CryptoSys Home > API > Testbed Demo Help

CryptoSys API Testbed Demo Help

This is the help page for the test bed demo program CryptoSys5A.exe distributed with CryptoSys API version 5.2 and above (it's in the folder C:\Program Files (x86)\CryptoSys\DotNet).

The program is written in Visual Basic (VB.NET) and demonstrates the results of encrypting data using the various encryption algorithms with different encryption modes and padding schemes. The source code is included with the distribution. See also the README file which shows how to use ILMerge utility to merge the CryptoSys .NET DLL with the EXE file.

An example

Testbed demo

The above example shows the results of encrypting the 12-character plaintext "hello world!" using AES-128 in CBC mode with PKCS5 padding. The ASCII encoding of the plaintext in hex is 68656C6C6F20776F726C6421, a byte array 12 bytes long.

The Key and Initialization Vector (IV) have been entered in hexadecimal-encoded form (in "hex"). For AES-128 both the key and IV must be exactly 128 bits long, that is 16 bytes. The values above were generated at random: KEY=BC4518F3680A4E9BF70877E3F33445AE, IV=0664F981C98615F70171B5F2DF6A9195. Be careful, the program will pad keys and IVs that are too short with zeroes.

The Input block shows the Plaintext in hex form padded to make the block an exact multiple of the block length (16 bytes for AES). The text is 12 characters long so four padding bytes of value 0x04 are appended to make the block exactly 16 bytes long. 

68656C6C6F20776F726C6421 (12 bytes) + 04040404 (4 bytes) = 68656C6C6F20776F726C642104040404 (16 bytes)

The Ciphertext (hex) field shows the result of encrypting the plaintext block in hex form: CT=5E0AA4ED28AD3853C49E06A314D1642D. This field will always be exactly the same length as the input block.

The CT (raw) field shows the result of displaying the ciphertext bytes as a string type. It's garbage because in general the ciphertext bytes do not represent printable characters. This is a graphic reminder not to store ciphertext in a "String" variable.

The CT (base64) field shows the ciphertext encoded in base64. It's just another way of looking at the byte array in a human-readable form.

Decrypt cipher text

On clicking Decrypt cipher text we see the results of decrypting the ciphertext. The Output block is the result of applying the AES-128 decryption algorithm to the ciphertext. This should be the same as the input block. The (In hex) field shows the result of stripping the PKCS5 padding in hex form. The Deciphered block shows the result of decoding this into a normal text string.

Each field explained

Algorithm

Select the encryption algorithm. For a given algorithm, the required block and key lengths are as follows.

AlgorithmBlock lengthKey length
AES-128 16 bytes (128 bits) 16 bytes (128 bits)
AES-192 16 bytes (128 bits) 24 bytes (192 bits)
AES-256 16 bytes (128 bits) 32 bytes (256 bits)
TDEA (Triple DES, 3DES, DES-EDE3) 8 bytes (64 bits) 24 bytes
DES 8 bytes (64 bits) 8 bytes
Blowfish 8 bytes (64 bits) up to 56 bytes (variable up to 448 bits)

Mode

Select the encryption mode. Each will result in a different ciphertext, and the recipient must know which mode has been used.

ModeFull nameRequires an IV?
ECB Electronic Codebook No
CBC Cipher Block Chaining Yes
CTR Counter Yes
CFB Cipher Feedback Yes
OFB Output Feedback Yes

The IV is always the same length as the block size, b. So we require 16 bytes for AES and 8 bytes for the other algorithms. In practice, the IV should always be unique each time when used with the same key.

Pedantic aside: Cipher Feedback mode (CFB) strictly requires an integer parameter, s in the range [1, b]. But we only provide 128-bit CFB mode for AES and 64-bit CFB mode for the other algorithms. Put another way, we only support s = b for CFB.

Padding

For ECB and CBC mode the plaintext must be padded so the input block is an exact multiple of the block length. If None is selected with ECB or CBC mode and the plaintext length is not an exact multiple, then it is an error.

Error 26

Key

Enter the key in the Enter Key field. The default form is hexadecimal. Then click Select Active Key to make this the active key. Or click Generate Random Key to enter a random value of the correct length.

Select the Alpha option in Key Format to enter the key in alphanumeric format, one byte per character, so 'a' = 0x61. Be sure to enter exactly the correct number of characters for the required key length. This example shows a valid "alpha" key for AES-192 of 24 bytes.

alpha key

IV

Enter an IV of the required length in hexadecimal form in the IV (hex) field. An IV must be entered in hex form. Or you can click Generate Random IV to enter a random value of the correct length.

Plain text

Enter the plaintext to be encrypted in the Plain text field.

To enter plaintext in hexadecimal form, select the Hexadecimal option in Plain Text Format. You can use this option to enter known test vectors. Here is an example from SP800-38A F.5.5 CTR-AES256.Encrypt. Note we use None for the padding and the deciphered value is not meaningful text.

F.5.5 CTR-AES256

Contact

For more information, please send us a message.

This page last updated 15 August 2025

HTML5 Powered reload
Copyright © 2016-25 D.I. Management Services Pty Limited ABN 78 083 210 584 Australia. All rights reserved.
<www.di-mgt.com.au>   <www.cryptosys.net>

Home | Contact us