How can I decrypt the data which size is not multiple of block size?

StackOverflow https://stackoverflow.com/questions/15291176

Question

I am trying to decrypt and encrypt datas with AESManaged or RijndaelManaged in VB.NET. I have a data packet which size is not multiple of block size. In this situation, it gives error as "Length of the data to decrypt is invalid" when I try to decrypt. I can only decrypt it if I remove the deficient block at the end of the data. But I need to know what lies on the last block.

So

Is it possible to decrypt the data which size isn't multiple of block size?

If it is, how can I do that?

Edit:

There are some informations those I forgot to write.

Block cipher mode must be CBC. Because I can decrypt all datas successfully except last bytes.

There is a client that can decrypt whole data. I found asm codes of the decryptor function. If I understand it right, it works like this:

x = deficient block size (x < 16)

buffer = an array sized as (16 + x)

  • First the function grabs previous undecrypted bytes and put it to first 16 bytes of the buffer. (16 bytes)
  • Appends undecrypted last bytes to buffer. (x bytes)
  • Decrypts from buffer[x] to the end of the buffer and put the result to the same place. (last 16 bytes of buffer)
  • Decrypts from buffer[0] to buffer[15] and put the result to the same place. (first 16 bytes of buffer)
  • As you know, CBC xors decrypted bytes with previous decrypted bytes. So the function xors first x bytes of buffer with last x bytes of buffer.

Is there a way that I can decrypt last bytes like this in .NET?

Was it helpful?

Solution

Update:

You may have a CBC mode with ciphertext stealing, it is possible to implement cbc-cts with just a cbc implementation.

Original:

Make sure that all of your data packet is ciphertext. If it's prefixed with a header or something that could through off your length and your decryption algorithm, it wouldn't complain about prefixed data, it would just decrypt to junk before getting to the end and complain about padding.

It's also common, if using authenticated encryption, to postfix your ciphertext with a mac, that would also give you a non-blocksize length multiple, but if that's the case you need to read off x last bytes and authenticate your ciphertext (commonly used is HMAC) before decrypting.

Also you make sure that you are using the right AES mode that matches the source of your ciphertext. There are some modes of AES that don't need a blocksize multiple, but they generally aren't supported in the built in .net cryptography anyway.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top