Qt + OpenSSL & EVP_DecryptFinal_ex error bad decrypt
-
Hey guys!
I try to use OpenSSL to decode an AES 128 CBC string for some time. Since i'm running out of ideas i really could use some help here. After creating a test app i always run into some decrypt errors i can't figure out how to fix.
After hours looking for some (working and not outdated) code examples and trying to find my mistake, i appreciate any input / help here.
#define KEYSIZE 32 #define IVSIZE 32 #define BLOCKSIZE 128 #define PADDING RSA_PKCS1_PADDING #define AES_BLOCK_SIZE 16 AES::AES(QWidget *parent) : QMainWindow(parent), ui(new Ui::AES) { ui->setupUi(this); ERR_load_EVP_strings(); ERR_load_CRYPTO_strings(); OpenSSL_add_all_digests(); OpenSSL_add_all_algorithms(); OPENSSL_config(NULL); } AES::~AES() { EVP_cleanup(); ERR_free_strings(); delete ui; } QByteArray AES::decryptAES(QString user_key, QString user_data) { // QByteArray data_base64 = user_data.toLatin1(); QByteArray data = QByteArray::fromBase64(user_data.toLatin1()); QByteArray iv1 = data.left(16).toHex(); QByteArray key1 = QByteArray(QCryptographicHash::hash(user_key.toLatin1(), QCryptographicHash::Md5).toHex()); // qDebug() << "data_base64: " << data_base64 << "len: " << data_base64.length(); qDebug() << "data: " << data << "len: " << data.length(); qDebug() << "iv1: " << iv1 << "len: " << iv1.length(); qDebug() << "key1: " << key1 << "len: " << key1.length(); unsigned char key[KEYSIZE]; unsigned char iv[IVSIZE]; memcpy(key, key1.data(), key1.size()); memcpy(iv, iv1.data(), iv1.size()); EVP_CIPHER_CTX *de = EVP_CIPHER_CTX_new(); EVP_CIPHER_CTX_init(de); if(!EVP_DecryptInit_ex(de, EVP_aes_128_cbc(), NULL, key, iv)) { qCritical() << "EVP_DecryptInit_ex() failed" << ERR_error_string(ERR_get_error(), NULL); return QByteArray(); } char *input = data.data(); int len = data.size(); int p_len = len, f_len = 0; unsigned char *plaintext = (unsigned char *)malloc(p_len + AES_BLOCK_SIZE); if(!EVP_DecryptUpdate(de, plaintext, &p_len, (unsigned char *)input, len)) { qCritical() << "EVP_DecryptUpdate() failed " << ERR_error_string(ERR_get_error(), NULL); free(plaintext); return QByteArray(); } if(!EVP_DecryptFinal_ex(de, plaintext + p_len, &f_len)) { qCritical() << "EVP_DecryptFinal_ex() failed " << ERR_error_string(ERR_get_error(), NULL); free(plaintext); return QByteArray(); } len = p_len + f_len; EVP_CIPHER_CTX_cleanup(de); QByteArray decrypted = QByteArray(reinterpret_cast<char*>(plaintext), len); free(plaintext); qDebug() << "decrypted: " << decrypted; return decrypted; } void AES::on_button_decrypt_clicked() { QByteArray in_enc_line; in_enc_line.append(ui->line_encrypted->text()); QByteArray in_key_line; in_key_line.append(ui->line_key->text()); if(!in_enc_line.isEmpty() || !in_key_line.isEmpty()) { ui->line_decrypted->setText(QString::fromLatin1(decryptAES(ui->line_key->text(), ui->line_encrypted->text()))); } } void AES::on_line_key_textChanged(const QString &arg1) { QString key_md5 = QString(QCryptographicHash::hash(arg1.toLatin1(), QCryptographicHash::Md5).toHex()); ui->label_md5->setText(key_md5); } void AES::on_line_encrypted_textChanged(const QString &arg1) { ui->label_base64->setText(QString::fromLatin1(QByteArray::fromBase64(arg1.toLatin1()))); ui->label_iv->setText(QString::fromLatin1(arg1.toLatin1().left(16).toHex())); }Everything seems to work but i always end up with EVP_DecryptFinal_ex:bad decrypt. Where did i miss something?
Thanks!
-
Anyone? :(
I'm playing around with OpenSSL and EVP for some time now but it seems i still don't get it.
Even a small hind would be nice :)
-
I wonder if there is some one out there using OpenSSL EVP + Qt successfully? Most of the examples are outdated and not working. And if i ask, i always hear: try something else, it is better.
-
Hi,
Did you got the OpenSSL part working without Qt ?
What examples are you referring to ?
-
Hi SGaist!
I'm using
vh/0fb1R3awZqWeKpYDqlCafaRS7s49EIAPBmZXKgLo=for testing. The encoded string ist "this is a test". My key is "test" (md5).
echo vh/0fb1R3awZqWeKpYDqlCafaRS7s49EIAPBmZXKgLo= | openssl.exe enc -d -a -A -aes-128-cbc -iv be1ff47dbd51ddac19a9678aa580ea94 -K 098f6bcd4621d373cade4e832627b4f6This works, it gets decrypted as expected like:
YÈ])-EÖºà¯ÌSå+£gthis is a testIn my code i get a bad decrypt. I did google a lot about what may the problem. I did test and try other OpenSSL versions as well. The only think i did not try yet, is building OpenSSL myself but i'm not sure if this makes any difference.
Thanks!
-
There's no need to build your own version of OpenSSL,. My question was rather: did you got EVP API working without using Qt at all ?
-
Like in Visual Studio? No. Since i plan to use it in Qt i started here.
-
No, I mean, just using plain C with char arrays etc.
-
No, i did not.
-
Then you should start by doing that. Ensure that you get it working correctly with the raw API and then you can start integrating it your GUI application.
-
OK, so no one got it working in Qt yet.
Thanks.
-
@qDebug said in Qt + OpenSSL & EVP_DecryptFinal_ex error bad decrypt:
OK, so no one got it working in Qt yet.
How do you know?
-
This is my superpower, i can tell.
I'm right as long as some one proves me wrong ;-)
