Qt-AES icon indicating copy to clipboard operation
Qt-AES copied to clipboard

Published 20 hours ago verified publisher icon bricke

compatibility with openssl issue

Open frankipl opened this issue 3 years ago • 4 comments

Hi Is there a method to derive iv from password ? without salt, basically I need to replicate this openssl command on iOS and Android: openssl enc -aes-128-ecb -a -K MY_KEY -k 'MY_PASS' -in mesg.enc

Best, Marek

frankipl avatar Mar 05 '21 09:03 frankipl

Hi I have found a way of getting key and IV from openssl command, but I can't decode with openssl what has been encoded via your program. Can you help I'm using aes-128-ecb and openssl version 1.1.1d ? I have string 'letmein' in file plain.data I'm using command to encode this string and testing different keys derivation method (-iter 1, or -pbkdf2 or no method specified for openssl cmd) Then I'm taking the key from openssl command output and try to use in your routine, it encodes and decodes string but encoded string can't be decoded by openssl command, example:

franki@franki:~/enc_test$ openssl enc -nosalt -base64 -aes-128-ecb -k myPassword -in plain.data -iter 1 -p
key=A2735938761FD7472E16CE457D0B1C09
Bd6B3CUO0nn6thX+Cs3nWw==
franki@franki:~/enc_test$

Taking this key to your program, encode string 'letmein' and encoded text is: INA6FuTjreDm3Z8/o4vJ3w== Trying to decode this string via openssl:

franki@franki:~/enc_test$ echo  "INA6FuTjreDm3Z8/o4vJ3w=="|openssl enc -d -nosalt -base64 -aes-128-ecb -K A2735938761FD7472E16CE457D0B1C09
bad decrypt
139737504613504:error:0606506D:digital envelope routines:EVP_DecryptFinal_ex:wrong final block length:../crypto/evp/evp_enc.c:586:
franki@franki:~/enc_test$

Trying to decode via openssl what has been encoded by openssl with this key: A2735938761FD7472E16CE457D0B1C09

franki@franki:~/enc_test$ echo "Bd6B3CUO0nn6thX+Cs3nWw=="|openssl enc -d -nosalt -base64 -aes-128-ecb -K A2735938761FD7472E16CE457D0B1C09
letmein
franki@franki:~/enc_test$

Code from your program:

    QAESEncryption encryption(QAESEncryption::AES_128, QAESEncryption::ECB);

    QString inputStr("letmein");
    QString key("A2735938761FD7472E16CE457D0B1C09");

    QByteArray encodeText = encryption.encode(inputStr.toLocal8Bit(), key.toLocal8Bit());
    QByteArray decodeText = encryption.decode(encodeText, key.toLocal8Bit());

    QString decodedString = QString(encryption.removePadding(decodeText));

Some help would be appreciated, can't make it work :( Best Marek

frankipl avatar Mar 05 '21 13:03 frankipl

I'm not an expert ;) it looks like yout AES procedure does not use salt, so encodeText should be the same from openssl command and your program right ? Best, Marek

frankipl avatar Mar 05 '21 18:03 frankipl

That's correct, I am not using a salt procedure

bricke avatar Apr 29 '21 16:04 bricke

Maybe that can be an add-on improvement

bricke avatar Apr 29 '21 16:04 bricke