确定来自gcry_cipher_decrypt解密数据的大小？ [英] Determine size of decrypted data from gcry_cipher_decrypt?

问题描述

我使用的AES / GCM，但下面是其他模式，如AES / CBC一个一般性的问题。我有以下调用到 libgcrypt ：

I am using AES/GCM, but the following is a general question for other modes, like AES/CBC. I have the following call into libgcrypt:

#define COUNTOF(x) ( sizeof(x) / sizeof(x[0]) )
#define ROUNDUP(x, b) ( (x) ? (((x) + (b - 1)) / b) * b : b)

const byte cipher[] =  { 0xD0,0x6D,0x69,0x0F ... };
byte recovered[ ROUNDUP(COUNTOF(cipher), 16) ];
...

err = gcry_cipher_decrypt(
    handle,             // gcry_cipher_hd_t
    recovered,          // void *
    COUNTOF(recovered), // size_t
    cipher,             // const void *
    COUNTOF(cipher));   // size_t

我无法弄清楚如何确定得到的回收文本的大小是什么。我检查了与密码手柄工作引用，它不是讨论（也有0命中为'垫）。我还检查了 libgrcrypt 自检在测试/ basic.c 和测试/ fipsdrv。 ç，但它们使用相同的超大缓存，从不修剪缓冲区的实际大小。

I cannot figure out how to determine what the size of the resulting recovered text is. I've checked the Working with cipher handles reference, and its not discussed (and there are 0 hits for 'pad). I also checked the libgrcrypt self tests in tests/basic.c and tests/fipsdrv.c, but they use the same oversized buffer and never prune the buffer to the actual size.

我如何确定数据的大小回到我的恢复缓冲？

How do I determine the size of the data returned to me in the recovered buffer?

推荐答案

您需要一个填充方案适用于您的输入，并解密后，取出填充。 gcrypt不处理它。

You need to apply a padding scheme to your input, and remove the padding after the decrypt. gcrypt doesn't handle it for you.

最常见的选择是 PKCS＃7 。一个高层次的概述是你填写你的最后一块未用的字节填充用的字节数（ BLOCK_SIZE - used_bytes ）。如果输入的长度是块大小的倍数，你跟着它充满了 BLOCK_SIZE 字节的块。

The most common choice is PKCS#7. A high level overview is that you fill the unused bytes in your final block with the number of padded bytes (block_size - used_bytes). If your input length is a multiple of the block size, you follow it with a block filled with block_size bytes.

例如，8字节的块和4个字节的输入，你的原始输入将如下所示：

For example, with 8-byte blocks and 4 bytes of input, your raw input would look like:

AB CD EF FF 04 04 04 04

当你做的解密，你把最后一个块的最后一个字节的值，并删除许多个字节结束。

When you do the decrypt, you take the value of the last byte of the last block, and remove that many bytes from the end.

这篇关于确定来自gcry_cipher_decrypt解密数据的大小？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！