Using CryptoPP::Base64Encoder on binary data (ciphertext)

Question

I have an issue using CryptoPP. I'm using AES, and am wanting to represent the binary ciphertext by encoding it to base64.

My problem is that I am randomly getting assertion errors when running the following code:

std::string encoded;
// ciphertext is of type std::string from AES
CryptoPP::StringSource(ciphertext, true, 
    new CryptoPP::Base64Encoder(new CryptoPP::StringSink(encoded)));

The specific assertion error is:

Assertion failed: m_allocated, file include\cryptopp\secblock.h, line 197

Because of this "random" behavior, it's leading me to believe that the issue lies within the contents of the ciphertext.

My question is: Am I doing this the correct way? I've been stumped for a while, and have been researching a bit without success. The closest thing I can find is: http://www.mail-archive.com/cryptopp-users@googlegroups.com/msg06053.html

My complete implementation is:

std::string key = "key";
std::string in = "This is a secret message.";

CryptoPP::SHA1 sha;

byte digest[CryptoPP::SHA1::DIGESTSIZE];
sha.CalculateDigest(digest, reinterpret_cast<const byte *>(key.c_str()), key.length());

byte iv[CryptoPP::AES::BLOCKSIZE];
memset(iv, 0x00, CryptoPP::AES::BLOCKSIZE);

CryptoPP::AES::Encryption encrypt(reinterpret_cast<const byte *>(digest), CryptoPP::AES::DEFAULT_KEYLENGTH);
CryptoPP::CBC_Mode_ExternalCipher::Encryption cbc_encrypt(encrypt, iv);

std::string ciphertext;
CryptoPP::StreamTransformationFilter encryptor(cbc_encrypt,
    new CryptoPP::StringSink(ciphertext));
encryptor.Put(reinterpret_cast<const unsigned char *>(in.c_str()), in.length() + 1);
encryptor.MessageEnd();

std::string encoded;
CryptoPP::StringSource(ciphertext, true, 
    new CryptoPP::Base64Encoder(new CryptoPP::StringSink(encoded)));

Answer 1

My question is: Am I doing this the correct way?

Yes, the code is fine (except for the digest.erase();).

---

I've been stumped for a while, and have been researching a bit without success.

Run it under a memory checker. Valgrind or Clang Asan (address sanitizer).

---

The closest thing I can find is: http://www.mail-archive.com/cryptopp-users@googlegroups.com/msg06053.html

I've come across that assertion in the past, too. I don't recall if it was iOS or Linux. I think it was Linux with a specific version of GCC (maybe 4.4 or 4.5).

---

My problem is that I am randomly getting assertion errors when running the following code:

CryptoPP::StringSource(ciphertext, true, 
    new CryptoPP::Base64Encoder(new CryptoPP::StringSink(encoded)));

Change the above to this:

CryptoPP::StringSource ss(ciphertext, true, 
    new CryptoPP::Base64Encoder(new CryptoPP::StringSink(encoded)));

One version of GCC had problems with anonymous declarations. It would start running object destructors too soon.

Answer 2

Your intend is a bit unclear at the moment. Why would you like to use the SHA digest as the key for the AES encryption?

And about the error in your code,

Your cipher at the end is a string. And if want to communicate it to somebody you can readily send it. Why did you use a Base 64 encoder at the end of your code ? Had your cipher text been in the binary form you could have used Base64 Encoder to convert it into the ASCII String format. As long as it is not, you don't need the following part in your code.

std::string encoded;
StringSource(ciphertext, true, new Base64Encoder(new StringSink(encoded)));