Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

compatibility with openssl issue #38

Open
frankipl opened this issue Mar 5, 2021 · 4 comments
Open

compatibility with openssl issue #38

frankipl opened this issue Mar 5, 2021 · 4 comments

Comments

@frankipl
Copy link

frankipl commented Mar 5, 2021

Hi
Is there a method to derive iv from password ? without salt, basically I need to replicate this openssl command on iOS and Android:
openssl enc -aes-128-ecb -a -K MY_KEY -k 'MY_PASS' -in mesg.enc

Best,
Marek
@frankipl
Copy link
Author

frankipl commented Mar 5, 2021
edited
Loading

Hi
I have found a way of getting key and IV from openssl command, but I can't decode with openssl what has been encoded via your program. Can you help I'm using aes-128-ecb and openssl version 1.1.1d ?
I have string 'letmein' in file plain.data I'm using command to encode this string and testing different keys derivation method (-iter 1, or -pbkdf2 or no method specified for openssl cmd)
Then I'm taking the key from openssl command output and try to use in your routine, it encodes and decodes string but encoded string can't be decoded by openssl command, example:

franki@franki:~/enc_test$ openssl enc -nosalt -base64 -aes-128-ecb -k myPassword -in plain.data -iter 1 -p
key=A2735938761FD7472E16CE457D0B1C09
Bd6B3CUO0nn6thX+Cs3nWw==
franki@franki:~/enc_test$

Taking this key to your program, encode string 'letmein' and encoded text is:
INA6FuTjreDm3Z8/o4vJ3w==
Trying to decode this string via openssl:

franki@franki:~/enc_test$ echo  "INA6FuTjreDm3Z8/o4vJ3w=="|openssl enc -d -nosalt -base64 -aes-128-ecb -K A2735938761FD7472E16CE457D0B1C09
bad decrypt
139737504613504:error:0606506D:digital envelope routines:EVP_DecryptFinal_ex:wrong final block length:../crypto/evp/evp_enc.c:586:
franki@franki:~/enc_test$

Trying to decode via openssl what has been encoded by openssl with this key: A2735938761FD7472E16CE457D0B1C09

franki@franki:~/enc_test$ echo "Bd6B3CUO0nn6thX+Cs3nWw=="|openssl enc -d -nosalt -base64 -aes-128-ecb -K A2735938761FD7472E16CE457D0B1C09
letmein
franki@franki:~/enc_test$

Code from your program:

    QAESEncryption encryption(QAESEncryption::AES_128, QAESEncryption::ECB);

    QString inputStr("letmein");
    QString key("A2735938761FD7472E16CE457D0B1C09");

    QByteArray encodeText = encryption.encode(inputStr.toLocal8Bit(), key.toLocal8Bit());
    QByteArray decodeText = encryption.decode(encodeText, key.toLocal8Bit());

    QString decodedString = QString(encryption.removePadding(decodeText));

Some help would be appreciated, can't make it work :(
Best
Marek

@frankipl
Copy link
Author

frankipl commented Mar 5, 2021

I'm not an expert ;) it looks like yout AES procedure does not use salt, so encodeText should be the same from openssl command and your program right ?
Best,
Marek

@frankipl frankipl changed the title derive iv from password compatibility with openssl issue Mar 5, 2021
@bricke
Copy link
Owner

bricke commented Apr 29, 2021

That's correct, I am not using a salt procedure

@bricke
Copy link
Owner

bricke commented Apr 29, 2021

Maybe that can be an add-on improvement

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bricke @frankipl