diff --git a/lib/src/packet/secret_key.dart b/lib/src/packet/secret_key.dart index b0a8b745..0fe248e6 100644 --- a/lib/src/packet/secret_key.dart +++ b/lib/src/packet/secret_key.dart @@ -215,7 +215,7 @@ class SecretKeyPacket extends ContainedPacket implements KeyPacket { final key = await s2k.produceKey(passphrase, symmetric.keySizeInByte); final cipher = PaddedBlockCipherImpl( - PKCS7Padding(), + Padding('PKCS7'), symmetric.cfbCipherEngine, ); cipher.init( @@ -255,8 +255,10 @@ class SecretKeyPacket extends ContainedPacket implements KeyPacket { symmetric.keySizeInByte, ) ?? Uint8List(symmetric.keySizeInByte); + final blockSize = symmetric.blockSize; + final padding = Padding('PKCS7'); final cipher = PaddedBlockCipherImpl( - PKCS7Padding(), + padding, symmetric.cfbCipherEngine, ); cipher.init( @@ -264,13 +266,17 @@ class SecretKeyPacket extends ContainedPacket implements KeyPacket { PaddedBlockCipherParameters( ParametersWithIV( KeyParameter(key), - iv ?? Uint8List(symmetric.blockSize), + iv ?? Uint8List(blockSize), ), null, ), ); - final clearTextWithHash = cipher.process(keyData); + final padLength = blockSize - (keyData.length % blockSize); + final padded = Uint8List(keyData.length + padLength)..setAll(0, keyData); + padding.addPadding(padded, keyData.length); + + final clearTextWithHash = cipher.process(padded); clearText = clearTextWithHash.sublist( 0, clearTextWithHash.length - HashAlgorithm.sha1.digestSize, diff --git a/lib/src/packet/sym_encrypted_data.dart b/lib/src/packet/sym_encrypted_data.dart index 69a20c57..ed6c3b18 100644 --- a/lib/src/packet/sym_encrypted_data.dart +++ b/lib/src/packet/sym_encrypted_data.dart @@ -37,7 +37,7 @@ class SymEncryptedDataPacket extends ContainedPacket { final SymmetricAlgorithm symmetric = SymmetricAlgorithm.aes128, }) async { final cipher = PaddedBlockCipherImpl( - PKCS7Padding(), + Padding('PKCS7'), symmetric.cfbCipherEngine, ); cipher.init( @@ -101,8 +101,9 @@ class SymEncryptedDataPacket extends ContainedPacket { throw StateError('Message is not authenticated.'); } final blockSize = symmetric.blockSize; + final padding = Padding('PKCS7'); final cipher = PaddedBlockCipherImpl( - PKCS7Padding(), + padding, symmetric.cfbCipherEngine, ); cipher.init( @@ -115,10 +116,16 @@ class SymEncryptedDataPacket extends ContainedPacket { null, ), ); + + final data = encrypted.sublist(blockSize + 2); + final padLength = blockSize - (data.length % blockSize); + final padded = Uint8List(data.length + padLength)..setAll(0, data); + padding.addPadding(padded, data.length); + return SymEncryptedDataPacket( encrypted, packets: PacketList.packetDecode( - cipher.process(encrypted.sublist(blockSize + 2)), + cipher.process(padded), ), ); } diff --git a/lib/src/packet/sym_encrypted_integrity_protected_data.dart b/lib/src/packet/sym_encrypted_integrity_protected_data.dart index 26fbe05c..acb80fe6 100644 --- a/lib/src/packet/sym_encrypted_integrity_protected_data.dart +++ b/lib/src/packet/sym_encrypted_integrity_protected_data.dart @@ -65,7 +65,7 @@ class SymEncryptedIntegrityProtectedDataPacket extends ContainedPacket { ]); final cipher = PaddedBlockCipherImpl( - PKCS7Padding(), + Padding('PKCS7'), symmetric.cfbCipherEngine, ); cipher.init( @@ -110,8 +110,10 @@ class SymEncryptedIntegrityProtectedDataPacket extends ContainedPacket { final Uint8List key, { final SymmetricAlgorithm symmetric = SymmetricAlgorithm.aes128, }) async { + final blockSize = symmetric.blockSize; + final padding = Padding('PKCS7'); final cipher = PaddedBlockCipherImpl( - PKCS7Padding(), + padding, symmetric.cfbCipherEngine, ); cipher.init( @@ -119,13 +121,17 @@ class SymEncryptedIntegrityProtectedDataPacket extends ContainedPacket { PaddedBlockCipherParameters( ParametersWithIV( KeyParameter(key), - Uint8List(symmetric.blockSize), + Uint8List(blockSize), ), null, ), ); - final decrypted = cipher.process(encrypted); + final padLength = blockSize - (encrypted.length % blockSize); + final padded = Uint8List(encrypted.length + padLength)..setAll(0, encrypted); + padding.addPadding(padded, encrypted.length); + + final decrypted = cipher.process(padded); final realHash = decrypted.sublist( decrypted.length - HashAlgorithm.sha1.digestSize, ); diff --git a/lib/src/packet/sym_encrypted_session_key.dart b/lib/src/packet/sym_encrypted_session_key.dart index 09df4e58..43d2af2b 100644 --- a/lib/src/packet/sym_encrypted_session_key.dart +++ b/lib/src/packet/sym_encrypted_session_key.dart @@ -132,7 +132,7 @@ class SymEncryptedSessionKeyPacket extends ContainedPacket { if (sessionKey != null) { if (version == 5) { final adata = Uint8List.fromList([ - 0xC0 | PacketTag.aeadEncryptedData.value, + 0xc0 | PacketTag.symEncryptedSessionKey.value, version, symmetric.value, aead.value, @@ -142,7 +142,7 @@ class SymEncryptedSessionKeyPacket extends ContainedPacket { encrypted = cipher.encrypt(sessionKey.key, iv, adata); } else { final cipher = PaddedBlockCipherImpl( - PKCS7Padding(), + Padding('PKCS7'), symmetric.cfbCipherEngine, ); cipher.init( @@ -196,8 +196,10 @@ class SymEncryptedSessionKeyPacket extends ContainedPacket { final decrypted = cipher.decrypt(encrypted, iv, adata); sessionKey = SessionKey(decrypted, symmetric); } else { + final blockSize = symmetric.blockSize; + final padding = Padding('PKCS7'); final cipher = PaddedBlockCipherImpl( - PKCS7Padding(), + padding, symmetric.cfbCipherEngine, ); cipher.init( @@ -205,12 +207,17 @@ class SymEncryptedSessionKeyPacket extends ContainedPacket { PaddedBlockCipherParameters( ParametersWithIV( KeyParameter(key), - Uint8List(symmetric.blockSize), + Uint8List(blockSize), ), null, ), ); - final decrypted = cipher.process(encrypted); + + final padLength = blockSize - (encrypted.length % blockSize); + final padded = Uint8List(encrypted.length + padLength)..setAll(0, encrypted); + padding.addPadding(padded, encrypted.length); + + final decrypted = cipher.process(padded); final sessionKeySymmetric = SymmetricAlgorithm.values.firstWhere( (algo) => algo.value == decrypted[0], );