AES CBC encrypt/decrypt only decrypts the first 16 bytes
Your code is almost correct, except that the initialization vector is being overwritten due to memory corruption, the length of the ciphertext is rounded incorrectly, and std::string::data() should be used instead of std::string::c_str() when using std::string as a byte array. The Initialization Vector is copied into the empty string overwriting the stack. Then the Initialization Vector gets overwritten so different value is used by AESDecrypt. I've included source code that incorporates indiv's suggestions and fixes these problems. When run with
aes "Hello World!" stackoverflowit produces the following output:
(Normalized key: 737461636b6f766572666c6f770d0e0f101112131415161718191a1b1c1d1e1f) Encrypting : Hello World! With Key : stackoverflow Init Vec : d8b1657d9e2317c93430994f59bb54eb Becomes : ��Йw�H���}�;E (Normalized key: 737461636b6f766572666c6f770d0e0f101112131415161718191a1b1c1d1e1f) Decrypting : ��Йw�H���}�;E With Key : stackoverflow Init Vec : d8b1657d9e2317c93430994f59bb54eb Becomes : Hello World!
#include <vector>
#include <string>
#include <iostream>
#include <iomanip>
#include <algorithm>
#include <initializer_list>
#include <openssl/aes.h>
typedef unsigned char byte;
template <size_t multiple> size_t round_up(const size_t len)
{
if (len % multiple == 0) return len;
else return ((len / multiple) + 1) * multiple;
}
std::ostream &print_buffer_as_hex(std::ostream &o, const unsigned char *buf, size_t size)
{
o << std::hex << std::setfill('0');
for( size_t i = 0; i < size; ++i )
{
o << std::setw(2) << static_cast<unsigned int>(buf[i]);
}
return o << std::dec;
}
inline std::ostream &operator<<(std::ostream &o, const std::vector<byte> &buf)
{
return print_buffer_as_hex(o, reinterpret_cast<const unsigned char*>(&buf[0]), buf.size());
}
// Make a Key of exactly 32 bytes, truncates or adds values if it's necessary
std::string AES_NormalizeKey(const void *const apBuffer, size_t aSize)
{
static const unsigned char key32[] = {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31};
const char *const Buffer = reinterpret_cast<const char *>(apBuffer);
std::string Result(reinterpret_cast<const char *>(key32), 32);
std::copy(Buffer, Buffer + ((aSize < 32)? aSize: 32), Result.begin());
return Result;
}
// Encrypt using AES cbc
std::string AESEncrypt(const void *const apBuffer, size_t aBufferSize, const void *const apKey, size_t aKeySize, std::vector<byte> &aIVector)
{
// Create IVector.
unsigned char AES_IVector[AES_BLOCK_SIZE] = {0};
std::srand(static_cast<int>(time(NULL)));
std::generate(std::begin(AES_IVector), std::end(AES_IVector), std::rand);
aIVector.resize(sizeof(AES_IVector));
std::copy(std::begin(AES_IVector), std::end(AES_IVector), aIVector.begin());
// Create key.
const std::string Key(AES_NormalizeKey(apKey, aKeySize));
std::cout << "(Normalized key: ";
print_buffer_as_hex(std::cout, (const unsigned char*)Key.data(), Key.size()) << ")\n";
AES_KEY EncryptKey;
AES_set_encrypt_key(reinterpret_cast<const unsigned char *>(Key.data()), 256, &EncryptKey);
// Encrypt.
unsigned char AES_Encrypted[1024] = {0};
AES_cbc_encrypt(static_cast<const unsigned char *>(apBuffer), AES_Encrypted, aBufferSize, &EncryptKey, AES_IVector, AES_ENCRYPT);
const std::string Encrypted(reinterpret_cast<const char *>(AES_Encrypted), round_up<AES_BLOCK_SIZE>(aBufferSize));
// Finish.
return Encrypted;
};
// Decrypt using AES cbc
std::string AESDecrypt(const void *const apBuffer, size_t aBufferSize, const void *const apKey, size_t aKeySize, std::vector<byte> &aIVector)
{
// Read IVector.
unsigned char AES_IVector[AES_BLOCK_SIZE] = {0};
std::copy(aIVector.begin(), aIVector.end(), std::begin(AES_IVector));
// Create Key.
