Closed pohutukawa closed 7 years ago
Performing steps you submitted I got L3zqVYAOsRk7zMg2KsNTVShcad8TjIQ7umfsvia21QO0XTj8vaeR
and it correctly decrypts back.
Seems you have outdated version of asmcrypto. Check if the issues still present with the updated lib.
BTW, there was a similar issue #70.
Interesting, indeed. I have just upgraded our version to tag v0.0.9
and surely AES-GCM works as expected.
However ... now AES-CCM misbehaves:
I'm not able to use it to encrypt or decrypt any content without passing in anything for the adata
parameter. I believe that the GCM implementation is behaving there properly, but the CCM implementation is off. It looks like the culprit is AES_CCM_reset
. The GCM implementation equivalent here has a different conditional in the outer if
statement for the adata
field check. The function also checks for a value of iv
, which is not a parameter for CCM, but rather nonce
takes that place, which is providing a start for the counter. So, as iv
and adata
are missing, it is throwing an exception in every case without adata
.
I know, this is a different issue (as opposed to the one I've opened here), but I'm just hesitant to open a new issue for this to keep the discussion flowing on this one ticket.
Again, some test code:
var adataCases = [undefined, null, '', new Uint8Array()];
var key = asmCrypto.string_to_bytes(atob('dGQhii+B7+eLLHRiOA690w=='));
var nonce = asmCrypto.string_to_bytes(atob('R8q1njARXS7urWv3'));
var plainText = atob('dGQhwoovwoHDr8OnwossdGI4DsK9w5M=');
for (var i = 0; i < adataCases.length; i++) {
var result = asmCrypto.AES_CCM.encrypt(plainText, key, nonce, adataCases[i], 16);
}
OK, it has gotten somewhat better, but it still won't fully work.
It probably would be quite good if the test coverage for AES-CCM does also include test vectors with no adata
(maybe the same ones AES-GCM uses?).
Anyway, here's a simple test I'm using to show what's still broken. It's a simple round trip (en-/decryption), which should result in what was put in initially:
var clearText = '42';
var nonce = asmCrypto.hex_to_bytes('000102030405060708090a0b');
var key = asmCrypto.hex_to_bytes('0f0e0d0c0b0a09080706050403020100');
var cipherText = asmCrypto.AES_CCM.encrypt(clearText, key, nonce, undefined, 16);
var reClear = asmCrypto.AES_CCM.decrypt(cipherText, key, nonce, undefined, 16);
assert.strictEqual(asmCrypto.bytes_to_string(reClear), clearText);
Oh, another one: Once it's fixed, I think it'd be good to have a next tagged version (e. g. v0.0.10), so that we can document what version is working and automatically build it for our code base.
When I'm using AES in GCM mode, I'm sometimes getting encryption errors:
I'm getting the following error:
However, if I'm switching the same thing to use AES-CCM, I'm not having that problem. If I'm extending the plain text by a single byte (from 23 to 24 bytes), the problem vanishes.
Any ideas on what the problem may be? After all, they're both "counter modes" in different flavours.