[racket] PLaneTs crypto lib usage question?...
I'm doodling around with vyzo's crypto lib from PLaneT, doing some
very rudimentary crypting and encrypting. I'm undoubtedly doing
something wrong, I just don't know what...
Here's my code (running from a directory that contains the crypto files):
(require srfi/78
"main.ss"
(only-in "util.ss" hex))
(require file/sha1)
(define devicekey (list->bytes '(#x12 #x34 #x56 #x78 #x87 #x65 #x43
#x26 #x12 #x34 #x56 #x78 #x87 #x65 #x43 #x26))) ; must be length 16!!!
(define nonce (list->bytes '(#x12 #x34 #x56 #x78 #x87 #x65 #x43 #x26
#x12 #x34 #x56 #x78 #x87 #x65 #x43 #x27))) ; must be length 16!!!
(define devicekey1 (list->bytes '(#x12 #x34 #x56 #x88 #x87 #x65 #x43
#x26 #x12 #x34 #x56 #x78 #x87 #x65 #x43 #x26))) ; must be length 16!!!
(define nonce1 (list->bytes '(#x12 #x34 #x56 #x78 #x87 #x66 #x43 #x26
#x12 #x34 #x56 #x78 #x87 #x65 #x43 #x27))) ; must be length 16!!!
(define dummy (encrypt cipher:aes-128 devicekey nonce #"1234567887654321"))
(bytes->hex-string dummy)
(decrypt cipher:aes-128 devicekey nonce dummy)
(decrypt cipher:aes-128 devicekey1 nonce dummy)
(decrypt cipher:aes-128 devicekey nonce1 dummy)
In effect, I hardcode two distinct AES keys, 2 initialization vectors
(wich I call nonce) and one piece of plain text to encrypt and decrypt.
Here are the results of the last three lines when executed in Racket:
(decrypt cipher:aes-128 devicekey nonce dummy)
#"1234567887654321" <== 1
>
(decrypt cipher:aes-128 devicekey1 nonce dummy)
EVP_CipherFinal_ex: libcrypto error: bad decrypt [digital envelope
routines:EVP_
DecryptFinal_ex:101077092] <== 2
>
(decrypt cipher:aes-128 devicekey nonce1 dummy)
#"1234557887654321" <== 3
So the first decryption (with the correct key and iv) yields the
expected result. Everything fine here.
When I decrypt with the correct iv but a wrong key, the OpenSSL Crypto
Lib raises an error. I think that is wrong; it should simply return
garbled output?
And when I decrypt with the correct key but an invalid init vector, I
would expect the decryption result to be radically different from the
original; instead, there is only one byte varying as if the iv only
does some weak manipulation on the input before doing the encryption?
Is that the way AES-128 works?
AES-192 is pretty much exactly the same:
Welcome to Racket v5.2.1.
> (require srfi/78
"main.ss"
(only-in "util.ss" hex))
>
(require file/sha1)
>
(define devicekey (list->bytes '(#x12 #x34 #x56 #x78 #x87 #x65 #x43
#x26 #x12 #x
34 #x56 #x78 #x87 #x65 #x43 #x26 #x12 #x34 #x56 #x78 #x87 #x65 #x43
#x26))) ; m
ust be length 24!!!
>
(define nonce (list->bytes '(#x12 #x34 #x56 #x78 #x87 #x65 #x43 #x26
#x12 #x34 #
x56 #x78 #x87 #x65 #x43 #x27 #x12 #x34 #x56 #x78 #x87 #x65 #x43
#x26))) ; must
be length 24!!!
>
(define devicekey1 (list->bytes '(#x12 #x34 #x56 #x88 #x87 #x65 #x43
#x26 #x12 #
x34 #x56 #x78 #x87 #x65 #x43 #x26 #x12 #x34 #x56 #x78 #x87 #x65 #x43
#x26))) ;
must be length 24!!!
>
(define nonce1 (list->bytes '(#x12 #x34 #x56 #x78 #x87 #x66 #x43 #x26
#x12 #x34
#x56 #x78 #x87 #x65 #x43 #x27 #x12 #x34 #x56 #x78 #x87 #x65 #x43
#x26))) ; must
be length 24!!!
>
(define dummy (encrypt cipher:aes-192 devicekey nonce
#"123456788765432112345678
"))
>
(bytes->hex-string dummy)
"a5de853635ea2f7a61d709a7e2c877db1c6b15929d9559ff51e1fd470c6bf4a8"
>
(decrypt cipher:aes-192 devicekey nonce dummy)
#"123456788765432112345678"
>
(decrypt cipher:aes-192 devicekey1 nonce dummy)
EVP_CipherFinal_ex: libcrypto error: bad decrypt [digital envelope
routines:EVP_
DecryptFinal_ex:101077092]
>
(decrypt cipher:aes-192 devicekey nonce1 dummy)
#"123455788765432112345678"
>
Any ideas what is going on here?
Thanks!
![[logo]](/logo.png){kind=logo}