Closed ZJouba closed 1 year ago
What type of padding do you use on Cyberchef? The zero padding might not be a default there.
Also, having same key and IV is a security hole.
M.
On 4. 10. 2021, at 8:15, Zack @.***> wrote:
Hi, I'm not sure what I'm doing wrong - hopefully you can help me. I'm trying to encrypt some location data and if I compare the encrypted string to one that I generated on Cyberchef, only some of it matches.
So my payload looks like this: {"sn":"123456789012345","lat": 00.000000, "long": 00.000000, "batt": 99}
And my code, sans my aes key variable aes_key[] and my iv variables aes_iv[16], enc_iv[16] and env_iv_to[16] which are all the same.
char *payload = new char[74](); // = {"sn":"123456789012345","lat": 00.000000, "long": 00.000000, "batt": 99}
unsigned char cleartext[73] = {0}; unsigned char ciphertext[108] = {0};
void aes_init() { aesLib.gen_iv(aes_iv); aesLib.set_paddingmode((paddingMode)0); }
uint16_t encrypt(char msg, uint16_t msgLen, byte iv[]) { return aesLib.encrypt((byte)msg, msgLen, (char*)ciphertext, aes_key, sizeof(aes_key), iv); }
... sprintf((char)cleartext, "%s", payload);
memcpy(enc_iv, enc_iv_to, sizeof(enc_iv_to)); uint16_t msgLen = strlen(payload); uint16_t encLen = encrypt((char)cleartext, msgLen, enc_iv); Serial.println((char*)ciphertext); //This does not match what I get in Cyberchef ... When we compare the Cyberchef output to the decrypted output: RE4oy42RMF9Qi5LqDkYNagu29yC+bJeR+U+G8qgirKtxDgtfRDB8nhaqyL+SvxAaBiY6Q1UYSpOj1JgB/euQiwa0ttf97q1ZUCeevpiPPYY= RE4oy42RMF9Qi5LqDkYNagu29yC+bJeR+U+G8qgirKtxDgtfRDB8nhaqyL+SvxAaBiY6Q1UYSpOj1JgB/euQixUJ9ozCjccY+bDC"0 Hope to hear from you soon Thanks— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or unsubscribe.
Hey M, thanks for the reply.
There is no padding option on Cyberchef.
I get the same thing on Cyberchef that I do on Cryptii following this method:
Text -> Block Cipher (AES-128 CBC)-> Bytes -> Base64 -> Text
Also, sorry about the confusion - I meant aes_key[]
is one thing i.e. mysupersecretkey converted to hex like so:
0x6d,0x79,0x73,0x75,0x70,0x65,0x72,0x73,0x65,0x63,0x72,0x65,0x74,0x6b,0x65,0x79
And aes_iv[16], enc_iv[16] and env_iv_to[16]
are all the same i.e. mysupersecretiv! converted to hex like so:
0x6d,0x79,0x73,0x75,0x70,0x65,0x72,0x73,0x65,0x63,0x72,0x65,0x74,0x69,0x76,0x21
Well, I think that Cryptii uses OAEP padding by default, if I remember that correctly. Check closed issues please.
On 4. 10. 2021, at 13:03, Zack @.***> wrote:
Hey M, thanks for the reply.
I get the same thing on Cyberchef that I do on Cryptii following this method: Text -> Block Cipher (AES-128 CBC)-> Bytes -> Base64 -> Text
Also, sorry about the confusion - I meant aes_key[] is one thing i.e. mysupersecretkey converted to hex like so: 0x6d,0x79,0x73,0x75,0x70,0x65,0x72,0x73,0x65,0x63,0x72,0x65,0x74,0x6b,0x65,0x79 And aes_iv[16], enc_iv[16] and env_iv_to[16] are all the same i.e. mysupersecretiv! converted to hex like so: 0x6d,0x79,0x73,0x75,0x70,0x65,0x72,0x73,0x65,0x63,0x72,0x65,0x74,0x69,0x76,0x21
— You are receiving this because you commented. Reply to this email directly, view it on GitHub, or unsubscribe.
Is uint16_t msgLen = sizeof(payload);
supposed to be 2?
I played around manually with the msgLen parameter and found that 77 gives me a decryptable output i.e.:
uint16_t encLen = encrypt((char*)cleartext, 77, enc_iv);
The only strange thing is that the output has some appended .
but I think that is just the padding? So my issue wat the msgLen parameter. Still not sure what it's supposed to be
Sorry, you've probably discovered this but msgLen in encrypt should be strlen of encrypted string. In decrypt it is size of the buffer (e.g. decoded base64).
Hi, I'm not sure what I'm doing wrong - hopefully you can help me. I'm trying to encrypt some location data and if I compare the encrypted string to one that I generated on Cyberchef, only some of it matches.
So my payload looks like this:
{"sn":"123456789012345","lat": 00.000000, "long": 00.000000, "batt": 99}
And my code, sans my aes key variable
aes_key[]
and my iv variablesaes_iv[16], enc_iv[16] and env_iv_to[16]
which are all the same.When we compare the Cyberchef output to the decrypted output: RE4oy42RMF9Qi5LqDkYNagu29yC+bJeR+U+G8qgirKtxDgtfRDB8nhaqyL+SvxAaBiY6Q1UYSpOj1JgB/euQiwa0ttf97q1ZUCeevpiPPYY= RE4oy42RMF9Qi5LqDkYNagu29yC+bJeR+U+G8qgirKtxDgtfRDB8nhaqyL+SvxAaBiY6Q1UYSpOj1JgB/euQixUJ9ozCjccY+bDC"0 Hope to hear from you soon Thanks