RustCrypto/block-ciphers

BlockModeError, Question

FilipAndersson245 opened this issue · 3 comments

FilipAndersson245 commented

Hello, i have tried to write a script the decrypt some URL:s, but when I do it I get Block mode error even though I belive the data is of correct length?

pub fn decrypt_data(encrypted_str: &str) -> Result<String> {
    let decoded_encrypted_str = base64::decode(encrypted_str)?;
    assert_eq!(&decoded_encrypted_str[0..8], b"Salted__"); // Each string start with this.
    let (salt, mut text): (Vec<u8>, Vec<u8>) = get_salt_and_data(decoded_encrypted_str)
        .ok_or_else(|| anyhow::anyhow!("Failed to split data between salt and text"))?;
    let text = &mut text[..];

    let key_iv = bytes_to_key(KEY.to_vec(), salt)?;
    let key = key_iv[0..32].to_vec();
    let iv = key_iv[32..].to_vec();
    println!("{}", key.len());
    println!("{}", iv.len());
    println!("{}", text.len());

    let cipher = Aes256Cbc::new_var(&key, &iv)?;

    let text = cipher.decrypt(text)?; // << BlockModeError occures here
    let decrypted_string = String::from_utf8(text.to_vec())?;
    Ok(decrypted_string)
}```

when I try run it I get this result:

▶ cargo test -- --nocapture
Finished test [unoptimized + debuginfo] target(s) in 0.04s
Running target\debug\deps\cipher-5219f346e46a9153.exe

running 1 test
32
16
80
thread 'tests::decrypt_data_test' panicked at 'called Result::unwrap() on an Err value: BlockModeError', cipher\src\lib.rs:61:48
note: run with RUST_BACKTRACE=1 environment variable to display a backtrace
test tests::decrypt_data_test ... FAILED

newpavlov commented

BlockModeError is returned by decode in two cases: message size is not multiple of block size and decrypted message contains message with invalid padding. The latter can happen if key-nonce is incorrect. Try to use NoPadding and examine the decoded message, either it will be a garbled mess (meaning you are using incorrect key-nonce pair) or it will be a different padding algorithm.

FilipAndersson245 commented

I changed
type Aes256Cbc = Cbc<Aes256, block_padding::Pkcs7>;
to
type Aes256Cbc = Cbc<Aes256, block_padding::NoPadding>;
this seem to fix the problem, but as you said the data seem to be a garbled mess, now panicking on trying to convert it to a string.

newpavlov commented

Going to close this issue, since this problem is not about our library per se. You may ask additional questions in our Zulip chat.