Skip to content

Failed to decrypt file stream, #1326

New issue
New issue
Open
Open
Failed to decrypt file stream,#1326
@loadship

Description

@loadship
loadship
opened on Jul 28, 2025

Hello everyone, I can't write this code well. Decryption is a complicated job for me. I use the GCM-AES-256 decryption method. Now I have tried many ways of writing, and they all trigger exceptions.

CryptoPP::HashVerificationFilter::LastPut
"HashVerificationFilter: message hash or MAC not valid"

The encrypted file I passed in had the last 16 bytes trimmed off as the tag, which means my encrypted file was missing 16 bytes.

void DecryptMetaFile::aesDecryptStream(std::istream& ciphertextStream,
std::ostream& cleartextStream,
const std::vectorCryptoPP::byte& key,
const std::vectorCryptoPP::byte& iv,
const std::vectorCryptoPP::byte& tag)
{

try {
    if (key.size() != CryptoPP::AES::DEFAULT_KEYLENGTH && key.size() != 32) {
        throw std::invalid_argument("Invalid AES key size");
    }
    if (iv.size() < 12) {
        throw std::invalid_argument("IV must be at least 12 bytes");
    }
    if (tag.size() != 16) {
        throw std::invalid_argument("Tag must be 16 bytes");
    }
    printAsAscii(tag);

    // 
    CryptoPP::GCM<CryptoPP::AES>::Decryption decryptor;
    decryptor.SetKeyWithIV(key.data(), key.size(), iv.data(), iv.size());


    // 
    CryptoPP::AuthenticatedDecryptionFilter df(
        decryptor,
        new CryptoPP::FileSink(cleartextStream),
        CryptoPP::AuthenticatedDecryptionFilter::DEFAULT_FLAGS,
        tag.size()
        );



    // 
    //df.ChannelPut(CryptoPP::AAD_CHANNEL, nullptr, 0);

    // 
    //df.ChannelPut(CryptoPP::DEFAULT_CHANNEL, reinterpret_cast<const byte*>(tag.data()), tag.size());

    // 
    const size_t bufferSize = 1024; // 增大缓冲区提高性能
    std::vector<CryptoPP::byte> buffer(bufferSize);

    while (ciphertextStream)
    {
        ciphertextStream.read(reinterpret_cast<char*>(buffer.data()), bufferSize);
        size_t bytesRead = ciphertextStream.gcount();

        if (bytesRead > 0)
        {
            df.ChannelPut(CryptoPP::DEFAULT_CHANNEL, buffer.data(), bytesRead);
        }
    }

    // 
    df.ChannelPut(CryptoPP::DEFAULT_CHANNEL, tag.data(), tag.size());

    // 
    //df.ChannelMessageEnd(CryptoPP::AAD_CHANNEL);
    df.ChannelMessageEnd(CryptoPP::DEFAULT_CHANNEL);
}
catch (const CryptoPP::Exception& e) {
    qInfo() << QString::fromStdString(e.what());
}

}

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions