Mailing List Archive: Symmetric cipher padding?

Symmetric cipher padding?

Mar 18, 2005, 9:17 PM

Post #1 of 5 (1368 views)

I'm having a little trouble with padding (at least I think that is the
problem, I'm a very newbie at this). I want to support both PKCS#7
padding and also avoiding padding for when the input is a block size.
Is there any description of how gcrypt does padding?

If I'm doing CBC, and the data is finished, how do I say "pad as
required and give me the result"?

Brad

Re: Symmetric cipher padding? [ In reply to ]

mo at g10code

Mar 20, 2005, 9:50 AM

Post #2 of 5 (1340 views)

Permalink

On Sat, Mar 19, 2005 at 03:17:26PM +1100, Brad Hards wrote:

Hello,

> Is there any description of how gcrypt does padding?

I am not entirely sure about your question, but I assume you are
asking what padding mechanisms Libgcrypt provides in respect to
symmetric block ciphers. The answer is: none; you have to do your
padding yourself. Note that if you are dealing with data, whose size
is larger than a single block size, you can use CTS (cipher text
stealing) instead of padding.

Thanks,
Moritz

--
Moritz Schulte

Re: Symmetric cipher padding? [ In reply to ]

bradh at frogmouth

Mar 21, 2005, 2:27 AM

Post #3 of 5 (1348 views)

Permalink

On Mon, 21 Mar 2005 03:50 am, Moritz Schulte wrote:
> I am not entirely sure about your question, but I assume you are
> asking what padding mechanisms Libgcrypt provides in respect to
> symmetric block ciphers. The answer is: none; you have to do your
> padding yourself. Note that if you are dealing with data, whose size
> is larger than a single block size, you can use CTS (cipher text
> stealing) instead of padding.
Hmm, OK. I guess I have three more questions then :-) If there is a -user list
I should be using, please let me know...

1. I've been working on the assumption that if I pass more than block size
bytes to gcry_cipher_encrypt(), then libgcrypt will buffer the residual
bytes. Is this the case, or am I meant to be doing the buffering myself?

2. Is there anything that I can use to help with the padding? For example,
does libgcrypt keep track of how many bytes have been encrypted already?

3. Is there any special support for CTS? (or, can I have a hint please :)

Brad

Re: Symmetric cipher padding? [ In reply to ]

mo at g10code

Mar 22, 2005, 1:48 PM

Post #4 of 5 (1333 views)

Permalink

On Mon, Mar 21, 2005 at 08:27:38PM +1100, Brad Hards wrote:

> 1. I've been working on the assumption that if I pass more than
> block size bytes to gcry_cipher_encrypt(), then libgcrypt will
> buffer the residual bytes.

Where did you base this assumption on? Libgcrypt does not buffer such
data for you - the library is a low-level library - keep this in mind.

> 2. Is there anything that I can use to help with the padding? For example,
> does libgcrypt keep track of how many bytes have been encrypted already?

There is no such counter.

> 3. Is there any special support for CTS? (or, can I have a hint please :)

CTS is supported. If you enable it, you can transform chunks of data,
whose size does not have to be a multiple of the block size (it only
needs to be larger than a single block).

Moritz

--
Moritz Schulte

Re: Symmetric cipher padding? [ In reply to ]

bradh at frogmouth

Mar 23, 2005, 3:06 AM

Post #5 of 5 (1353 views)

Permalink

On Wed, 23 Mar 2005 07:48 am, Moritz Schulte wrote:
> On Mon, Mar 21, 2005 at 08:27:38PM +1100, Brad Hards wrote:
> > 1. I've been working on the assumption that if I pass more than
> > block size bytes to gcry_cipher_encrypt(), then libgcrypt will
> > buffer the residual bytes.
>
> Where did you base this assumption on? Libgcrypt does not buffer such
> data for you - the library is a low-level library - keep this in mind.
I've previously used OpenSSL, which does this. When it didn't do padding, I
started to understand the nature of the support that libgcrypt provides
though. No real problem - I can probably implement the buffering along with
the padding fairly easily in my interface library.

Brad