AES decrypt without PKCS padding?

[Aaron D. Gifford]

Hi,

I need to do some decryption of data encrypted with Rijndael (AES) but
that is NOT PKCS padded. I can't use openssl, as it chokes on data
that isn't padded PKCS-style. And I tried the all-Ruby crypt gem and
it seems to have issues on my system running 1.9.1 (I haven't analyzed
what the deal is yet so I can't say more).

Are there any OTHER gems I should take a look at, or is there a way to
disable PKCS padding and use openssl?

Wondering,
Aaron out.

 

[Brian Candler]

I need to do some decryption of data encrypted with Rijndael (AES) but
that is NOT PKCS padded. I can't use openssl, as it chokes on data
that isn't padded PKCS-style. And I tried the all-Ruby crypt gem and
it seems to have issues on my system running 1.9.1 (I haven't analyzed
what the deal is yet so I can't say more).

Are there any OTHER gems I should take a look at, or is there a way to
disable PKCS padding and use openssl?

Google "openssl disable padding", the first hit is
http://www.openssl.org/docs/apps/enc.html

If you can do what you want using openssl enc -nopad from the command
line, then you should be able to do the same using the OpenSSL API.

In C, nopad calls EVP_CIPHER_CTX_set_padding(ctx, 0);

I think the equivalent in Ruby is this:
=> ["padding="]

 

[Aaron D. Gifford]

=> ["padding="][/QUOTE]


Thank you, that was exactly what I needed and it works perfectly for my data:

def decrypt_aes_256_cbc(key, iv, ciphertext)
aes = OpenSSL::Cipher::AES.NEW('256-CBC')
aes.decrypt
aes.padding = 0
aes.key = key
aes.iv = iv
aes.update(ciphertext) + aes.final
end

Aaron out.