By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
459,265 Members | 1,282 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 459,265 IT Pros & Developers. It's quick & easy.

Removing padded characters from AES encoding

P: 3
Hello, thanks for this piece of code. I have a question. If encoding, if the last chunc is less then 16 signs, this will be filled with Nul chars. After decrypting the original string differs from the decrypted string in this NUL chars. How can that be avoided?
Cheers Astera

Moderator Note: Split from https://bytes.com/topic/access/insig...m-vba-vbscript
Mar 30 '20 #1
Share this Question
Share on Google+
5 Replies


Rabbit
Expert Mod 10K+
P: 12,430
A common way of handling this is store the size of the message/file in the header. That way you know when to cut off the last block.

An unrelated but also common thing to do is to store a hash of the key, a hash of the message/file, and any nonces, salts, or initialization vectors you use. This allows you to verify that the correct password was entered and that the decoded message is correct.
Mar 30 '20 #2

P: 3
Thanks Rabbit for quick reaction.
When I have a string with Len=107 the last block is Len=11. Where do I have to cut? I tried to cut here:
This is your code:
Expand|Select|Wrap|Line Numbers
  1.        If Len(sTemp) < 16 Then
  2.                 For i = Len(sTemp) To 15
  3.                     sTemp = sTemp & Chr(0)
  4.                 Next
  5.             End If
This is what I have changed (iMaxLen=16)
Expand|Select|Wrap|Line Numbers
  1. 60            If Len(sTemp) < iMaxLen Then
  2.                   iMaxLen = Len(sTemp)
  3. '80                    sTemp = sTemp & Chr(0)
  4. '90                Next
  5. 100           End If
but then I get an error on line 120 if it exceed iMaxLen:
Expand|Select|Wrap|Line Numbers
  1. 110           For i = 0 To iMaxLen - 1
  2. 120               block(i) = Asc(Mid(sTemp, (i Mod 4) * 4 + (i \ 4) + 1, 1))
  3. 130           Next
Cheers Asterios
Mar 31 '20 #3

Rabbit
Expert Mod 10K+
P: 12,430
I'm splitting this thread out as it's exceeding the scope of the article.

There's no need to cut the string at place where it's getting padded as the padding is necessary. You only need to strip out during decryption.

Since AES works on 16 byte blocks, if you mod the length by 16, that tells you how many bytes to get from the last block.
Apr 1 '20 #4

P: 3
Hello Rabbit,
you are right. If I want to decrypt a whole file or a string without the intention to add somethings later, the code works. I only need to cut the last NUL chars while decryption. So far so good.
What I want to achieve is to en-decrypt log-files. Means whenever a log-string will be added to the log-file I want to
  • encrypt the log-string
  • add it to the file
  • save the file
Next log-string need to be encrypted, added and save the file in the same manner.
But when I decrypt that log-file afterwards, the out put is not the same as the origin log-strings.
May be you have an idea to solve that.
By the way, Before I started to encrypt with your code I needed to change somethings to make it happen.
If you are interested, please let me know where to post or send.

Cheers Asterios
Apr 4 '20 #5

Rabbit
Expert Mod 10K+
P: 12,430
But when I decrypt that log-file afterwards, the out put is not the same as the origin log-strings.
May be you have an idea to solve that.
The ideas to solve that are in my prior posts above. To repeat:

A common way of handling this is store the size of the message in the header. That way you know when to cut off the last block.

There's no need to cut the string at the place where it's getting padded for encryption as the padding is necessary. You only need to strip out during decryption.

Since AES works on 16 byte blocks, if you mod the length by 16, that tells you how many bytes to get from the last block.
Apr 5 '20 #6

Post your reply

Sign in to post your reply or Sign up for a free account.