Qt + OpenSSL & EVP_DecryptFinal_ex error bad decrypt



  • Hey guys!

    I try to use OpenSSL to decode an AES 128 CBC string for some time. Since i'm running out of ideas i really could use some help here. After creating a test app i always run into some decrypt errors i can't figure out how to fix.

    After hours looking for some (working and not outdated) code examples and trying to find my mistake, i appreciate any input / help here.

    #define KEYSIZE 32
    #define IVSIZE 32
    #define BLOCKSIZE 128
    #define PADDING RSA_PKCS1_PADDING
    #define AES_BLOCK_SIZE 16
    
    AES::AES(QWidget *parent) : QMainWindow(parent), ui(new Ui::AES)
    {
        ui->setupUi(this);
    
        ERR_load_EVP_strings();
        ERR_load_CRYPTO_strings();
        OpenSSL_add_all_digests();
        OpenSSL_add_all_algorithms();
        OPENSSL_config(NULL);
    }
    
    AES::~AES()
    {
        EVP_cleanup();
        ERR_free_strings();
    
        delete ui;
    }
    
    QByteArray AES::decryptAES(QString user_key, QString user_data)
    {
        // QByteArray data_base64 = user_data.toLatin1();
        QByteArray data = QByteArray::fromBase64(user_data.toLatin1());
        QByteArray iv1 = data.left(16).toHex();
        QByteArray key1 = QByteArray(QCryptographicHash::hash(user_key.toLatin1(), QCryptographicHash::Md5).toHex());
    
        // qDebug() << "data_base64: " << data_base64 << "len: " << data_base64.length();
        qDebug() << "data: " << data << "len: " << data.length();
        qDebug() << "iv1: " << iv1 << "len: " << iv1.length();
        qDebug() << "key1: " << key1 << "len: " << key1.length();
    
        unsigned char key[KEYSIZE];
        unsigned char iv[IVSIZE];
    
        memcpy(key, key1.data(), key1.size());
        memcpy(iv, iv1.data(), iv1.size());
    
        EVP_CIPHER_CTX *de = EVP_CIPHER_CTX_new();
        EVP_CIPHER_CTX_init(de);
    
        if(!EVP_DecryptInit_ex(de, EVP_aes_128_cbc(), NULL, key, iv))
        {
            qCritical() << "EVP_DecryptInit_ex() failed" << ERR_error_string(ERR_get_error(), NULL);
            return QByteArray();
        }
    
        char *input = data.data();
        int len = data.size();
    
        int p_len = len, f_len = 0;
        unsigned char *plaintext = (unsigned char *)malloc(p_len + AES_BLOCK_SIZE);
    
        if(!EVP_DecryptUpdate(de, plaintext, &p_len, (unsigned char *)input, len))
        {
            qCritical() << "EVP_DecryptUpdate() failed " <<  ERR_error_string(ERR_get_error(), NULL);
            free(plaintext);
            return QByteArray();
        }
    
        if(!EVP_DecryptFinal_ex(de, plaintext + p_len, &f_len))
        {
            qCritical() << "EVP_DecryptFinal_ex() failed " <<  ERR_error_string(ERR_get_error(), NULL);
            free(plaintext);
            return QByteArray();
        }
    
        len = p_len + f_len;
    
        EVP_CIPHER_CTX_cleanup(de);
    
        QByteArray decrypted = QByteArray(reinterpret_cast<char*>(plaintext), len);
        free(plaintext);
    
        qDebug() << "decrypted: " << decrypted;
    
        return decrypted;
    }
    
    void AES::on_button_decrypt_clicked()
    {
        QByteArray in_enc_line;
        in_enc_line.append(ui->line_encrypted->text());
    
        QByteArray in_key_line;
        in_key_line.append(ui->line_key->text());
    
        if(!in_enc_line.isEmpty() || !in_key_line.isEmpty())
        {
            ui->line_decrypted->setText(QString::fromLatin1(decryptAES(ui->line_key->text(), ui->line_encrypted->text())));
        }
    
    }
    
    void AES::on_line_key_textChanged(const QString &arg1)
    {
        QString key_md5 = QString(QCryptographicHash::hash(arg1.toLatin1(), QCryptographicHash::Md5).toHex());
        ui->label_md5->setText(key_md5);
    }
    
    void AES::on_line_encrypted_textChanged(const QString &arg1)
    {
        ui->label_base64->setText(QString::fromLatin1(QByteArray::fromBase64(arg1.toLatin1())));
        ui->label_iv->setText(QString::fromLatin1(arg1.toLatin1().left(16).toHex()));
    }
    

    Everything seems to work but i always end up with EVP_DecryptFinal_ex:bad decrypt. Where did i miss something?

    Thanks!



  • Anyone? :(

    I'm playing around with OpenSSL and EVP for some time now but it seems i still don't get it.

    Even a small hind would be nice :)



  • I wonder if there is some one out there using OpenSSL EVP + Qt successfully? Most of the examples are outdated and not working. And if i ask, i always hear: try something else, it is better.


  • Lifetime Qt Champion

    Hi,

    Did you got the OpenSSL part working without Qt ?
    What examples are you referring to ?



  • Hi SGaist!

    I'm using

    vh/0fb1R3awZqWeKpYDqlCafaRS7s49EIAPBmZXKgLo=
    

    for testing. The encoded string ist "this is a test". My key is "test" (md5).

    echo vh/0fb1R3awZqWeKpYDqlCafaRS7s49EIAPBmZXKgLo= | openssl.exe enc -d -a -A -aes-128-cbc -iv be1ff47dbd51ddac19a9678aa580ea94 -K 098f6bcd4621d373cade4e832627b4f6
    

    This works, it gets decrypted as expected like:

    YÈ])-EÖºà¯ÌSå+£gthis is a test
    

    In my code i get a bad decrypt. I did google a lot about what may the problem. I did test and try other OpenSSL versions as well. The only think i did not try yet, is building OpenSSL myself but i'm not sure if this makes any difference.

    Thanks!


  • Lifetime Qt Champion

    There's no need to build your own version of OpenSSL,. My question was rather: did you got EVP API working without using Qt at all ?



  • Like in Visual Studio? No. Since i plan to use it in Qt i started here.


  • Lifetime Qt Champion

    No, I mean, just using plain C with char arrays etc.



  • No, i did not.


  • Lifetime Qt Champion

    Then you should start by doing that. Ensure that you get it working correctly with the raw API and then you can start integrating it your GUI application.



  • OK, so no one got it working in Qt yet.

    Thanks.


  • Moderators

    @qDebug said in Qt + OpenSSL & EVP_DecryptFinal_ex error bad decrypt:

    OK, so no one got it working in Qt yet.

    How do you know?



  • This is my superpower, i can tell.

    I'm right as long as some one proves me wrong ;-)


Log in to reply
 

Looks like your connection to Qt Forum was lost, please wait while we try to reconnect.