Decrypting an OpenSSL encrypt AES256-CBC data

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Decrypting an OpenSSL encrypt AES256-CBC data

Ertan Küçükoglu
Hello,

First of all I am a newbie to this list and to cryptography, padding, and C language. Please, bear with me.

I am trying to encrypt some data on an embedded Linux system using OpenSSL crypto library and decrypt it on a Windows system.

I am following example at following link for C codes on embedded system: https://wiki.openssl.org/index.php/EVP_Symmetric_Encryption_and_Decryption
Fortunately, I could encrypt with given code on that embedded linux system using OpenSSL Library version used was: 1.0.0e 
I do not have a change to use another version of the library. I am needed to be provided newer/older library by the device manufacturer to be able to cross compile my C code using their SDK.

My tests on embedded device works in both ways. I can encrypt and decrypt simple string (or below provided example data) on that system.
My problem is, I need to decrypt on Windows OS what is crypt on the embedded device.
Windows OS, I am using Delphi (Object Pascal) for my programming needs.
As I have not enough cryptography knowledge, I am using an open source library from mORMot project. This project supports AES256-CBC, AES256-CFB and several other AES based encryption and decryption, some hashing, etc. I have used that library before and it did work well for my needs. Thing is, I only used mORMot for my encryption and decryption which simply works. Similarly, OpenSSL encryption and decryption works on that embedded Linux system. I failed to make them talk to each other, properly.

A- I tried to directly decrypt (no padding applied) and I get my plain text plus some additional invisible characters at the end. I am told it maybe a "padding" issue, my problem, during decryption.
B- I tried PKCS#7 for decryption and it fails (no text being returned. All bytes are zero and of course that returns an empty string.

Below is encrypt base64 data on embedded linux system.
8XnbAER2Mh4GLQpDrBLA24R0uEm2SkqDqa0U/PZ3KsSCZsKmJ+WKoYqx7dTiLC/uvJivgm2LOJ0mD5U4NQ19SZgYbT1TByMlLL+075EF8LsXotySz2hze2IozKOB8TG4dn2W/nDdM5deO7csBY28onQHOV4wbqzInUeaLVzbvAI=

Attached is crypt data saved directly in a file. My tests, base64 decodes to identical bytes as in that file.

Plain text should be (last character is invisible '\n'):
0000010000012018122721570520181227215705 00017214422c4277d76H  10350514.44    0.01  10350514.43         0.010000

For test purposes my key and IV are simple. 
Key: bytes from 0 to 31 (inclusive)
IV: bytes from 0 to 15 (inclusive)

C code I used for generating key and IV is something like:
unsigned char key[32];
unsigned char iv[16];

for(i = 0;  i < sizeof(key);  i++)
key[i] = i;

for(i = 0;  i < sizeof(iv);  i++)
iv[i] = i;

What I see on Windows after directly decrypting is something as below (I used some embedded picture to be able to show invisible characters at the end)
image.png

My questions are (please keep in mind that I maybe asking non-sense):
1- Is OpenSSL version 1.0.0e using some kind of proprietary padding?
I also remember reading PKCS#5 is identical to PKCS#7 in another answer (which failed to work in my case).

2- What should I do to properly decrypt and receive plain text without additional characters in the end?

I appreciate any help.

Thanks & regards,
Ertan Küçükoğlu


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

crypt (176 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Decrypting an OpenSSL encrypt AES256-CBC data

Michael Wojcik
> From: openssl-users [mailto:[hidden email]] On Behalf Of Ertan Küçükoglu
> Sent: Thursday, December 27, 2018 16:03

> A- I tried to directly decrypt (no padding applied) and I get my plain text plus
> some additional invisible characters at the end. I am told it maybe a "padding"
> issue, my problem, during decryption.

How does the Windows program know how long the decrypted data is?

It sounds to me like the problem is simply that your Windows code is decrypting the data correctly, then reading past it into garbage left at the end of the buffer.

If the messages are of fixed length, only use that many bytes from the decryption output. If they're of variable length, then the sender will have to tell the receiver how long they are. There are many ways of doing that; you haven't told us enough about your protocol to know which would be appropriate in your case.

