Re: aes_256_cbc decryption
Hi, There is a confusion in your code between byte buffers and their HEX representation. You should work directly with buffer without trying to access them as strings. This will solve all your problems. So, change the implementation of your function MD5_hash to put the hash directly into the chash parameter without converting it to ASCII and never call printf directly on byte arrays. Once you have done these changes and if you still have errors, post your code and we will try to help you. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr himas wrote: Mounir IDRASSI wrote: Hi, There are two main mistakes in your code: - The output of the MD5 is 16 bytes long but you are allocating 8 bytes only. This will cause memory corruption. - AES-256 expects the key to be 32-bytes long but you want to use an MD5 digest as a key which is only 16-bytes. You should use SHA-256 instead for this purpose. 1. I tried to allocate more, but got some extra-symbols returned with the hash char *chash = (char*)malloc(16); MD5_Hash(pass, chash); printf("%s \n", chash); returned: "Р♥>3dd0cd797a7399b56c470612887108eb" 2. Just for the test I doubled my MD5 digest and send it to Decryption function and got the same sad result new ctext = "fdfb4ca253caf79c683b85787de8d094" as you can see it remains the same after doubling the hash -- CODE -- // double the key char hash[65] = {0}; int i; for (i = 0; i <= 64; i++) { if (i >= 32) hash[i] = chash[i-32]; else hash[i] = chash[i]; } hash[65] = '\0'; printf("%s \n", hash); -- CODE -- Result: [*] decryption result ae e3 27 62 c8 8a 9a 76 0b 67 73 1e 17 f8 dc ca оу'b╚КЪv♂gs▲↨°▄╩tСTUT*ыьЫuУ{╧$Qо 3. I also changed a little my Decryption code: -- CODE -- int templen; EVP_DecryptFinal(&ctx, outbuf + outlen, &templen); outlen = outlen + templen; -- CODE -- SO -- CODE -- for(i = 0; i < outlen; i++) printf("%02x ", outbuf[i]); -- CODE -- Now works fine __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: aes_256_cbc decryption
Mounir IDRASSI wrote: > > Hi, > > There are two main mistakes in your code: > - The output of the MD5 is 16 bytes long but you are allocating 8 > bytes only. This will cause memory corruption. > - AES-256 expects the key to be 32-bytes long but you want to use an > MD5 digest as a key which is only 16-bytes. You should use SHA-256 > instead for this purpose. > 1. I tried to allocate more, but got some extra-symbols returned with the hash char *chash = (char*)malloc(16); MD5_Hash(pass, chash); printf("%s \n", chash); returned: "Р♥>3dd0cd797a7399b56c470612887108eb" 2. Just for the test I doubled my MD5 digest and send it to Decryption function and got the same sad result: -- CODE -- // double the key char hash[65] = {0}; int i; for (i = 0; i <= 64; i++) { if (i >= 32) hash[i] = chash[i-32]; else hash[i] = chash[i]; } hash[65] = '\0'; printf("%s \n", hash); -- CODE -- Result: [*] decryption result ae e3 27 62 c8 8a 9a 76 0b 67 73 1e 17 f8 dc ca оу'b╚КЪv♂gs▲↨°▄╩tСTUT*ыьЫuУ{╧$Qо 3. I also changed a little my Decryption code: -- CODE -- int templen; EVP_DecryptFinal(&ctx, outbuf + outlen, &templen); outlen = outlen + templen; -- CODE -- SO -- CODE -- for(i = 0; i < outlen; i++) printf("%02x ", outbuf[i]); -- CODE -- Now works fine -- View this message in context: http://www.nabble.com/aes_256_cbc-decryption-tp26074101p26076478.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: aes_256_cbc decryption
