Encrypt/Encrypt instead of Encrypt/Decrypt in test.c

Question

Encrypt/Encrypt instead of Encrypt/Decrypt in test.c

Closed this issue 5 years ago · 4 comments

Hello

There is an error in test.c. Both functions test_encrypt_ctr and test_decrypt_ctr are calling test_xcrypt_ctr which executes the exact same code in both cases so it is encrypting two times instead of encrypting and decrypting. This causes confusion because it is not clear how to use the AES_CTR_xcrypt_buffer API.

If it is the same function for Encrypt/Decrypt as mentioned in the .h file, how come there is no input parameter indicating what is to be done? And the test is not exercising the decryption.

Answer 1 · 2019-06-11T19:29:50.000Z

Hi. That’s how CTR works! Please see the Wikipedia page - this diagram is the epiphany :) https://upload.wikimedia.org/wikipedia/commons/thumb/3/3c/CTR_decryption_2.svg/640px-CTR_decryption_2.svg.png On 11 Jun 2019, at 20:14, Manuel Malagon <notifications@github.com<mailto:notifications@github.com>> wrote: Hello There is an error in test.c. Both functions test_encrypt_ctr and test_decrypt_ctr are calling test_xcrypt_ctr which executes the exact same code in both cases so it is encrypting two times instead of encrypting and decrypting. This causes confusion because it is not clear how to use the AES_CTR_xcrypt_buffer API. If it is the same function for Encrypt/Decrypt as mentioned in the .h file, how come there is no input parameter indicating what is to be done? And the test is not exercising the decryption. — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub<#141?email_source=notifications&email_token=ABBU2HCNLM3PS5AOQACYVO3PZ72PNA5CNFSM4HXCRMB2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4GY4SY4Q>, or mute the thread<https://github.com/notifications/unsubscribe-auth/ABBU2HGUDDIW4WRS6FM53NDPZ72PNANCNFSM4HXCRMBQ>.

Answer 2 · 2019-06-11T19:49:05.000Z

@ifknot thanks for the tip. That explains how it works.

But that doesn't clarify why in both cases, encryption and decryption, in test.c this is being executed:

AES_CTR_xcrypt_buffer(&ctx, in, 64);

We can see that only in is used because the exact same function is being called for both test_encrypt_ctr and test_decrypt_ctr and since it is not global or static and there is nothing in the code indicating that for decryption out should be used, then both test_encrypt_ctr and test_decrypt_ctr are encrypting twice using in* and comparing it with out and never using out and comparing with in.

Answer 3 · 2019-06-14T10:32:57.000Z

Hi @m4l490n and thanks for your interest in this project :)

See this old issue, asking somewhat the same question as you:

#78

The short explanation: The reason for this odd test, is to reflect the test procedure described in the NIST-document used for verification, SP 800-38A. This is actually how they say the test should be done :D

Answer 4 · 2019-06-14T10:55:04.000Z

Closing the issue as a duplicate of #78 - feel free to continue posting if you have questions or comments Manuel :)