Decrypt AES with OpenSSL & Qt 5.5.1 Win32 VS2013

SGaist · wrote on 1 Apr 2016, 20:41

Do you mean that you passed your original string through md5 before encrypting it ?

qDebug · 4 Feb 2016, 14:43

The password / key was md5 hashed.

key = md5(utf8(password));

and the iv are the first 16 bytes from the base64 string.

Edit: Not the key of course, the iv are the first 16 bytes from the base64 string.

SGaist · wrote on 2 Apr 2016, 20:59

Can you show the complete procedure ?

qDebug · wrote on 3 Apr 2016, 19:14

Thanks for asking. This is the VB code to encrypt the string:

Dim AES As New RijndaelManaged

Dim md5 As New MD5CryptoServiceProvider
Dim key() As Byte = md5.ComputeHash(Encoding.UTF8.GetBytes(password))

md5.Clear()
AES.Key = key
AES.GenerateIV()
Dim iv() As Byte = AES.IV
Dim ms As New MemoryStream

ms.Write(iv, 0, iv.Length)

Dim cs As New CryptoStream(ms, AES.CreateEncryptor, CryptoStreamMode.Write)
Dim data() As Byte = System.Text.Encoding.UTF8.GetBytes(string)

cs.Write(data, 0, data.Length)
cs.FlushFinalBlock()

Dim encoded() As Byte = ms.ToArray()
Return (Convert.ToBase64String(encoded))
cs.Close()
AES.Clear()

As far as i can tell is the password and the string are utf8 bytes and the password is the md5 hash of it. I did try to pass it through

QCA::SecureArray key = QCA::SecureArray::SecureArray(password);

before and after utf8 and md5. So far no luck.

Thank you!

qDebug · wrote on 5 Apr 2016, 20:08

And this is my attempt:

QString MainWindow::decryptString(QString password, QString encodedString)
{
    // final decodec string
    QString decodedString;

    // get the iv
    QByteArray array(encodedString.left(16).toStdString().c_str(), encodedString.left(16).size());
    QCA::SecureArray iv = array.toHex();

    // decode base64
    QCA::Base64 decoder(QCA::Decode);
    const char* decoded = decoder.decodeString(encodedString).toStdString().c_str();

    QCA::SecureArray key = QByteArray(QCryptographicHash::hash(password.toUtf8(), QCryptographicHash::Md5).toHex());
    QCA::SecureArray arg = decoded;

    QCA::Cipher cipher(QString("aes128"), QCA::Cipher::CBC, QCA::Cipher::NoPadding, QCA::Decode, key, iv);
    QCA::SecureArray plainText = cipher.update(arg);

    if(!cipher.ok())
    {
        qDebug() << "update Fail";
    }

    cipher.final();
    if(!cipher.ok())
    {
        qDebug() << "final fail";
    }

    qDebug() << "process: " << QCA::SecureArray(cipher.process(decoded)).data();

    decodedString = plainText.data();
    qDebug() << "Decoded: " << decodedString;

    return decodedString;
}

I call it like:

qDebug() << "decoded: " << decryptString("test", "PpUr+LMHvaKmf0q6J7Oyzo4jbFO5kfWyXl0d8nD3hyM=");

The only step i masted was getting rid of the final fail, but i don't know if that was really the case. Not sure how, i changed this so often, i don't even know how much time i spend on this. I didn't think it can be that difficult to use it.

So far i still did not fine one single example code using qca with aes128cbc and custom iv and key. Very, very strange.

Any ideas?

Thanks!

SGaist · wrote on 5 Apr 2016, 20:27

Do you mean this example ?

qDebug · wrote on 5 Apr 2016, 20:32

Yes. It is the only one i found so far. But the iv and key are random generated, it does not show how to use an already existing key and iv correctly. I really don't know what i am missing here.

SGaist · wrote on 5 Apr 2016, 20:34

Just replace the random key and iv by yours.

qDebug · wrote on 5 Apr 2016, 20:51

I did. That was my first idea, did not work. Id did check the key and iv output, same as i use with openssl, does work in openssl, does not work in Qt / QCA - at least not the way i do it. I don't know, maybe i miss something in general or just just a tiny mistake, but after days and hours, i can confirm, it won't work for me.