Hi, There are two main mistakes in your code: - The output of the MD5 is 16 bytes long but you are allocating 8 bytes only. This will cause memory corruption. - AES-256 expects the key to be 32-bytes long but you want to use an MD5 digest as a key which is only 16-bytes. You should use SHA-256 instead for this purpose. I hope this will help. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr himas wrote: Hello, I wrote a source for encrypting and decrypting some text data with aes_256_cbc: -- CODE -- void aes256cbc_encrypt(char *text, char *hkey) { int i, outlen; unsigned char *outbuf = (unsigned char*)malloc(1024); unsigned char *inbuf = (unsigned char*)text; int inlen = strlen(text); unsigned char *key = (unsigned char*)hkey; //unsigned char key[] = "somevalue"; EVP_CIPHER_CTX ctx; const EVP_CIPHER *cipher; EVP_CIPHER_CTX_init(&ctx); cipher = EVP_aes_256_cbc(); EVP_EncryptInit(&ctx, cipher, key, NULL); EVP_EncryptUpdate(&ctx, outbuf, &outlen, inbuf, inlen); EVP_EncryptFinal(&ctx, outbuf + outlen, &outlen); for(i = 0; i < outlen; i++) printf("%02x", outbuf[i]); EVP_CIPHER_CTX_cleanup(&ctx); free(outbuf); } int aes256cbc_decrypt(char *ctext, char *hkey) { int i, outlen; unsigned char *outbuf = (unsigned char*)malloc(1024); unsigned char *inbuf = (unsigned char*)ctext; int inlen = strlen(ctext); unsigned char *key = (unsigned char*)hkey; printf("cyphered text = %s\nhashed key = %s\n", ctext, hkey); EVP_CIPHER_CTX ctx; const EVP_CIPHER *cipher; EVP_CIPHER_CTX_init(&ctx); cipher = EVP_aes_256_cbc(); EVP_DecryptInit(&ctx, cipher, key, NULL); EVP_DecryptUpdate(&ctx, outbuf, &outlen, inbuf, inlen); EVP_DecryptFinal(&ctx, outbuf + outlen, &outlen); printf("\n[*] decryption result\n"); //for(i = 0; i < outlen; i++) printf("%02x", outbuf[i]); for(i = 0; i < 16; i++) printf("%02x", outbuf[i]); printf("\n%s \n", outbuf); EVP_CIPHER_CTX_cleanup(&ctx); free(outbuf); } main () { char *pass = "testtesttesttest"; char *text = "testtesttesttest"; char *ctext = "fdfb4ca253caf79c683b85787de8d094"; // generating MD5 hash char *chash = (char*)malloc(8); MD5_Hash(pass, chash); //aes256cbc_crypt(text, chash); aes256cbc_decrypt(ctext, chash); } -- CODE -- My questions concerning decryption are: 1. why don't I get outlen value? 2. why don't I get plaintext value after decryption (must be "testtesttesttest") __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
aes_256_cbc decryption
Hello, I wrote a source for encrypting and decrypting some text data with aes_256_cbc: -- CODE -- void aes256cbc_encrypt(char *text, char *hkey) { int i, outlen; unsigned char *outbuf = (unsigned char*)malloc(1024); unsigned char *inbuf = (unsigned char*)text; int inlen = strlen(text); unsigned char *key = (unsigned char*)hkey; //unsigned char key[] = "somevalue"; EVP_CIPHER_CTX ctx; const EVP_CIPHER *cipher; EVP_CIPHER_CTX_init(&ctx); cipher = EVP_aes_256_cbc(); EVP_EncryptInit(&ctx, cipher, key, NULL); EVP_EncryptUpdate(&ctx, outbuf, &outlen, inbuf, inlen); EVP_EncryptFinal(&ctx, outbuf + outlen, &outlen); for(i = 0; i < outlen; i++) printf("%02x", outbuf[i]); EVP_CIPHER_CTX_cleanup(&ctx); free(outbuf); } int aes256cbc_decrypt(char *ctext, char *hkey) { int