Aes encryption compatible with openssl cmd
-
@Marek said in Aes encryption compatible with openssl cmd:
unsigned char* plainText=reinterpret_cast<unsigned char *>(arg.toLocal8Bit().data());
You are taking the data pointer of a temporary QByteArray which lifetime ends after the semi colon therefore pointing to somewhere that may or may not contain the data.
You have to ensure that the lifetime of your objects.
As already written numerous time:
QString someString("Foo bar"); QByteArray latin1Array = someString.toLatin1(); // Now you can use your pointer thingy based on latin1Array.data() -
@Marek said in Aes encryption compatible with openssl cmd:
unsigned char* plainText=reinterpret_cast<unsigned char *>(arg.toLocal8Bit().data());
You are taking the data pointer of a temporary QByteArray which lifetime ends after the semi colon therefore pointing to somewhere that may or may not contain the data.
You have to ensure that the lifetime of your objects.
As already written numerous time:
QString someString("Foo bar"); QByteArray latin1Array = someString.toLatin1(); // Now you can use your pointer thingy based on latin1Array.data()@SGaist @Christian-Ehrlicher thanks for your help
but no difference
QString arg("letmein"); QByteArray latin1Array = arg.toLatin1(); unsigned char* plainText=reinterpret_cast<unsigned char *>(latin1Array.data());Result is the same:
BEGIN openssl2 EncryptMgr::openssl2 ciphertext: "f602bdec9c84c0d3476ebf6115588131" base: "9gK97JyEwNNHbr9hFViBMQ==" EncryptMgr::openssl2 decryptText: "letmein" END openssl2And I even tested just hardcoding string letmein as unsinged char (same result)
unsigned char plainText[]="letmein"But maybe there is some error with reading cipher text from unsigned char to QByteArray ?
Best
Marek -
There is so much code which is not needed so I don't understand what's really going on. For such a simple encryption not more than 10 lines should be needed. Please provide a minimal compilable example.
And are you sure the\0is added on command line? I would guess no. -
There is so much code which is not needed so I don't understand what's really going on. For such a simple encryption not more than 10 lines should be needed. Please provide a minimal compilable example.
And are you sure the\0is added on command line? I would guess no.@Christian-Ehrlicher
There are three types of encrypt/decrypt atempts in this code thats why it looks big,
I can't shrink it unless I remove one of methods-
openssl2 function is using:
aes_init - to init openssl and EVP_BytesToKey to create key from password
aes_encrypt - to encypt
aes_decrypt - to decrypt
openssl2 is initializing aes, performs encrypt and decrypt and prints the result -
openssl function is using:
encrypt - to encrypt
decrypt - to decrypt
handleErrors - doesn't matter
This one is different in terms of key handling, does not derive key from password, key is already provided, taken from openssl command
openssl enc -aes-128-ecb -nosalt -k 'myPassword' -a -pbkdf2 -md sha1 -p- This is just using https://github.com/bricke/Qt-AES
all in single procedure
Best,
Marek -
-
@Christian-Ehrlicher
There are three types of encrypt/decrypt atempts in this code thats why it looks big,
I can't shrink it unless I remove one of methods-
openssl2 function is using:
aes_init - to init openssl and EVP_BytesToKey to create key from password
aes_encrypt - to encypt
aes_decrypt - to decrypt
openssl2 is initializing aes, performs encrypt and decrypt and prints the result -
openssl function is using:
encrypt - to encrypt
decrypt - to decrypt
handleErrors - doesn't matter
This one is different in terms of key handling, does not derive key from password, key is already provided, taken from openssl command
openssl enc -aes-128-ecb -nosalt -k 'myPassword' -a -pbkdf2 -md sha1 -p- This is just using https://github.com/bricke/Qt-AES
all in single procedure
Best,
Marek -
-
As I said - your code isn't very readable. Please provide one example, no classes, nothing around so we can actually compile it here.
-
As I said - your code isn't very readable. Please provide one example, no classes, nothing around so we can actually compile it here.
