You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2021-07-04 09:01:29
- LCan
- Member
- Registered: 2021-07-04
- Posts: 1
How to use AES GCM properly.
Hello.
I have a code to port from Python to Delphi, which involves working with AES in GCM mode. I decided to use SynCrypto pascal module, but cannot find any reliable example for AES in GCM mode (although it is supported).
I tried to figure, but I am not getting same result as my Python script (which uses PyCryptodome, AES in GCM mode)
Here is my trial in SynCrypto :
=======================
var AES: TAESGCM;
var Key: TSHA256Digest;
var IV: TAESBlock;
var InBytes: TBytes;
var masterkey_bytes: TBytes;
var iv_bytes: TBytes;
var OutBytes: TBytes;
CopyMemory(@Key, @masterkey_bytes, 32);
CopyMemory(@IV, @iv_bytes, 12);
AES := TAESGCM.Create(Key, 256);
AES.IV :=IV ;
AES.Decrypt(@InBytes[0],@OutBytes[0],32);
and this is my Python code:
======================
from Crypto.Cipher import AES
# Password is got from disk after some operations, has the IV (12 bytes) and cipher (32 byte)
cipher = AES.new(masterkey_bytes, AES.MODE_GCM, iv_bytes)
OutBytes= cipher.decrypt(InBytes)
They are not giving same results, and I cannot know what is wrong since no documentation for this. I also knew that PyCryptoDome implements gcm without authentication, what about SynCrypto?
also, IV in GCM is to be 12 bytes ( and same in Python). But in Syncrypto, I don't know if it accepts that or not (Again I cannot find any doc)
I need help in this urgently, may anyone help me?
Regards/
Offline
#2 2021-07-04 13:48:39
Re: How to use AES GCM properly.
GCM without authentication means just CTR encryption.
I suspect you need to add a padding.
You will find in SynSelfTests.pas some sample code about GCM.
See TTestCryptographicRoutines._AES_GCM for instance.
Offline
Pages: 1