Closed 727yubin closed 1 year ago
Sorry for the horrible code quote formatting...
dec
decrypts a ciphertext of type string into a list of decrypted blocks.
padding_oracle
takes key, iv, and a list of encrypted blocks.
I see. I will try again. Thank you!
I have a similar question yet not answered. 1) As "cipher" of padding_oracle is not a String but a Block.t list, what is 'LengthError' option for?
Readme says LengthError: the length of the input text is incorrect (i.e., not a multiple of the block size). But input text (= "cipher") is already Block.t list
2) As the output of CBC.dec is Block.t list, when padding is 1 (as 1 byte), I can't delete the padding. What should I do?
I believe LengthError
should be returned if the length of the encrypted message is not divisible by (nb of bytes in block, 8 in actual AES during lecture).
Keeping the last block as 1 byte long should be fine.
I also didn't quite understand the "LengthError" option, I assumed it can only happen if any of the blocks has length different from the selected block length -- 2 in the case of Mini AES.
@Rsln-M Your understanding is right. padding_oracle should work well as itself, whatever input is given
Name: Yubin Lee
In
main.ml
, the type signatures ofdec
andpadding_oracle
are given asval dec : Block.t -> Block.t -> string -> Block.t list; val padding_oracle : Block.t -> Block.t -> Block.t list -> result
.However, in the
main
function,dec
andcrack
are called as