000019628 - AI_AES***_CBC does not work with the AM's listed in RSA BSAFE Crypto-C Reference Manual

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000019628
Applies ToRSA BSAFE Crypto-C 5.2.2
RSA BSAFE Crypto-C 6.0
IssueAI_AES***_CBC does not work with the AM's listed in RSA BSAFE Crypto-C Reference Manual
If you use AI_AES128_CBC, AI_AES192_CBC, or AI_AES256_CBC (or any of the corresponding AI's with padding) and you enter the corresponding AM's in the algorithm chooser, you receive a 545 -- BE_METHOD_NOT_IN_CHOOSER error
CauseThere is a bug in the toolkit where using the AM_AES_CBC_ENCRYPT or AM_AES_CBC_DECRYPT makes these AIs work.  However, when the toolkit tries to limit the keysize, it does not find the correct key size and hence the other AMs will not work.
ResolutionOne solution is to use the AI_AES_CBC or AI_AES_CBCPad.  In this case, the user should make sure that they are using the correct key size.

Also, this bug was fixed in RSA BSAFE Crypto-C 6.0.1. Contact your RSA Security sales representative to upgrade.
Legacy Article IDa10320

Attachments

    Outcomes