search

suculent / thinx-aes-lib

AES wrapper for ESP8266/ESP32/Arduino/nRF5x
Other
113 stars 39 forks source link

Only some of encrypted message correct #61

Closed ZJouba closed 1 year ago

ZJouba commented 2 years ago

Hi, I'm not sure what I'm doing wrong - hopefully you can help me. I'm trying to encrypt some location data and if I compare the encrypted string to one that I generated on Cyberchef, only some of it matches.

So my payload looks like this: {"sn":"123456789012345","lat": 00.000000, "long": 00.000000, "batt": 99}

And my code, sans my aes key variable aes_key[] and my iv variables aes_iv[16], enc_iv[16] and env_iv_to[16] which are all the same.

char *payload = new char[74](); // = {"sn":"123456789012345","lat": 00.000000, "long": 00.000000, "batt": 99}

unsigned char cleartext[74] = {0};
unsigned char ciphertext[108] = {0};

void aes_init() {
  aesLib.gen_iv(aes_iv);
  aesLib.set_paddingmode((paddingMode)0);
}

uint16_t encrypt(char * msg, uint16_t msgLen, byte iv[]) {
  return aesLib.encrypt((byte*)msg, msgLen, (char*)ciphertext, aes_key, sizeof(aes_key), iv);
}

...
sprintf((char*)cleartext, "%s", payload);    
memcpy(enc_iv, enc_iv_to, sizeof(enc_iv_to));
uint16_t msgLen = strlen(payload);
uint16_t encLen = encrypt((char*)cleartext, msgLen, enc_iv);
Serial.println((char*)ciphertext); //This does not match what I get in Cyberchef
...

When we compare the Cyberchef output to the decrypted output: RE4oy42RMF9Qi5LqDkYNagu29yC+bJeR+U+G8qgirKtxDgtfRDB8nhaqyL+SvxAaBiY6Q1UYSpOj1JgB/euQiwa0ttf97q1ZUCeevpiPPYY= RE4oy42RMF9Qi5LqDkYNagu29yC+bJeR+U+G8qgirKtxDgtfRDB8nhaqyL+SvxAaBiY6Q1UYSpOj1JgB/euQixUJ9ozCjccY+bDC"0 Hope to hear from you soon Thanks

suculent commented 2 years ago

What type of padding do you use on Cyberchef? The zero padding might not be a default there.

Also, having same key and IV is a security hole.

M.

On 4. 10. 2021, at 8:15, Zack @.***> wrote:

 Hi, I'm not sure what I'm doing wrong - hopefully you can help me. I'm trying to encrypt some location data and if I compare the encrypted string to one that I generated on Cyberchef, only some of it matches.

So my payload looks like this: {"sn":"123456789012345","lat": 00.000000, "long": 00.000000, "batt": 99}

And my code, sans my aes key variable aes_key[] and my iv variables aes_iv[16], enc_iv[16] and env_iv_to[16] which are all the same.

char *payload = new char[74](); // = {"sn":"123456789012345","lat": 00.000000, "long": 00.000000, "batt": 99}

unsigned char cleartext[73] = {0}; unsigned char ciphertext[108] = {0};

void aes_init() { aesLib.gen_iv(aes_iv); aesLib.set_paddingmode((paddingMode)0); }

uint16_t encrypt(char msg, uint16_t msgLen, byte iv[]) { return aesLib.encrypt((byte)msg, msgLen, (char*)ciphertext, aes_key, sizeof(aes_key), iv); }

... sprintf((char)cleartext, "%s", payload);
memcpy(enc_iv, enc_iv_to, sizeof(enc_iv_to)); uint16_t msgLen = strlen(payload); uint16_t encLen = encrypt((char)cleartext, msgLen, enc_iv); Serial.println((char*)ciphertext); //This does not match what I get in Cyberchef ... When we compare the Cyberchef output to the decrypted output: RE4oy42RMF9Qi5LqDkYNagu29yC+bJeR+U+G8qgirKtxDgtfRDB8nhaqyL+SvxAaBiY6Q1UYSpOj1JgB/euQiwa0ttf97q1ZUCeevpiPPYY= RE4oy42RMF9Qi5LqDkYNagu29yC+bJeR+U+G8qgirKtxDgtfRDB8nhaqyL+SvxAaBiY6Q1UYSpOj1JgB/euQixUJ9ozCjccY+bDC"0 Hope to hear from you soon Thanks

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or unsubscribe.

ZJouba commented 2 years ago

Hey M, thanks for the reply.

There is no padding option on Cyberchef. I get the same thing on Cyberchef that I do on Cryptii following this method: Text -> Block Cipher (AES-128 CBC)-> Bytes -> Base64 -> Text

Also, sorry about the confusion - I meant aes_key[] is one thing i.e. mysupersecretkey converted to hex like so: 0x6d,0x79,0x73,0x75,0x70,0x65,0x72,0x73,0x65,0x63,0x72,0x65,0x74,0x6b,0x65,0x79 And aes_iv[16], enc_iv[16] and env_iv_to[16] are all the same i.e. mysupersecretiv! converted to hex like so: 0x6d,0x79,0x73,0x75,0x70,0x65,0x72,0x73,0x65,0x63,0x72,0x65,0x74,0x69,0x76,0x21

suculent commented 2 years ago

Well, I think that Cryptii uses OAEP padding by default, if I remember that correctly. Check closed issues please.

On 4. 10. 2021, at 13:03, Zack @.***> wrote:

 Hey M, thanks for the reply.

I get the same thing on Cyberchef that I do on Cryptii following this method: Text -> Block Cipher (AES-128 CBC)-> Bytes -> Base64 -> Text

Also, sorry about the confusion - I meant aes_key[] is one thing i.e. mysupersecretkey converted to hex like so: 0x6d,0x79,0x73,0x75,0x70,0x65,0x72,0x73,0x65,0x63,0x72,0x65,0x74,0x6b,0x65,0x79 And aes_iv[16], enc_iv[16] and env_iv_to[16] are all the same i.e. mysupersecretiv! converted to hex like so: 0x6d,0x79,0x73,0x75,0x70,0x65,0x72,0x73,0x65,0x63,0x72,0x65,0x74,0x69,0x76,0x21

— You are receiving this because you commented. Reply to this email directly, view it on GitHub, or unsubscribe.

ZJouba commented 2 years ago

Is uint16_t msgLen = sizeof(payload); supposed to be 2?

ZJouba commented 2 years ago

I played around manually with the msgLen parameter and found that 77 gives me a decryptable output i.e.: uint16_t encLen = encrypt((char*)cleartext, 77, enc_iv);

The only strange thing is that the output has some appended . but I think that is just the padding? So my issue wat the msgLen parameter. Still not sure what it's supposed to be

suculent commented 1 year ago

Sorry, you've probably discovered this but msgLen in encrypt should be strlen of encrypted string. In decrypt it is size of the buffer (e.g. decoded base64).