Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AES Encryptation Length short in my Qt App. #31

Open
RojasHenry opened this issue Jan 16, 2020 · 7 comments
Open

AES Encryptation Length short in my Qt App. #31

RojasHenry opened this issue Jan 16, 2020 · 7 comments

Comments

@RojasHenry
Copy link

Please I have a problem in Qt-AES library, when I encrypt text multiple times in the same app, I get a text encrypted with less characters, and when I desencrypt in other app not desencrypt it.
@bricke
Copy link
Owner

bricke commented Feb 4, 2020

Hello, can you provide a sample?

@bricke bricke added invalid and removed invalid labels May 13, 2020
@RojasHenry
Copy link
Author

Sorry to answer so late. Ok, I am using the following code to test your algorithm because is important for my project that validate in the server.

I overwrote the following function in your code with my code and add a function to debug the result.

I am using a loop to test your code. the code is making a encrypt and after that desencrypt but it has problem

void Log(char *text){
time_t t = time(NULL);
struct tm *tm = localtime(&t);
FILE *flog;
flog=fopen("./log.txt","a");
char * string_concat = new char[2048];
sprintf(string_concat,"%s : %s\n",strtok(asctime(tm), "\n"),text);
fputs(string_concat,flog);
fclose(flog);
free(string_concat);
}

void AesTest::CBC256StringEvenISO()
{
for(;;){
QString master = QUuid::createUuid().toString().replace(QString("{"),QString("")).replace(QString("}"),QString("")).trimmed();
QString newkey = master.mid(0,32);
//Log(newkey.toLatin1().data());
QString iv = master.right(16);
//Log(iv.toLatin1().data());

    //16 byte string
    QString inputStr("CP017904518010019999CC-17226586200605000840");
    QString inputStrH("QU9qb0FNZ3A0M05jd0FjZ2xBM2FNUHZSU0lSdTJVMER");
    /*QString key("0d133c9d-322f-4937-bbac-cb98e649");
    QString iv("bac-cb98e64919f1");

    //QByteArray hashKey = QCryptographicHash::hash(key.toLatin1(), QCryptographicHash::Sha256);
    //QByteArray hashIV = QCryptographicHash::hash(iv.toLatin1(), QCryptographicHash::Md5);

    QByteArray encodeText = encryption.encode(inputStr.toUtf8(), key.toUtf8(), iv.toUtf8());
    QString stringbase64 = QString::fromLatin1(encodeText.data());
    QString s64 = stringbase64.toLatin1().toBase64();

    QByteArray soTHER = QByteArray::fromBase64(stringbase64.toLatin1().toBase64());
    QByteArray decodeText = encryption.decode(soTHER, key.toUtf8(), iv.toUtf8());
    QString decodedString = QString(encryption.removePadding(decodeText));*/

    QByteArray cabecText = QAESEncryption::Crypt(QAESEncryption::AES_256, QAESEncryption::CBC,inputStr.toUtf8(), newkey.toUtf8(), iv.toUtf8(),QAESEncryption::ZERO);
    QString cabecTextbase64 = QString::fromLatin1(cabecText.data());
    QString cabec64 = cabecTextbase64.toLatin1().toBase64();
    int longitudC = cabec64.length();

    QByteArray huellaText = QAESEncryption::Crypt(QAESEncryption::AES_256, QAESEncryption::CBC,inputStrH.toUtf8(), newkey.toUtf8(), iv.toUtf8(),QAESEncryption::ZERO);
    QString huellaTextbase64 = QString::fromLatin1(huellaText.data());
    QString huella64 = huellaTextbase64.toLatin1().toBase64();
    int longitudH = huella64.length();
    QThread::sleep(1);

    if(longitudC >=64 && longitudH >=64){
        QByteArray cabec64Aux = QByteArray::fromBase64(cabec64.toLatin1());
        QByteArray decodeTextAUX = QAESEncryption::Decrypt(QAESEncryption::AES_256, QAESEncryption::CBC,cabec64Aux, newkey.toUtf8(), iv.toUtf8(),QAESEncryption::ZERO);
        QString decodedcabec = QString(QAESEncryption::RemovePadding(decodeTextAUX,QAESEncryption::ZERO));

        QByteArray huella64Aux = QByteArray::fromBase64(huella64.toLatin1());
        QByteArray decodeTextHAux = QAESEncryption::Decrypt(QAESEncryption::AES_256, QAESEncryption::CBC,huella64Aux, newkey.toUtf8(), iv.toUtf8(),QAESEncryption::ZERO);
        QString decodedhuella = QString(QAESEncryption::RemovePadding(decodeTextHAux,QAESEncryption::ZERO));

        int xC = QString::compare(decodedcabec, inputStr, Qt::CaseSensitive);
        int xH = QString::compare(decodedhuella, inputStrH, Qt::CaseSensitive);

        if(xC == 0 && xH == 0){
            Log("Success with decoding");
        }else{
            Log("Decoding error");
        }
    }else{
        Log("Error size String 64");
    }
}

}
--------------------Result File ----------------------------
image

@bricke
Copy link
Owner

bricke commented Sep 1, 2020

I wonder if converting from QString to QByteArray you lose the terminating char that is at the end of the QString? So maybe something gets lost somewhere in those conversions?

@RojasHenry
Copy link
Author

it could be, but in this case sometimes work and sometimes doesn't work. Maybe another solution or suggestion please.

@bricke
Copy link
Owner

bricke commented Sep 1, 2020

My suggestion would be to remove all QStrings and only use QByteArrays, something is happening between conversions, trims and removal of padding.
If it happens only sometimes, that would be my first guess.
Please remember that this is in no way audited and ready for a production environment.

@RojasHenry
Copy link
Author

ok, thanks for your suggestions, maybe you know any library to AES 256 instead of your example more trusty for a production environment please.

@bricke
Copy link
Owner

bricke commented Sep 1, 2020

openssl

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bricke @RojasHenry