush 对您不起作用，则应该解决此问题.

In my opinion, this is the problem you should pursue if calling Flush on the Source does not work for you.

还请记住... AuthenticatedEncryptionFilter 的输出是2元组 {ciphertext，mac} ，因此由于使用了MAC，因此可以将密文扩展为16个字节.稍后，当您使用 AuthenticatedDecryptionFilter 时，验证后会删除mac.因此，恢复的文本应与纯文本大小相同，二者均应比密文小16个字节.

Also keep in mind... The output of AuthenticatedEncryptionFilter is the 2-tuple {ciphertext,mac}, so you get ciphertext expansion of 16-bytes because of the MAC. Later, when you use AuthenticatedDecryptionFilter, the mac is removed after verifying it. So the recovered text should be the same size as the plain text, both of which should be 16-bytes less than the cipher text.

我不清楚的是，事情是否按预期运行，但您没有意识到那是它应该如何工作的.还是您真的在某处丢失了16字节的已恢复文本.

The thing I am not clear about is, are things working as expected but you don't realize that's how its supposed to work. Or are you really loosing 16-bytes of recovered text somewhere.

这篇关于Crypto ++异常调用messageEnd的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！