3
votes

I have the DCPCrypt package (latest version) and am trying to do AES/Rijndael CBC encoding (128 bit blocks, 256 bit key) in Delphi2007 with test values from the AES Known Answer Test (KAT) Vectors distributed by NIST. One sample test vector:

KEY = 0000000000000000000000000000000000000000000000000000000000000000  
IV = 00000000000000000000000000000000  
PLAINTEXT = 80000000000000000000000000000000  
CIPHERTEXT = ddc6bf790c15760d8d9aeb6f9a75fd4e

The code below returns:

Cyphertext (bytes): 58 215 142 114 108 30 192 43 126 191 233 43 35 217 236 52  
Cyphertext (hex): 3AD78E726C1EC02B7EBFE92B23D9EC34  
Cyphertext (base64): OteOcmwewCt+v+krI9nsNA==  

which is obviously not correct.

procedure TFrmKATVectors.TestData(Key,IV,PlainText: String);  
var  
  InBuf,OutBuf: TestBuffer;  
  KeyBuf: KeyBuffer;  
  IVBuf: IVBuffer;  
  l,i: Integer;  
  Bytes,  
  SOut: String;  
begin  
  Memo1.Lines.Add('Key: ' + Key);  
  Memo1.Lines.Add('IV: ' + IV);  
  Memo1.Lines.Add('Plaintext: ' + Plaintext);  
  l := Length(Key) DIV 2;  
  for i := 1 to l do KeyBuf[i] := HexToInt(Copy(Key,2*(i-1)+1,2));  
  l := Length(IV) DIV 2;  
  for i := 1 to l do IVBuf[i] := HexToInt(Copy(IV,2*(i-1)+1,2));  
  l := Length(PlainText) DIV 2;  
  for i := 1 to l do InBuf[i] := HexToInt(Copy(PlainText,2*(i-1)+1,2));  
  DCP_rijndael1.Init(KeyBuf,32,@IVBuf);  
  DCP_rijndael1.EncryptCBC(InBuf,OutBuf,TestBufSize);  
  SOut := '';  
  for i := 1 to Length(OutBuf) do
   begin
     SOut := SOut + Chr(OutBuf[i]);
     Bytes := Bytes + IntToStr(OutBuf[i]) + ' ';
   end;  
  Memo1.Lines.Add('Cyphertext (bytes): ' + Bytes); 
  Memo1.Lines.Add('Cyphertext (hex): ' + StringToHex(SOut));  
  Memo1.Lines.Add('Cyphertext (base64): ' + Base64EncodeStr(SOut));  
  Memo1.Lines.Add('');  
end;

I'm calling

TestData('0000000000000000000000000000000000000000000000000000000000000000',
         '00000000000000000000000000000000', '80000000000000000000000000000000');

with

const
TestBufSize = 16;

type  
TestBuffer = packed Array[1..TestBufSize] of Byte;  
KeyBuffer = packed Array[1..32] of Byte;  
IVBuffer = packed Array[1..16] of Byte;  

Given the length of my test data I'm avoiding any padding issues. What am I doing wrong? Any suggestions?

(No, you don't have to recount the parameter string lengths - I did that several times.)

1

1 Answers

8
votes

Key size parameter in Init method is in bits - as stated by the method comment:

Do key setup based on the data in Key, size is in bits

You are calculating the AES with KeySize = 32 bits, which is invalid.

So you compute for the lowest available Keysize, which is 128. The returned value is correct for 128 bit - see http://csrc.nist.gov/groups/STM/cavp/documents/aes/AESAVS.pdf page 20.

Try to specify 256 bits as key size:

 DCP_rijndael1.Init(KeyBuf,256,@IVBuf);