4. QCA problems when decrypting data from php

QCA problems when decrypting data from php


  • I am encrypting data from php and store the data to my db here is the function i use to crypt in php

    function encrypt($data, $key, $iv)
{

    return openssl_encrypt(
    $data,
    'AES-256-CBC',
    $key,
    0,
    $iv
    );

}
// Here is how i use it
$email = encrypt($email, $key, $iv);
// iv is a 124 character long string generated randomly with a-zA-Z0-9 chars

    Now when i get the data back from the database on my Qt app here is what i get

    Name: £»]
Email:  HþÔ7Þ†Ç`}3™b­­_$ßïóøb2Û]Å
// Some chars are not visible

    This is what i am supposed to decrypt so i retrieve the iv from the database and use the unhashed password the user did input to decrypt

    QString KLogin::decrypt(QString data, QString key, QString iv)
{
    // Data = the encrypted input (i loop threw the values to decrypt), key = user password, IV = what i received from the db earlier
    QCA::Initializer init;

    QByteArray get;
    QCA::SecureArray secured;

    QByteArray temp = key.toLatin1();
    QCA::SymmetricKey pass = QCA::SymmetricKey(temp);


    temp = iv.toLatin1();
    QCA::InitializationVector iv_f = QCA::InitializationVector(temp);

    temp = data.toLatin1();
    secured = temp;

    QCA::Cipher bf(QString("aes256"), QCA::Cipher::CBC, QCA::Cipher::NoPadding , QCA::Decode, pass, iv_f);

    get = bf.process(secured).toByteArray();

    QString decrypted = get;

    return decrypted;

}

    I know my code is very dirty i apologize, i have been trying stuff for 5hours, and i tried to look up for the doc, but the doc i found is not really helpful...
    I'm sure i'm getting the right data since i have some std::cout set to output values and here is what i get

    IV value = 8lfSciaaaW1ZttTgWn4E616VsXnmEsUMOaE1sPbDLcCeFvvCTzgZBnU3lipZLkMzurBWgMA1YcgEHLgBlxAWVv0hOpgzK29etKbKxLLwX1aFNrg8ZR4Vn4cbutLe
Key value = kosta
Data balue = £»] // Some stuff doesn't show on the website but i have the weird characters in my console.

    Weird thing is that on the decryption output if i change QCA::Cypher::DefaultPadding i get nothing and with NoPadding i get �v-P����2��a�R]l.com � � you can notice the l.com with is obviously a part of my email address. Would you have an idea on how to fix this ? If you do not want to waste your time but you do know where to find useful documentation i would love to see it!

    [EDIT]
    Just a quick edit to say that i already tried and yes aes256 is working

    0
  • Lifetime Qt Champion

    Hi,

    First thing to do: use only QByteArrays, QString stores data in UTF-16 so you are doing useless and maybe disruptive conversions.

    0 1 Reply

  • @SGaist The problem is, when i try to input QByteArray to my data base without any type cast, nothing appears in my db and when i do typecast to QString i get some weird text popping out and some empty fields

    0
  • Lifetime Qt Champion

    Since I don't know how you are communicating with your database nor how it's setup I can't help more.

    0
Log in to reply