Decrypting using AES / Crypto++

4
votes

I'm trying to figure out how to decrypt a block of cipher text using AES. I am using the crypto++ library - or at least TRYING to use that library. But I'm getting absolutely nowhere. I assume that it is only a couple of lines of code to run this decryption algorithm, but I can't figure it out. This is what I have written. Start laughing now:

#include <stdio.h>
#include <cstdlib>
#include <rijndael.h>
#include <sha.h>

using namespace std;

int main()
{

    // Decryption
    CTR_Mode< AES >::Decryption decryptor;
    decryptor.SetKeyWithIV( cbcKey, AES::DEFAULT_KEYLENGTH, cbcCipher );
}

Can anyone give me a brief tutorial on how to "simply" decrypt a 16-byte block of cipher text given a decryption key using crypto++? Their documentation is more cryptic than the cipher text you see above (at least for me), and I'm finding little help by searching. Thank you very much.

4
c++aescrypto++
Is your code even compiling without error? Also, what is your build platform? - phonetagger
You don't seem to be using standard C(++). What kind of compiler (extension) are you using to allow the syntax you use to intialize the cbcKey and cbcCipher arrays? - AardvarkSoup
Sorry about the code. I was just typing it to give an idea of what I'm trying to do. I changed the variable types to strings and showed how I think that they get referenced within the crypto++ lines. What I am looking for help with are those last two lines. They don't compile as written, and I have no idea how to correct them. For that matter, they are probably the entirely wrong lines of code to do what I want. I just put code on this post because people often get mad if you just ask for general help. Like asking for general help is somehow wrong... - AndroidDev
possible duplicate of Crypto++ AES Decrypt how to? - rob

4 Answers

1
votes

The FAQ at the crypto++ library webpage contains pointers to a "tutorial", go read it over there.

1
votes

Can anyone give me a brief tutorial on how to "simply" decrypt a 16-byte block of cipher text given a decryption key using crypto++?

This from the Crypto++ wiki. It provides a CTR mode example.

AutoSeededRandomPool prng;

SecByteBlock key(AES::DEFAULT_KEYLENGTH);
prng.GenerateBlock( key, key.size() );

byte ctr[ AES::BLOCKSIZE ];
prng.GenerateBlock( ctr, sizeof(ctr) );

string plain = "CTR Mode Test";
string cipher, encoded, recovered;

/*********************************\
\*********************************/

try
{
    cout << "plain text: " << plain << endl;

    CTR_Mode< AES >::Encryption e;
    e.SetKeyWithIV( key, key.size(), ctr );

    // The StreamTransformationFilter adds padding
    //  as required. ECB and CBC Mode must be padded
    //  to the block size of the cipher. CTR does not.
    StringSource ss1( plain, true, 
        new StreamTransformationFilter( e,
            new StringSink( cipher )
        ) // StreamTransformationFilter      
    ); // StringSource
}
catch( CryptoPP::Exception& e )
{
    cerr << e.what() << endl;
    exit(1);
}

/*********************************\
\*********************************/

// Pretty print cipher text
StringSource ss2( cipher, true,
    new HexEncoder(
        new StringSink( encoded )
    ) // HexEncoder
); // StringSource
cout << "cipher text: " << encoded << endl;

/*********************************\
\*********************************/

try
{
    CTR_Mode< AES >::Decryption d;
    d.SetKeyWithIV( key, key.size(), ctr );

    // The StreamTransformationFilter removes
    //  padding as required.
    StringSource ss3( cipher, true, 
        new StreamTransformationFilter( d,
            new StringSink( recovered )
        ) // StreamTransformationFilter
    ); // StringSource

    cout << "recovered text: " << recovered << endl;
}
catch( CryptoPP::Exception& e )
{
    cerr << e.what() << endl;
    exit(1);
}

Here's the result of running the sample program:

$ ./crytpopp-test.exe 
key: F534FC7F0565A8CF1629F01DB31AE3CA
counter: A4D16CBC010DACAA2E54FA676B57A345
plain text: CTR Mode Test
cipher text: 12455EDB41020E6D751F207EE6
recovered text: CTR Mode Test
0
votes

Indeed, Crypto++ tutorials a quite hard to follow. In general, in order to use Crypto++ API you need to have at least some basic knowledge about Cryptography, I would suggest this Cryptography course.