SGaist · wrote on 5 Apr 2016, 21:22

I took the example as is, replaced key and iv by

QByteArray key("098f6bcd4621d373cade4e832627b4f6");
QByteArray iv("d8e8fca2dc0f896fd7cb4cb0031ba249");

and it's working fine.

qDebug · 4 Jun 2016, 10:46

If you can tell me why this code

QString decodedString;
QCA::Initializer init;
QByteArray array(encodedString.left(16).toStdString().c_str(), encodedString.left(16).size());
QCA::SecureArray iv = array.toHex();
QCA::Base64 decoder(QCA::Decode);
QCA::SecureArray decoded = decoder.decodeString(encodedString).toStdString().c_str();
QCA::SecureArray key = QByteArray(QCryptographicHash::hash(password.toUtf8(), QCryptographicHash::Md5).toHex());
QCA::Cipher cipher(QString("aes128"), QCA::Cipher::CBC, QCA::Cipher::NoPadding, QCA::Decode, key, iv);
QCA::SecureArray plainText = cipher.update(decoded);
if(!cipher.ok())
{
	qDebug() << "update Fail";
}
plainText  = cipher.final();
if(!cipher.ok())
{
	qDebug() << "final fail";
}
qDebug() << "process: " << QCA::SecureArray(cipher.process(decoded)).data();
QString decodedString = plainText.data();
qDebug() << "Decoded: " << decodedString;

is not working, it may help me. If you tell me some code is working for you, it does not. This is btw. taken from the example, i did not change anything beside adding key and iv.

SGaist · wrote on 6 Apr 2016, 20:49

The first thing that looks strange is your iv creation. You take 16 bytes of your encoded string and turn it to hexadecimal. Why ?

Also, why all the conversions ? Just use QByteArray.

qDebug · wrote on 6 Apr 2016, 21:22

098f6bcd4621d373cade4e832627b4f6 is "test" in md5. all the strings i have to decode are encoded with a different iv, the iv is always the first 16 bytes in hex from the encoded string, d8e8fca2dc0f896fd7cb4cb0031ba249 in this case.

So i have to hash the key "test" and get the iv from the encoded string.

And of course, i did test the key and iv just as QByteArray, before and after you posted the example, but the decoding so far did always fail.

SGaist · wrote on 6 Apr 2016, 21:47

That's something that is really not clear. You are telling me that you are using as iv for the decoding a part of the alrey encoded string ? So what did you use as iv for the encoding part ?

qDebug · 4 Jun 2016, 22:07

The iv is taken from the still encrypted and base64 encoded string, first 16 bytes hex. iv 507055722b4c4d4876614b6d66307136 is QByteArray array(encodedString.left(16).toStdString().c_str(), encodedString.left(16).size()); qDebug() << "iv: " << array.toHex();

Proof:

echo PpUr+LMHvaKmf0q6J7Oyzo4jbFO5kfWyXl0d8nD3hyM= | openssl enc -d -a -A -aes-128-cbc -iv 507055722b4c4d4876614b6d66307136 -K 098f6bcd4621d373cade4e832627b4f6
8°&¦=YaÌ?{Äa+Dr. Test

SGaist · wrote on 6 Apr 2016, 22:21

And what iv did you use to encrypt the string ?

qDebug · wrote on 6 Apr 2016, 22:34

If you scroll up a few posts, there is the source code.

SGaist · wrote on 7 Apr 2016, 19:56

Do you mean the VB code ? Then you generate an IV in there, and use a different one when decrypting your string or am I missing something there ?

qDebug · wrote on 8 Apr 2016, 06:30

It is the same iv. There is no problem with the iv i believe, it does work to decrypt in openssl and VB. It is a common way to use the first 16 bytes of a string for iv. Like salting passwords, kind of, not really but i'm no expert and can't explain it better. Defending on the software and api you may have to remove the iv from the string before decrypting but i don't thing it is the case in qca - but i did try it anyways - no luck.

Maybe i don't use the API correctly. The example code:

cipher.setup( QCA::Decode, key, iv );

QCA::SecureArray cipherText = u.append(f);
QCA::SecureArray plainText = cipher.update(cipherText);
if (!cipher.ok()) {
	printf("Update failed\n");
}

printf("Decryption using AES128 of [0x%s] is %s\n",
	   qPrintable(QCA::arrayToHex(cipherText.toByteArray())), plainText.data());

plainText = cipher.final();
if (!cipher.ok()) {
	printf("Final failed\n");
}

printf("Final decryption block using AES128 is %s\n", plainText.data());
printf("One step decryption using AES128: %s\n",
	   QCA::SecureArray(cipher.process(cipherText)).data() );

So cipherText here is u.append(f); the update and the final results together.

Or maybe i found a bug. Who knows? But chances are i'm doing it wrong, somehow.

SGaist · wrote on 8 Apr 2016, 07:07

That's what I'm trying to clear up with you.

What you wrote is that you were using a part of your already encoded string as IV when setting up decoding and that's that part that is puzzling me. AFAIK, you should use the same IV that you generated, whatever the means, when you encoded that string. So basically (pseudo code):

Get secret key as sk
Get password
Generate IV as iv: 16 first chars of md5 of password
Encode "Dr. Test" with sk + iv as encoded_str

and later:

Get secret key as sk
Get password
Generate IV as iv: 16 first char of md5 of password
Decode encoded_str with sk + iv
Get Dr. Test

What I understand of what you wrote for the decoding part is:

Get secret key as sk
Get password
Generate IV as iv: 16 first char of encoded_str
Decode encoded_str with sk + iv
Get garbage + Dr. Test