Discussion:
Update DefaultEncryptor, DefaultEncryptorWithMAC and friends
Jeffrey Walton
2016-12-11 10:14:25 UTC
Permalink
Hi Everyone,

DefaultEncryptor, DefaultEncryptorWithMAC and friends were updated tonight.
The new defaults us AES and SHA256. You can still access the previous
classes through LegacyEncryptor, LegacyEncryptorWithMAC and friends.

Also see http://github.com/weidai11/cryptopp/issues/345 and
http://github.com/weidai11/cryptopp/commit/bfbcfeec7ca7a0487978391803496a1d4aada37c.

Jeff
--
--
You received this message because you are subscribed to the "Crypto++ Users" Google Group.
To unsubscribe, send an email to cryptopp-users-***@googlegroups.com.
More information about Crypto++ and this group is available at http://www.cryptopp.com.
---
You received this message because you are subscribed to the Google Groups "Crypto++ Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cryptopp-users+***@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
mark Gu
2018-09-10 05:57:17 UTC
Permalink
Hi, I update from 5.6.2。
I encrypted sometext ,using DefaultEncryptorWithMAC(5.6.2). When I decrypt
using LegacyDecryptorWithMAC(6.1), a expection throwed:
DataDecryptorWithMAC: MAC check failed

It seems DefaultDecryptorWithMAC(5.6.2) is not compatible with
LegacyDecryptorWithMAC(6.1)。

I notice that in "default.h" 255~256 line


typedef
DataEncryptorWithMAC<LegacyBlockCipher,LegacyHashModule,DefaultMAC,LegacyParametersInfo>
LegacyEncryptorWithMAC;
typedef
DataDecryptorWithMAC<LegacyBlockCipher,LegacyHashModule,DefaultMAC,LegacyParametersInfo>
LegacyDecryptorWithMAC;

They use DefaultMAC, rather than LegacyMAC, it seems like a bug.



圚 2016幎12月11日星期日 UTC+8䞋午6:14:25Jeffrey Walton写道
Hi Everyone,
DefaultEncryptor, DefaultEncryptorWithMAC and friends were updated
tonight. The new defaults us AES and SHA256. You can still access the
previous classes through LegacyEncryptor, LegacyEncryptorWithMAC and
friends.
Also see http://github.com/weidai11/cryptopp/issues/345 and
http://github.com/weidai11/cryptopp/commit/bfbcfeec7ca7a0487978391803496a1d4aada37c
.
Jeff
--
You received this message because you are subscribed to "Crypto++ Users". More information about Crypto++ and this group is available at http://www.cryptopp.com and http://groups.google.com/forum/#!forum/cryptopp-users.
---
You received this message because you are subscribed to the Google Groups "Crypto++ Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cryptopp-users+***@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Jeffrey Walton
2018-09-11 00:33:20 UTC
Permalink
Hi, I update from 5.6.2。
I encrypted sometext ,using DefaultEncryptorWithMAC(5.6.2). When I decrypt
DataDecryptorWithMAC: MAC check failed
It seems DefaultDecryptorWithMAC(5.6.2) is not compatible with
LegacyDecryptorWithMAC(6.1)。
I notice that in "default.h" 255~256 line
typedef
DataEncryptorWithMAC<LegacyBlockCipher,LegacyHashModule,DefaultMAC,LegacyParametersInfo>
LegacyEncryptorWithMAC;
typedef
DataDecryptorWithMAC<LegacyBlockCipher,LegacyHashModule,DefaultMAC,LegacyParametersInfo>
LegacyDecryptorWithMAC;
They use DefaultMAC, rather than LegacyMAC, it seems like a bug.
Thanks Mark.

Yeah, that may be a problem. Looking at 5.6.2 the old encryptors used SHA1
(5.6.2 release: https://github.com/weidai11/cryptopp/blob/789f81f048c9).

Let me get some tests together to confirm it. Once we confirm I'll open an
issue for you.

Thanks again.

Jeff
--
You received this message because you are subscribed to "Crypto++ Users". More information about Crypto++ and this group is available at http://www.cryptopp.com and http://groups.google.com/forum/#!forum/cryptopp-users.
---
You received this message because you are subscribed to the Google Groups "Crypto++ Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cryptopp-users+***@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Jeffrey Walton
2018-09-11 01:52:45 UTC
Permalink
Post by Jeffrey Walton
Hi, I update from 5.6.2。
I encrypted sometext ,using DefaultEncryptorWithMAC(5.6.2). When I
DataDecryptorWithMAC: MAC check failed
It seems DefaultDecryptorWithMAC(5.6.2) is not compatible with
LegacyDecryptorWithMAC(6.1)。
I notice that in "default.h" 255~256 line
typedef
DataEncryptorWithMAC<LegacyBlockCipher,LegacyHashModule,DefaultMAC,LegacyParametersInfo>
LegacyEncryptorWithMAC;
typedef
DataDecryptorWithMAC<LegacyBlockCipher,LegacyHashModule,DefaultMAC,LegacyParametersInfo>
LegacyDecryptorWithMAC;
They use DefaultMAC, rather than LegacyMAC, it seems like a bug.
Thanks Mark.
Yeah, that may be a problem. Looking at 5.6.2 the old encryptors used SHA1
(5.6.2 release: https://github.com/weidai11/cryptopp/blob/789f81f048c9).
Thanks again Mark. Yeah, we (me) screwed that up. Sigh...

Now open "LegacyDecryptor and LegacyDecryptorWithMAC use wrong MAC",
https://github.com/weidai11/cryptopp/issues/714 .

Jeff
--
You received this message because you are subscribed to "Crypto++ Users". More information about Crypto++ and this group is available at http://www.cryptopp.com and http://groups.google.com/forum/#!forum/cryptopp-users.
---
You received this message because you are subscribed to the Google Groups "Crypto++ Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cryptopp-users+***@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Jeffrey Walton
2018-09-11 01:56:59 UTC
Permalink
Hi, I update from 5.6.2。
I encrypted sometext ,using DefaultEncryptorWithMAC(5.6.2). When I
DataDecryptorWithMAC: MAC check failed
It seems DefaultDecryptorWithMAC(5.6.2) is not compatible with
LegacyDecryptorWithMAC(6.1)。
I notice that in "default.h" 255~256 line
typedef
DataEncryptorWithMAC<LegacyBlockCipher,LegacyHashModule,DefaultMAC,LegacyParametersInfo>
LegacyEncryptorWithMAC;
typedef
DataDecryptorWithMAC<LegacyBlockCipher,LegacyHashModule,DefaultMAC,LegacyParametersInfo>
LegacyDecryptorWithMAC;
They use DefaultMAC, rather than LegacyMAC, it seems like a bug.
Cleared at https://github.com/weidai11/cryptopp/commit/590f8573c4ed

Jeff
--
You received this message because you are subscribed to "Crypto++ Users". More information about Crypto++ and this group is available at http://www.cryptopp.com and http://groups.google.com/forum/#!forum/cryptopp-users.
---
You received this message because you are subscribed to the Google Groups "Crypto++ Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cryptopp-users+***@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Loading...