Closed baby195lxl closed 1 year ago
Are you sure that your message uses PKCS7 padding and not something else? I suggest inspecting message decrypted with NoPadding
, you also will be able to see whether the decrypted text makes sense.
P.S.: I suggest using URLO for such questions since it has a much bigger audience than our issue tracker.
@newpavlov Thank you for your reply, but I am certain that this message was padded using PKCS7, as I am using an enterprise API. Perhaps implementing decryption in Rust may be a bit challenging for a non-professional enthusiast like me compared to Python, but I still want to do it. Thank you again for your reply. And If there are more suggestions, I would be grateful.
By decrypting with NoPadding
and inspecting the resulting bytes, you could see that your message ends with a bunch of bytes equal to 27, which is bigger than block size of AES. It looks like your message uses a peculiar variant of PKCS7 which goes against the description in RFC 5652. So your best option is to decrypt with NoPadding
and remove padding bytes manually (do not forget to validate padding).
Is there a discrepancy with the Python implementation, or is Python permitting invalid padding?
I think the Python implementation allows paddings bigger than block size, but I am not sure which exact package is used by OP.
FYI in block-padding v0.3.3
was added support for padding with block size variable at runtime, see the RawPadding
trait.
FYI in
block-padding v0.3.3
was added support for padding with block size variable at runtime, see theRawPadding
trait.
Thank you very much for your response to my question and your contribution to this repository. I hope this project can continue to be maintained and updated, and become a popular crate
I am trying to decrypt a string using AES-256-CBC, but I am getting an error message 'thread 'main' panicked at 'called Result::unwrap() on an Err value: UnpadError'. Did I miss any steps?
This is the Python code that I want to implement using Rust.
Thank you for your help, I appreciate any response