search

rweather / arduinolibs

Arduino Cryptography Library
444 stars 212 forks source link

AES-256-ECB encryption/decryption with Arduino <-> PHP openssl #44

Open marcelsatgithub opened 5 years ago

marcelsatgithub commented 5 years ago

Hello,

I want to exchange data from the Arduino via HTTP with a PHP script and encrypt it via AES-256-ECB.

I use the "arduino cryptography library" and would use base64 encode for the transfer. PHP is running on the server and I use openssl there.

The problem now is that it working on both sides of the encryption, but the encryption is not compatible. As if both sides were encrypting with another key.

I would also choose a different encryption type, but would like to renounce RC4.

Does anyone have any suggestions?

ARDUINO

include

include

include

include //https://github.com/Densaugeo/base64_arduino

AES256 aes256;

byte buffer[16]; byte buffer2[16];

void setup() { Serial.begin(115200);

BlockCipher *cipher = &aes256;

// Planetext String message = "Hello my World!!"; byte plaintext[message.length()]; message.getBytes(plaintext, message.length());

// Key (def. by byte or char change also the result!) / char keyc[32] = "12345678123456781234567812345678"; byte key[32]; //keyc.getBytes(key, keyc.length()); for (int i = 0; i<=32; i++) { key[i] = keyc[i]; } / byte key[32] = {1,2,3,4,5,6,7,8,1,2,3,4,5,6,7,8,1,2,3,4,5,6,7,8,1,2,3,4,5,6,7,8};

// Encrypt AES-256-ECB crypto_feed_watchdog(); cipher->setKey(key, 32); cipher->encryptBlock(buffer, plaintext); Serial.print("Original: "); Serial.println((char*)plaintext);

// Base64 encode int inputStringLength = sizeof(buffer); int encodedLength = Base64.encodedLength(inputStringLength); char encodedString[encodedLength]; Base64.encode(encodedString, (char*)buffer, inputStringLength); Serial.print("Base64 : "); Serial.println(encodedString);

// Base64 decode int inputDeStringLength = sizeof(encodedString); int decodedLength = Base64.decodedLength(encodedString, inputDeStringLength); char decodedString[decodedLength]; Base64.decode(decodedString, encodedString, inputDeStringLength);

// Decrypt AES-256-ECB cipher->setKey(key, 32); cipher->decryptBlock(buffer2, decodedString); Serial.print("Output: "); Serial.println((char*)buffer2); }

void loop() { }

OUTPUT

Original: Hello my World! Base64 : e0Ha5Ogb3G//dqxArUU4TA== Output: Hello my World!

PHP openssl

$method = 'AES-256-ECB'; $kkey = '12345678123456781234567812345678';

$str = 'Hello my World!'; $encrypted = base64_encode(openssl_encrypt($str, $method, $kkey, OPENSSL_RAW_DATA)); echo $encrypted;

// decode //$encrypted = "e0Ha5Ogb3G//dqxArUU4TA=="; // return nothing $encrypted = base64_decode($encrypted); echo $decryptedData = openssl_decrypt($encrypted, $method, $kkey, OPENSSL_RAW_DATA, "");

OUTPUT

YNmK+4p1TNJFY3ZhEC1CRw==Hello my World!

Thanks Marcel

marcelsatgithub commented 5 years ago

1. Key generate by: char keyc[32] = "12345678123456781234567812345678"; byte key[32]; for (int i = 0; i<=32; i++) { key[i] = keyc[i]; }

2. Use not openssl but http://phpaes.com/index.php#encrypt

  1. it will be run:

-- Start -- Execution time to encrypt: 0.00089192390441895 seconds Cipher-Text: Qh���ה�6��) ~*v Hex: 5168f8a0b6d794fb36b0e429097e2a76 Base 64: UWj4oLbXlPs2sOQpCX4qdg==

Execution time to decrypt: 0.00084090232849121 seconds Decrypted-Text: Hello my World! -- End --