suculent / thinx-aes-lib

AES wrapper for ESP8266/ESP32/Arduino/nRF5x
Other
118 stars 37 forks source link

NodeJS and Arduino Uno ciphertext outputs are different #56

Closed digidhamu closed 3 years ago

digidhamu commented 3 years ago

I could see different AES ciphertext output between NodeJS and Arduino Lib as below. Hence, I could not decrypt in NodeJS from Arduino Uno sent via Serial port. Also, noted that Arduino Uno output is not as per base64 encoding.

Example used

Arduino Uno NodeJS

Arduino Uno R3 ciphertext Output

HJ2ByKbDloQ9YPZBhsuI8lh90,9EaDf93mAOpSwPs=

NodeJS ciphertext Output

HJ2ByKbDloQ9YPZBhsuI8pwQNPFhbUu7k3Vfr+kOsGQ=

Is there anything I am doing wrong here?

suculent commented 3 years ago

I'll look at it, once I'll have working Arduino. I have found two Nanos/328P but they don't seem to work in latest Arduino IDE/Big Sur. I have an Uno somewhere, but couldn't find it today.

The NodeJS output is apparently OK, the Arduino block has broken Base64. The question is, what happened there.

Trying on ESP8266 the simple.ino encrypted output is:

HJ2ByKbDloQ9YPZBhsuI8lh9dkyy9EaDf93mAOpSwPs=

Are you sure there's no baudrate or serial setting mismatch somewhere? This seems like a communication issue, as those B64 strings have same beginnings and ends – therefore must have been calculated from same encrypted data.

digidhamu commented 3 years ago

I'll look at it, once I'll have working Arduino. I have found two Nanos/328P but they don't seem to work in latest Arduino IDE/Big Sur. I have an Uno somewhere, but couldn't find it today.

The NodeJS output is apparently OK, the Arduino block has broken Base64. The question is, what happened there.

Trying on ESP8266 the simple.ino encrypted output is:

HJ2ByKbDloQ9YPZBhsuI8lh9dkyy9EaDf93mAOpSwPs=

Are you sure there's no baudrate or serial setting mismatch somewhere? This seems like a communication issue, as those B64 strings have same beginnings and ends – therefore must have been calculated from same encrypted data.

I have double checked serial baudrate, both source and target are the same and I have validated from other text too. Also, note that this text HJ2ByKbDloQ9YPZBhsuI8lh90�,9EaDf93mAOpSwPs= is copied from Arduino serial monitor not on the target system.

suculent commented 3 years ago

Exactly, my ESP returns the string without �, part on the serial monitor. I'll have to test that on Arduino as soon as possible.

suculent commented 3 years ago

Answer to your question is PADDING.

The NodeJS example does not use CMS padding:

var ebytes = CryptoJS.AES.encrypt( message, key, {
    iv: iv,
    mode: CryptoJS.mode.CBC,
    padding: CryptoJS.pad.ZeroPadding
});

...while the Simple Example for Arduino has it:

enum class paddingMode {
CMS, // <---------------------- = (paddingMode)0
Bit,
ZeroLength,
Null,
Space,
Random,
Array
};