--
Michael Wojcik
Distinguished Engineer, Micro Focus


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Decrypting an OpenSSL encrypt AES256-CBC data

Ertan Küçükoglu
Hello,

Windows program does not know length of data. I would like to use some kind of standard method and use exact method on Windows to decrypt.

I think my problem is really that I do not know what "padding" is used by default. I have found below function. However, there is no detailed explanation about it in here: https://www.openssl.org/docs/man1.0.2/crypto/EVP_CIPHER_CTX_set_padding.html
int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);

I wanted to learn what values can "padding" parameter be. I understand I can set it to zero ( 0 ) for disabling padding. This is not what I want because my plain text length is not confirmed  to be multiply of 16 bytes.

I can use PKCS#7 to decrypt on Windows so I would like to encrypt using that padding. Just do not know what value to pass in above function now.

Thanks & regards,
Ertan Küçükoğlu




Michael Wojcik <[hidden email]>, 28 Ara 2018 Cum, 21:16 tarihinde şunu yazdı:
> From: openssl-users [mailto:[hidden email]] On Behalf Of Ertan Küçükoglu
> Sent: Thursday, December 27, 2018 16:03

> A- I tried to directly decrypt (no padding applied) and I get my plain text plus
> some additional invisible characters at the end. I am told it maybe a "padding"
> issue, my problem, during decryption.

How does the Windows program know how long the decrypted data is?

It sounds to me like the problem is simply that your Windows code is decrypting the data correctly, then reading past it into garbage left at the end of the buffer.

If the messages are of fixed length, only use that many bytes from the decryption output. If they're of variable length, then the sender will have to tell the receiver how long they are. There are many ways of doing that; you haven't told us enough about your protocol to know which would be appropriate in your case.

--
Michael Wojcik
Distinguished Engineer, Micro Focus


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Decrypting an OpenSSL encrypt AES256-CBC data

OpenSSL - User mailing list
On 29/12/2018 13:41, Ertan Küçükoglu wrote:

> Hello,
>
> Windows program does not know length of data. I would like to use some
> kind of standard method and use exact method on Windows to decrypt.
>
> I think my problem is really that I do not know what "padding" is used
> by default. I have found below function. However, there is no detailed
> explanation about it in here:
> https://www.openssl.org/docs/man1.0.2/crypto/EVP_CIPHER_CTX_set_padding.html
> int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
>
> I wanted to learn what values can "padding" parameter be. I understand
> I can set it to zero ( 0 ) for disabling padding. This is not what I
> want because my plain text length is not confirmed  to be multiply of
> 16 bytes.
>
> I can use PKCS#7 to decrypt on Windows so I would like to encrypt
> using that padding. Just do not know what value to pass in above
> function now.
>

PKCS#7 also known as CMS or (in OpenSSL) SMIME, doesn't just pad. It
generates a random key and encrypts it with the recipients key (usually
a public key from a certificate, but there may be a symmetric variant).

Thus to do PKCS#7 with OpenSSL, you need to use the "openssl cms" command
line or the corresponding functions.

>
>
>
> Michael Wojcik <[hidden email]
> <mailto:[hidden email]>>, 28 Ara 2018 Cum, 21:16
> tarihinde şunu yazdı:
>
>     > From: openssl-users [mailto:[hidden email]
>     <mailto:[hidden email]>] On Behalf Of Ertan
>     Küçükoglu
>     > Sent: Thursday, December 27, 2018 16:03
>
>     > A- I tried to directly decrypt (no padding applied) and I get my
>     plain text plus
>     > some additional invisible characters at the end. I am told it
>     maybe a "padding"
>     > issue, my problem, during decryption.
>
>     How does the Windows program know how long the decrypted data is?
>
>     It sounds to me like the problem is simply that your Windows code
>     is decrypting the data correctly, then reading past it into
>     garbage left at the end of the buffer.
>
>     If the messages are of fixed length, only use that many bytes from
>     the decryption output. If they're of variable length, then the
>     sender will have to tell the receiver how long they are. There are
>     many ways of doing that; you haven't told us enough about your
>     protocol to know which would be appropriate in your case.
>
>


Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users