CODEWITHSUNDEEP
iphoneopensslaes
Teddy
Teddy

Reputation: 1095

OpenSSL AES256 cbc encrypt

I tried to find a proper example on the Internet for days but did not succeed. I try to encrypt simple string (Hello World) with a key, then to decrypt the result. However the decrypted result has nothing to do with the original text. Can anyone point me to a direction please?

The code I made:

AES_KEY aes_decryptKey;
AES_KEY aes_encryptKey;

const unsigned char mykey[] = {0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa};
unsigned char encrypted ;
unsigned char iv[] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};    
unsigned char decrypted;

AES_set_encrypt_key(mykey, 256, &aes_encryptKey);
AES_set_decrypt_key(mykey, 256, &aes_decryptKey);

const unsigned char original[]  = {0x48,0x65,0x6c,0x6c,0x6f,0x2c,0x77,0x6f,0x72,0x6c,0x64,0x21};

AES_cbc_encrypt(original, &encrypted, sizeof(original), &aes_encryptKey, iv, 0);

AES_decrypt( &encrypted, &decrypted, &aes_decryptKey);

NSLog(@"ORIGINAL: \"%s\"\n",original);
NSLog(@"ENCRYPTED: \"%s\"\n",&encrypted);
NSLog(@"DECRYPTED: \"%s\"\n",&decrypted);

Upvotes: 2

Views: 3683

Answers (2)

Teddy
Teddy

Reputation: 1095

Jim, thanks for your help.

Seems I had to raise a question to find the answer. After struggling many days this is what I came up with:

    unsigned char inbuf[1024]="Hello,world!";
unsigned char encbuf[1024];

unsigned char key32[] = {0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa};
unsigned char deckey32[] = {0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa}
;
unsigned char iv[] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};    
unsigned char deciv[] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};    

AES_KEY aeskey;
AES_KEY aesdeckey;

//Now enrypt
memset(encbuf, 0, sizeof(encbuf));
AES_set_encrypt_key(key32, 32*8, &aeskey);
AES_cbc_encrypt(inbuf, encbuf, 16, &aeskey, iv, AES_ENCRYPT);

//Now decrypt
unsigned char decbuf[1024];
memset(decbuf, 0, sizeof(decbuf));

AES_set_decrypt_key(deckey32, 32*8, &aesdeckey);
AES_cbc_encrypt(encbuf, decbuf, 16, &aesdeckey, deciv, AES_DECRYPT);


//Display the results
NSLog(@"ORIGINAL: \"%s\"\n", inbuf);
NSLog(@"ENCRYPTED: \"%s\"\n", encbuf);
NSLog(@"DECRYPTED: \"%s\"\n", decbuf);

return;

Credits to these guys (after Jim): http://www.mail-archive.com/[email protected]/msg50142.html

The key was to use AES_cbc_encrypt to decrypt.

Upvotes: 1

Jim Flood
Jim Flood

Reputation: 8467

You are decrypting twice -- that last 0 parameter for AES_cbc_encrypt should be a 1 or AES_ENCRYPT.

Also, you are overwriting your encryption and decryption chars, which should instead be arrays big enough to hold the encrypted size of original. Instead of:

unsigned char encrypted;
...
AES_cbc_encrypt(original, &encrypted, ...

use something like:

unsigned char encrypted[32];
...
AES_cbc_encrypt(original, encrypted, ...

And also something like:

unsigned char decrypted[32];
....
AES_decrypt(encrypted, decrypted, &aes_decryptKey);

Check out this link: http://marc.info/?l=openssl-users&m=122919878204439. I can't vouch for it all yet -- I'll come back and edit my answer later when I have time.

Upvotes: 1

Related Questions