search

bricke / Qt-AES

Native Qt AES encryption class
The Unlicense
501 stars 187 forks source link

AES Encryptation Length short in my Qt App. #31

Open RojasHenry opened 4 years ago

RojasHenry commented 4 years ago

Please I have a problem in Qt-AES library, when I encrypt text multiple times in the same app, I get a text encrypted with less characters, and when I desencrypt in other app not desencrypt it.

bricke commented 4 years ago

Hello, can you provide a sample?

RojasHenry commented 4 years ago

Sorry to answer so late. Ok, I am using the following code to test your algorithm because is important for my project that validate in the server.

I overwrote the following function in your code with my code and add a function to debug the result.

I am using a loop to test your code. the code is making a encrypt and after that desencrypt but it has problem

void Log(char text){ time_t t = time(NULL); struct tm tm = localtime(&t); FILE flog; flog=fopen("./log.txt","a"); char string_concat = new char[2048]; sprintf(string_concat,"%s : %s\n",strtok(asctime(tm), "\n"),text); fputs(string_concat,flog); fclose(flog); free(string_concat); }

void AesTest::CBC256StringEvenISO() { for(;;){ QString master = QUuid::createUuid().toString().replace(QString("{"),QString("")).replace(QString("}"),QString("")).trimmed(); QString newkey = master.mid(0,32); //Log(newkey.toLatin1().data()); QString iv = master.right(16); //Log(iv.toLatin1().data());

    //16 byte string
    QString inputStr("CP017904518010019999CC-17226586200605000840");
    QString inputStrH("QU9qb0FNZ3A0M05jd0FjZ2xBM2FNUHZSU0lSdTJVMER");
    /*QString key("0d133c9d-322f-4937-bbac-cb98e649");
    QString iv("bac-cb98e64919f1");

    //QByteArray hashKey = QCryptographicHash::hash(key.toLatin1(), QCryptographicHash::Sha256);
    //QByteArray hashIV = QCryptographicHash::hash(iv.toLatin1(), QCryptographicHash::Md5);

    QByteArray encodeText = encryption.encode(inputStr.toUtf8(), key.toUtf8(), iv.toUtf8());
    QString stringbase64 = QString::fromLatin1(encodeText.data());
    QString s64 = stringbase64.toLatin1().toBase64();

    QByteArray soTHER = QByteArray::fromBase64(stringbase64.toLatin1().toBase64());
    QByteArray decodeText = encryption.decode(soTHER, key.toUtf8(), iv.toUtf8());
    QString decodedString = QString(encryption.removePadding(decodeText));*/

    QByteArray cabecText = QAESEncryption::Crypt(QAESEncryption::AES_256, QAESEncryption::CBC,inputStr.toUtf8(), newkey.toUtf8(), iv.toUtf8(),QAESEncryption::ZERO);
    QString cabecTextbase64 = QString::fromLatin1(cabecText.data());
    QString cabec64 = cabecTextbase64.toLatin1().toBase64();
    int longitudC = cabec64.length();

    QByteArray huellaText = QAESEncryption::Crypt(QAESEncryption::AES_256, QAESEncryption::CBC,inputStrH.toUtf8(), newkey.toUtf8(), iv.toUtf8(),QAESEncryption::ZERO);
    QString huellaTextbase64 = QString::fromLatin1(huellaText.data());
    QString huella64 = huellaTextbase64.toLatin1().toBase64();
    int longitudH = huella64.length();
    QThread::sleep(1);

    if(longitudC >=64 && longitudH >=64){
        QByteArray cabec64Aux = QByteArray::fromBase64(cabec64.toLatin1());
        QByteArray decodeTextAUX = QAESEncryption::Decrypt(QAESEncryption::AES_256, QAESEncryption::CBC,cabec64Aux, newkey.toUtf8(), iv.toUtf8(),QAESEncryption::ZERO);
        QString decodedcabec = QString(QAESEncryption::RemovePadding(decodeTextAUX,QAESEncryption::ZERO));

        QByteArray huella64Aux = QByteArray::fromBase64(huella64.toLatin1());
        QByteArray decodeTextHAux = QAESEncryption::Decrypt(QAESEncryption::AES_256, QAESEncryption::CBC,huella64Aux, newkey.toUtf8(), iv.toUtf8(),QAESEncryption::ZERO);
        QString decodedhuella = QString(QAESEncryption::RemovePadding(decodeTextHAux,QAESEncryption::ZERO));

        int xC = QString::compare(decodedcabec, inputStr, Qt::CaseSensitive);
        int xH = QString::compare(decodedhuella, inputStrH, Qt::CaseSensitive);

        if(xC == 0 && xH == 0){
            Log("Success with decoding");
        }else{
            Log("Decoding error");
        }
    }else{
        Log("Error size String 64");
    }
}

} --------------------Result File ---------------------------- image

bricke commented 4 years ago

I wonder if converting from QString to QByteArray you lose the terminating char that is at the end of the QString? So maybe something gets lost somewhere in those conversions?

RojasHenry commented 4 years ago

it could be, but in this case sometimes work and sometimes doesn't work. Maybe another solution or suggestion please.

bricke commented 4 years ago

My suggestion would be to remove all QStrings and only use QByteArrays, something is happening between conversions, trims and removal of padding. If it happens only sometimes, that would be my first guess. Please remember that this is in no way audited and ready for a production environment.

RojasHenry commented 4 years ago

ok, thanks for your suggestions, maybe you know any library to AES 256 instead of your example more trusty for a production environment please.

bricke commented 4 years ago

openssl