Having said that, let me address your question. Since it is a little bit ambiguous, I would assume that you would like to decrypt an AES cipher, using CTR mode. As input, let's say you have a cipher, the IV and the key (all represented in hex in a std::string). 

#include <iostream>
#include <string>

#include "crypto++/modes.h" // For CTR_Mode
#include "crypto++/filters.h" //For StringSource
#include "crypto++/aes.h" // For AES
#include "crypto++/hex.h" // For HexDecoder

int main(int argc, char* argv[]) {
    // Our input:
    // Note: the input was previously generated by the same cipher 
    std::string iv_string = "37C6D22FADE22B2D924598BEE2455EFC";
    std::string cipher_string = "221DF9130F0E05E7E87C89EE6A";
    std::string key_string = "7D9BB722DA2DC8674E08C3D44AAE976F";

    std::cout << "Cipher text: " << cipher_string << std::endl;
    std::cout << "Key: " << key_string << std::endl;
    std::cout << "IV: " << iv_string << std::endl;

    // 1. Decode iv: 
    // At the moment our input is encoded in string format...
    // we need it in raw hex: 
    byte iv[CryptoPP::AES::BLOCKSIZE] = {};
    // this decoder would transform our std::string into raw hex:
    CryptoPP::HexDecoder decoder;
    decoder.Put((byte*)iv_string.data(), iv_string.size());
    decoder.MessageEnd();
    decoder.Get(iv, sizeof(iv));

    // 2. Decode cipher:
    // Next, we do a similar trick for cipher, only here we would leave raw hex
    //  in a std::string.data(), since it is convenient for us to pass this
    // std::string to the decryptor mechanism:
    std::string cipher_raw;
    {
        CryptoPP::HexDecoder decoder;
        decoder.Put((byte*)cipher_string.data(), cipher_string.size());
        decoder.MessageEnd();

        long long size = decoder.MaxRetrievable();
        cipher_raw.resize(size);       
        decoder.Get((byte*)cipher_raw.data(), cipher_raw.size());
        // If we print this string it's completely rubbish: 
        // std::cout << "Raw cipher: " << cipher_raw << std::endl;
    }

    // 3. Decode the key:
    // And finally the same for the key:
    byte key[CryptoPP::AES::DEFAULT_KEYLENGTH];
    {
        CryptoPP::HexDecoder decoder;
        decoder.Put((byte*)key_string.data(), key_string.size());
        decoder.MessageEnd();
        decoder.Get(key, sizeof(key));
    }

    // 4. Decrypt:
    std::string decrypted_text;
    try {
            CryptoPP::CTR_Mode<CryptoPP::AES>::Decryption d;
            d.SetKeyWithIV(key, sizeof(key), iv);

            CryptoPP::StringSource ss(
                cipher_raw, 
                true, 
                new CryptoPP::StreamTransformationFilter(
                    d,
                    new CryptoPP::StringSink(decrypted_text)
                ) // StreamTransformationFilter
            ); // StringSource

            std::cout << "Decrypted text: " << decrypted_text << std::endl;
    }
    catch( CryptoPP::Exception& e ) {
            std::cerr << e.what() << std::endl;
            exit(1);
    }

    return 0;
}

I compiled it on Ubutunu 14.04, using Crypto++562:

g++ -Wall -std=c++0x -o prog practicalAES.cpp -lcryptopp

If I run the program, I get this output:

Cipher text: 221DF9130F0E05E7E87C89EE6A Key: 7D9BB722DA2DC8674E08C3D44AAE976F IV: 37C6D22FADE22B2D924598BEE2455EFC Decrypted text: CTR Mode Test

It's not really visible here, but both the Key and the IV have the same length - 16 bytes (or 128 bits). This is the block size, so this cipher is AES-128. Since it is the CTR mode, no padding is added, and both the cipher and the plain text have the same number of bytes.

Also note that 60% of the code involves decoding the string into hex, while the decryption itself is only the last step (so if your input data comes as raw hex, no decoding is needed).

0
votes

The tutorial of Crypto++ is focused on the usage of filters and sources and sinks, which are, in my opinion, over complicated. In your case the code is actually very simple:

CTR_Mode< AES >::Decryption decryptor;
decryptor.SetKeyWithIV( cbcKey, AES::DEFAULT_KEYLENGTH, cbcCipher );
decryptor.ProcessData(output, input, size);

// Decrypt another piece of data with the same key
decryptor.Resynchronize(new_iv, new_iv_length);
decryptor.ProcessData(new_output, new_input, size);