3

I am trying to implement an AES-OFB wrapper around CNG's AES for symmetric encryption.

I have run into an issue that I cannot understand... I have created an AES algorithm handle (BCRYPT_AES_ALGORITHM) and imported an AES key. I then attempt to generate a 16 byte keystream for use with XORing my plaintext/ciphertext. The first time I run through this mechanism, the keyStreamPtr changes from some random byte stream to another, however, the 3rd time I do this (the 3rd set of 16 bytes of keystream), I start getting the same output and it happens forever.

            status = BCryptEncrypt((BCRYPT_KEY_HANDLE)keyHandle, 
                                   keyStreamPtr,   
                                   keyStreamLength,
                                   NULL, //no padding
                                   NULL, // no IV
                                   0,  // no IV
                                   keyStreamPtr,   
                                   keyStreamLength,
                                   &Length, 
                                   0); // no option flags

Has anybody ever seen anything like this? why would AES ever return ciphertext totally identical to the plaintext that was the input? Again this is for an AES-OFB implementation... Perhaps I am doing something wrong?

pnuts
  • 58,317
  • 11
  • 87
  • 139
Daniel Scire
  • 221
  • 1
  • 9

1 Answers1

0

The only thing I can think of is that you encrypt the key stream again. If you do this you effectively perform encrypt/decrypt: P XOR C XOR C = P where C is the key stream and P is the plain text. You might want to look at the buffer/stream handling within your code.

Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263