M2Crypto's AES key

Question

I use this code to encrypt plist file ,but I found whatever the key is, the value through AES would not change, can someone help me ?

import hashlib
import os
import subprocess
from M2Crypto import EVP

proj_dir = os.path.abspath(os.path.join(os.path.dirname(__file__), '../'))

def encrypt_plist(source_dir, name):
    source_file = os.path.join(source_dir, name+'.plist')
    target_file = os.path.join(source_dir, name)
    hash_file = os.path.join(source_dir, name+'.md5')
    tmp_file = os.path.join('/tmp', name+'.plist')
    assert os.path.isfile(source_file)
    assert not os.path.isfile(tmp_file), 'Cannot create %s which should be removed first' % tmp_file
    subprocess.check_call(["cp", source_file, tmp_file])
    subprocess.check_call(["plutil", '-convert', 'binary1', tmp_file])
    cipher = EVP.Cipher(alg='aes_256_cbc',
                key='\x00System/Library/Frameworks/GameKit.framework/GameK',
                iv=chr(0)*32,
                op=1) # 1:encode 0:decode
    m = hashlib.md5()
    with open(tmp_file, 'rb') as source:
        with open(target_file, 'wb') as target:
            while True:
                buf = source.read()
                if not buf:
                    break
                target.write(cipher.update(buf))
                m.update(buf)
            target.write(cipher.final())
    subprocess.check_call(["rm", tmp_file])
    content_hash = m.hexdigest().upper()
    try:
        with open(hash_file, 'r') as _hash:
            if _hash.read() == content_hash:
                return
    except IOError:
        pass
    with open(hash_file, 'w') as _hash:
        _hash.write(content_hash)
    print ' ', target_file, 'changed\n\tmd5:', content_hash

Answer 1

The key you are referring to here is probably not a file but a character string:

key='\x00System/Library/Frameworks/GameKit.framework/GameK',

Unfortunately keys are not strings, the are defined as bits, normally represented by a fixed length array of bytes.

Some libraries make it "easier" by incorrectly accept anything as a key instead of rejecting anything that is not an array of bytes of the correct length. Common strategies are adding zero valued bytes or disregarding any spurious bytes at the end. I presume you just changed the end of the string above, which is the part that was discarded anyway.

Now, to encrypt anything correctly, please make a AES 128, 192 or 256 bit key consisting of random bytes and use that (possibly encoding it in hexadecimals). Then use a random IV as well (16 bytes, the block size of AES). If you require to use a secret string or password, please use PBKDF2 to derive the key from a password (with a 64 bit random salt and a high number of iterations).