Open hwchen opened 7 years ago
What exactly do you want to achieve?
There's exactly zero blocks to encrypt when there's zero data to begin with. Allowing encryption of empty data can possibly help execute known-plaintext attacks.
You shouldn't ever encrypt empty data.
I use rust-crypto in a library that interfaces with the vault in Linux, and that library is used in a keyring library that allows for cross-platform interface with vaults. I'm not a crypto expert and have been trying to figure out for some time the correct course of action here. My issue is that osx and and windows vaults both handle blank input. I had assumed that they encrypted that input, and wanted to be able to do the same in Linux.
AES-CBC does not encrypt blank input. Basically, the result of input
[]
is[]
. I'm not a crypto expert, but from what I've read the encryptor should add PKCS7 padding to the input (even an empty block) and then encrypt (this might be calledfinalize
in another lib). At least, for my secret-service library, I'm unable to use a blank input to create items in the vault because of incorrect encryption.I may not be understanding the architecture of the
blockmodes.rs
architecture, but it looks like an empty input results in exiting the encrypting function withBlockEngineState::FastMode
https://github.com/DaGenix/rust-crypto/blob/master/src/blockmodes.rs#L164I think this means that in the state machine, https://github.com/DaGenix/rust-crypto/blob/master/src/blockmodes.rs#L246, an empty input will never be able to reach
BlockEngineState::LastInput
, which would be required to pad an empty block and encrypt it. Non-empty non-full blocks seem to be padded and processed fine.As a quick example, running https://github.com/DaGenix/rust-crypto/blob/master/examples/symmetriccipher.rs with a
println!
after encrypting the data and blank messagewhile switching the state machine transition at https://github.com/DaGenix/rust-crypto/blob/master/src/blockmodes.rs#L164 from
to
results in the following output:
Please let me know if I've understood this correctly.