0

I'm trying to implement a decryption service in rust. The rust-crypto crate doesn't work on my machine (Apple M1 Max) because the symbol _rust_crypto_util_fixed_time_eq_asm isn't defined.

After switching to the aes-gcm crate (v0.10.3), the program now doesn't immediately fail but instead the decryption fails internally and just returns an aead::Error.

The key, iv (nonce) and decrypted data are correct (tested with a Java program). There is no tag present.

Have I missed something out? Besides the missing question marks, I've just used the sample code from the AES-GCM crate documentation.

The code:

use aes_gcm::{aead::{Aead, AeadCore, KeyInit}, Nonce, Key, Aes128Gcm};

fn main() {
    let key = hex::decode("some_hex_string").expect("Decoding failed");
    let key = Key::<Aes128Gcm>::from_slice(key.as_ref());
    let cipher = Aes128Gcm::new(&key);

    let iv: [u8; 12] = [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11]
    let nonce = Nonce::from_slice(&iv);

    let plaintext = cipher.decrypt(nonce, decryped_byte_array.as_ref());
}
Improve this question
3
  • 1
    The key, iv (nonce) and decrypted data are correct (tested with a Java program). There is no tag present. How many bytes is your plaintext? How many bytes is your encrypted ciphertext? Java appends the AES/GCM AEAD tag to the ciphertext so AES/GCM can be crammed into the limited Crypto API.
    – Andrew Henle
    Commented May 10 at 17:36
  • Thanks for you response. Both plain- and encrypted text are the same length (336 Bytes). So no tag is appended (like here). As far as I understood it, I either have to append a tag (which tag? there is just no such thing in the encrypted message) or implement my own decryption (why?).
    – Simon
    Commented May 15 at 7:50
  • Wrong link, like [here]{docs.rs/aead/0.2.0/aead/trait.Aead.html#method.decrypt}
    – Simon
    Commented May 15 at 9:05

1 Answer 1

Reset to default
0

I found that if I can't use a tag I can't use the cipher.decrypt function because it requires me to send either a payload (containing AEAD/tag) or a concatenation of encrypted_message+tag. (Tag can not be null or empty)

Following this answer on AES-GCM 256 decryption fails even with correct data, I now use the underlying function. (Still haven't figured out why "encrypting" works for "decrypting, but never mind...?)

cipher.encrypt_in_place_detached(&iv.into(), &[], &mut some_byte_array)
// Manipulate the now decrypted some_byte_array further
Improve this answer
1
  • 1
    why "encrypting" works for "decrypting" – for the computer both are just transforming one set of bytes to another set of bytes, just with different keys. For example when I "encrypt" x with the operation "+1" I can get the original value back by additionally "encrypting" with the operation "-1", to the computer there is no difference, but to us humans we can clearly distinguish a x from x+1
    – cafce25
    Commented May 15 at 12:31

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Not the answer you're looking for? Browse other questions tagged or ask your own question.