Why is my decrypted data formatted like this?

Question

I am currently working on a side project to learn how to use Crypto++ for encryption/decryption. For testing my project I was given the following values to help setup and validate that my project is working:

original string: "100000"
encrypted value: "f3q2PYciHlwmS0S1NFpIdA=="
key and iv: empty byte array
key size: 24 bytes
iv size: 16 bytes

The project runs and decrypts the encrypted value okay, but instead of returning

"100000"

it returns

"1 0 0 0 0 0 "

where each space is really "\0". Here is my minimal code that I use for decryption:

#include "modes.h"
#include "aes.h"
#include "base64.h"

using namespace CryptoPP;

void main()
{
    string strEncoded = "f3q2PYciHlwmS0S1NFpIdA==";
    string strDecrypted;
    string strDecoded;
    byte abKey[24];
    byte abIV[AES::BLOCKSIZE];

    memset(abKey, 0, sizeof(abKey));
    memset(abIV, 0, AES::BLOCKSIZE);

    AES::Decryption cAESDecryption(abKey, sizeof(abKey));
    CBC_Mode_ExternalCipher::Decryption cCBCDecryption(cAESDecryption, abIV);

    StringSource(strEncoded, true, new Base64Decoder(new StringSink(strDecoded)));

    StreamTransformationFilter cDecryptor(cCBCDecryption, new StringSink(strDecrypted));
    cDecryptor.Put(reinterpret_cast<const byte*>(strDecoded.c_str()), strDecoded.size());
    cDecryptor.MessageEnd();
}

I am okay with using the decrypted value as is, but what I need help understanding is why the decrypted value is showing "1 0 0 0 0 0 " instead of "100000"? By the way, this is built in VS2005 as a Windows Console Application with Crypto++ as a static library and I am using Debug mode to look at the values.

Answer 1

Add a strHex string, and add the following line after you decrypt the text:

StringSource ss2(strDecrypted, true, new HexEncoder(new StringSink(strHex)));
cout << strHex << endl;

You should see something similar to:

$ ./cryptopp-test.exe
310030003000300030003000

As @Maarten said, it looks like UTF-16 LE without the BOM. My guess is the sample was created in .Net, and they are asking you to decrypt in C++/Crypto++. I'm guessing .Net because its UTF-16 and little endian, while Java is UTF-16 and big endian by default (IIRC).

You could also ask that they provide you with strings produced by getBytes(Encoding.UTF8). That will side step the issue, too.

So the value in strDecrypted is not a std::string. Its just a binary string (a.k.a a Rope) that needs to be converted. For the conversion to UTF-8 (or other narrow character set), I believe you can use iconv. libiconv is built into GNU Linux's GLIBC (IIRC), and it can be found in the lib directory of the BSDs.

If you are on Windows, then use WideCharToMultiByte function.

Answer 2

It's very probably just text that is encoded using the UTF-16LE or UCS-2LE character-encoding, apparently without Byte Order Mark (BOM). So to display the text you have to decode it first.