@Christian-Ehrlicher ok just a minute
best,
Marek -
in terms of adding '\0'
I think echo command has a switch -n which tells whether to add \n to the end of the string, I tried both optionsAs I understand this should give the same result as openssl command since it is using key taken from openssl command
$ echo "letmein" |openssl enc -aes-128-ecb -nosalt -k 'myPassword' -a -pbkdf2 -md sha1 -p key=580D5BAA02014A40B0E30C6E82B60EA5 iZ5IdMK9pkAg0HRF38mHNQ== $ echo -en "letmein" |openssl enc -aes-128-ecb -nosalt -k 'myPassword' -a -pbkdf2 -md sha1 -p key=580D5BAA02014A40B0E30C6E82B60EA5 1mt3AKZ9fpLCgLIlPIOkHA==void EncryptMgr::opensslShort() { qDebug()<<"BEGIN openssl"; /* A 128 bit key */ unsigned char *key = (unsigned char *)"580D5BAA02014A40B0E30C6E82B60EA5"; /* Message to be encrypted */ unsigned char *plaintext = (unsigned char *)"letmein"; /* Buffer for ciphertext. Ensure the buffer is long enough for the * ciphertext which may be longer than the plaintext, dependant on the * algorithm and mode */ unsigned char ciphertext[128]; int ciphertext_len; int len; int plaintext_len=strlen ((char *)plaintext); EVP_CIPHER_CTX *ctx; /* Initialise the library */ ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); OPENSSL_config(NULL); /* Encrypt the plaintext */ if(!(ctx = EVP_CIPHER_CTX_new())) qDebug()<<"some errors"; /* Initialise the encryption operation. IMPORTANT - ensure you use a key * In this example we are using 128 bit AES (i.e. a 128 bit key). */ if(1 != EVP_EncryptInit_ex(ctx, EVP_aes_128_ecb(), NULL, key,NULL)) qDebug()<<"some errors"; /* Provide the message to be encrypted, and obtain the encrypted output. * EVP_EncryptUpdate can be called multiple times if necessary */ if(1 != EVP_EncryptUpdate(ctx, ciphertext, &len, plaintext, plaintext_len)) qDebug()<<"some errors"; ciphertext_len = len; /* Finalise the encryption. Further ciphertext bytes may be written at * this stage. */ if(1 != EVP_EncryptFinal_ex(ctx, ciphertext + len, &len)) handleErrors(); ciphertext_len += len; /* Do something useful with the ciphertext here */ QByteArray arr; for(int i=0;i<ciphertext_len;i++) { arr[i]=ciphertext[i]; } QByteArray str_cipher=QByteArray::fromRawData(reinterpret_cast<char*>(ciphertext), ciphertext_len); qDebug()<<"EncryptMgr::openssl str_cipher:"<<str_cipher.toBase64()<<" second method:"<<arr.toBase64()<<" len:"<<ciphertext_len; EVP_CIPHER_CTX_free(ctx); /* Clean up */ EVP_cleanup(); ERR_free_strings(); }Best,
Marek -
This is a minimal example which also prints out the same as the command line:
auto ciphertext = reinterpret_cast<const unsigned char*>("letmein"); const int c_len = strlen(reinterpret_cast<const char*>(ciphertext)); int f_len1 = 0; int f_len2 = 0; auto keyIn = reinterpret_cast<const unsigned char*>("myPassword"); int k_len = strlen(reinterpret_cast<const char*>(keyIn)); unsigned char keyOut1[16]; PKCS5_PBKDF2_HMAC_SHA1("myPassword", k_len, nullptr, 0, 5, sizeof(keyOut1), keyOut1); EVP_CIPHER_CTX* e = EVP_CIPHER_CTX_new(); EVP_CIPHER_CTX_init(e); EVP_EncryptInit_ex(e, EVP_aes_128_ecb(), nullptr, keyOut1, nullptr); std::vector<unsigned char> dataOut(c_len + EVP_CIPHER_CTX_block_size(e)); EVP_EncryptUpdate(e, dataOut.data(), &f_len1, ciphertext, c_len); EVP_EncryptFinal_ex(e, dataOut.data() + f_len1, &f_len2); EVP_CIPHER_CTX_free(e); qDebug() << QByteArray::fromRawData(reinterpret_cast<char*>(dataOut.data()), f_len1 + f_len2).toBase64();--> "iwY4XIcGLATKRyyP+n377w=="
enc_test$ echo -en "letmein" |openssl enc -aes-128-ecb -nosalt -k 'myPassword' -a -iter 5 -md sha1 iwY4XIcGLATKRyyP+n377w== -
This is a minimal example which also prints out the same as the command line:
auto ciphertext = reinterpret_cast<const unsigned char*>("letmein"); const int c_len = strlen(reinterpret_cast<const char*>(ciphertext)); int f_len1 = 0; int f_len2 = 0; auto keyIn = reinterpret_cast<const unsigned char*>("myPassword"); int k_len = strlen(reinterpret_cast<const char*>(keyIn)); unsigned char keyOut1[16]; PKCS5_PBKDF2_HMAC_SHA1("myPassword", k_len, nullptr, 0, 5, sizeof(keyOut1), keyOut1); EVP_CIPHER_CTX* e = EVP_CIPHER_CTX_new(); EVP_CIPHER_CTX_init(e); EVP_EncryptInit_ex(e, EVP_aes_128_ecb(), nullptr, keyOut1, nullptr); std::vector<unsigned char> dataOut(c_len + EVP_CIPHER_CTX_block_size(e)); EVP_EncryptUpdate(e, dataOut.data(), &f_len1, ciphertext, c_len); EVP_EncryptFinal_ex(e, dataOut.data() + f_len1, &f_len2); EVP_CIPHER_CTX_free(e); qDebug() << QByteArray::fromRawData(reinterpret_cast<char*>(dataOut.data()), f_len1 + f_len2).toBase64();--> "iwY4XIcGLATKRyyP+n377w=="
enc_test$ echo -en "letmein" |openssl enc -aes-128-ecb -nosalt -k 'myPassword' -a -iter 5 -md sha1 iwY4XIcGLATKRyyP+n377w==@Christian-Ehrlicher Thanks man, this works for me ;)
When I find some time I try to find bug in my code.Best Regards,
Marek
