Mbed forum

AES-128-CBC encryption on data including NULL byte

(Jinwoo Park) #1

Hi!

I wonder why below both methods returning different result on data including NULL byte (AES-128-CBC algorithm.)

  • method 1. using aes specific function: mbedtls_aes_crypt_cbc (<aes.h>)
  • method 2. using generic cipher layer: mbedtls_cipher_update + mbedtls_cipher_finish (<cipher.h>)

When I use an input data without NULL byte, I got the same result from both method 1 and 2.

  • key: “1111111111111111”
  • initial vector: “1111111111111111”
  • input: { 0x54, 0x68, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, 0x6b, 0x20, 0x62, 0x72, 0x6f, 0x77, 0x6e, 0x20 } - 16bytes/ "The quick brown " in string

method1 result:
6a, ab, b, 15, 25, e, e8, 11, 88, c1, 81, 34, 9, 56, 7, 5a,
22, d4, 51, d1, 72, 81, 3b, d6, d0, 65, f5, aa, 14, 54, 52, 3d

method2 result:
6a, ab, b, 15, 25, e, e8, 11, 88, c1, 81, 34, 9, 56, 7, 5a,
22, d4, 51, d1, 72, 81, 3b, d6, d0, 65, f5, aa, 14, 54, 52, 3d

In this case, the result is same for both.
However when I just change the second byte from input to NULL, the result becomes completely different.

  • input: { 0x54, 0x00, 0x65, 0x20, 0x71, 0x75, 0x69, 0x63, 0x6b, 0x20, 0x62, 0x72, 0x6f, 0x77, 0x6e, 0x20 } - 16bytes.

method1 result:
39, aa, 59, 82, ae, de, e6, 71, 8c, 32, ab, cf, 89, 27, 83, b6,
1d, 24, 9b, b3, 80, ae, b4, 46, 99, e9, d9, 5d, c, 4c, 87, b

method2 result:
d5, 86, 7c, 47, 7a, 14, 69, 55, bf, a8, 15, 1f, 89, f3, c9, 71,
fe, 3a, 32, 27, 61, a1, b8, 3a, 22, 5e, 36, c8, 4, 73, df, d6

I thought both methods provide same functionality.
Is there anything that I misunderstand about these methods?

0 Likes

(Jinwoo Park) #2

I found the reason.
I just installed mbedtls using apt (version 2.2.1) and above issue happens.
When I use the version 2.14, both methods return same result. :slight_smile:

0 Likes