i, outlen; unsigned char *outbuf = (unsigned char*)malloc(1024); unsigned char *inbuf = (unsigned char*)ctext; int inlen = strlen(ctext); unsigned char *key = (unsigned char*)hkey; printf("cyphered text = %s\nhashed key = %s\n", ctext, hkey); EVP_CIPHER_CTX ctx; const EVP_CIPHER *cipher; EVP_CIPHER_CTX_init(&ctx); cipher = EVP_aes_256_cbc(); EVP_DecryptInit(&ctx, cipher, key, NULL); EVP_DecryptUpdate(&ctx, outbuf, &outlen, inbuf, inlen); EVP_DecryptFinal(&ctx, outbuf + outlen, &outlen); printf("\n[*] decryption result\n"); //for(i = 0; i < outlen; i++) printf("%02x", outbuf[i]); for(i = 0; i < 16; i++) printf("%02x", outbuf[i]); printf("\n%s \n", outbuf); EVP_CIPHER_CTX_cleanup(&ctx); free(outbuf); } main () { char *pass = "testtesttesttest"; char *text = "testtesttesttest"; char *ctext = "fdfb4ca253caf79c683b85787de8d094"; // generating MD5 hash char *chash = (char*)malloc(8); MD5_Hash(pass, chash); //aes256cbc_crypt(text, chash); aes256cbc_decrypt(ctext, chash); } -- CODE -- My questions concerning decryption are: 1. why don't I get outlen value? 2. why don't I get plaintext value after decryption (must be "testtesttesttest") __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
aes_256_cbc decryption
Hello, I wrote a source for encrypting and decrypting some text data with aes_256_cbc: -- CODE -- void aes256cbc_encrypt(char *text, char *hkey) { int i, outlen; unsigned char *outbuf = (unsigned char*)malloc(1024); unsigned char *inbuf = (unsigned char*)text; int inlen = strlen(text); unsigned char *key = (unsigned char*)hkey; //unsigned char key[] = "somevalue"; EVP_CIPHER_CTX ctx; const EVP_CIPHER *cipher; EVP_CIPHER_CTX_init(&ctx); cipher = EVP_aes_256_cbc(); EVP_EncryptInit(&ctx, cipher, key, NULL); EVP_EncryptUpdate(&ctx, outbuf, &outlen, inbuf, inlen); EVP_EncryptFinal(&ctx, outbuf + outlen, &outlen); for(i = 0; i < outlen; i++) printf("%02x", outbuf[i]); EVP_CIPHER_CTX_cleanup(&ctx); free(outbuf); } int aes256cbc_decrypt(char *ctext, char *hkey) { int i, outlen; unsigned char *outbuf = (unsigned char*)malloc(1024); unsigned char *inbuf = (unsigned char*)ctext; int inlen = strlen(ctext); unsigned char *key = (unsigned char*)hkey; printf("cyphered text = %s\nhashed key = %s\n", ctext, hkey); EVP_CIPHER_CTX ctx; const EVP_CIPHER *cipher; EVP_CIPHER_CTX_init(&ctx); cipher = EVP_aes_256_cbc(); EVP_DecryptInit(&ctx, cipher, key, NULL); EVP_DecryptUpdate(&ctx, outbuf, &outlen, inbuf, inlen); EVP_DecryptFinal(&ctx, outbuf + outlen, &outlen); printf("\n[*] decryption result\n"); //for(i = 0; i < outlen; i++) printf("%02x", outbuf[i]); for(i = 0; i < 16; i++) printf("%02x", outbuf[i]); printf("\n%s \n", outbuf); EVP_CIPHER_CTX_cleanup(&ctx); free(outbuf); } main () { char *pass = "testtesttesttest"; char *text = "testtesttesttest"; char *ctext = "fdfb4ca253caf79c683b85787de8d094"; // generating MD5 hash char *chash = (char*)malloc(8); MD5_Hash(pass, chash); //aes256cbc_crypt(text, chash); aes256cbc_decrypt(ctext, chash); } -- CODE -- My questions concerning decryption are: 1. why don't I get outlen value? 2. why don't I get plaintext value after decryption (must be "testtesttesttest") -- View this message in context: http://www.nabble.com/aes_256_cbc-decryption-tp26074101p26074101.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org