const std::string Key(AES_NormalizeKey(apKey, aKeySize));
std::cout << "(Normalized key: ";
print_buffer_as_hex(std::cout, (const unsigned char*)Key.data(), Key.size()) << ")\n";
AES_KEY DecryptKey;
AES_set_decrypt_key(reinterpret_cast<const unsigned char *>(Key.data()), 256, &DecryptKey);
// Decrypt.
unsigned char AES_Decrypted[1024] = {0};
AES_cbc_encrypt(static_cast<const unsigned char *>(apBuffer), AES_Decrypted, aBufferSize, &DecryptKey, AES_IVector, AES_DECRYPT);
const std::string Decrypted(reinterpret_cast<const char *>(AES_Decrypted));
// Finish.
return Decrypted;
};
// Entry point
int main(int argc, char **argv)
{
typedef std::vector<std::string> vs;
vs a;
for (vs::size_type Index = 0; Index < static_cast<unsigned>(argc); ++Index)
{
a.push_back(argv[Index]);
}
if (a.size() == 3)
{
std::vector<byte> IV;
std::string e(AESEncrypt(a.at(1).data(), a.at(1).size(), a.at(2).data(), a.at(2).size(), IV));
std::cout << "Encrypting : " << a.at(1) << "\n"
<< "With Key : " << a.at(2) << "\n"
<< "Init Vec : " << IV << "\n"
<< "Becomes : " << e << "\n";
std::string d(AESDecrypt(e.data(), e.size(), a.at(2).data(), a.at(2).size(), IV));
std::cout << "Decrypting : " << e << "\n"
<< "With Key : " << a.at(2) << "\n"
<< "Init Vec : " << IV << "\n"
<< "Becomes : " << d << "\n";
}
std::cout.flush();
return 0;
}
PaperBirdMaster
Updated on June 24, 2022Comments
-
PaperBirdMaster almost 2 years
I'm doing some work with AES CBC and openssl and for now, I'm stuck on a problem that i cannot guess what's wrong (as always).
Given a message less than 16 bytes length the process of encryption and decryption works fine, but when the message is greater than 16 bytes the decryption works only on the 16th first bytes.
When i call
aes.exe stackoverflow stackoverflow
the output is:Using: IVector = |000102030405060708090a0b0c0d0e0f| Key = |737461636b6f766572666c6f770d0e0f101112131415161718191a1b1c1d1e1f| Encrypted = |6c65219594c0dae778f9b5e84f018db6| Encrypting : stackoverflow With Key : stackoverflow Becomes : ??????¤le!òö++þx¨ÁÞO?ìÂ. Using: IVector = |000102030405060708090a0b0c0d0e0f| Key = |737461636b6f766572666c6f770d0e0f101112131415161718191a1b1c1d1e1f| Decrypted = |737461636b6f766572666c6f77| Decrypting : ??????¤le!òö++þx¨ÁÞO?ì With Key : stackoverflow Becomes : stackoverflow
When i call
aes.exe stackoverflowstackoverflow stackoverflow
the output is:Using: IVector = |000102030405060708090a0b0c0d0e0f| Key = |737461636b6f766572666c6f770d0e0f101112131415161718191a1b1c1d1e1f| Encrypted = |46172e3f7fabdcfc6c8b3e65aef175cddf8164236faf706112c15f5e765e49a5| Encrypting : stackoverflowstackoverflow With Key : stackoverflow Becomes : ??????¤F?.?¦½_³lï>e«±u-¯üd#o»pa?-_^v^IÑ. Using: IVector = |000102030405060708090a0b0c0d0e0f| Key = |737461636b6f766572666c6f770d0e0f101112131415161718191a1b1c1d1e1f| Decrypted = |737461636b6f766572666c6f77737461257d434a1edcbc970bf5346ea2fc7bc2| Decrypting : ??????¤F?.?¦½_³lï>e«±u-¯üd#o»pa?-_^v^IÑ With Key : stackoverflow Becomes : stackoverflowsta%}CJ?_+ù?§4nó³{-.
I'm providing a random IV for each encryption/decryption call and normalizing the password at 32 bytes in both cases; what I'm missing? anyone knows?
The source code:
#include <vector> #include <string> #include <iostream> // Make a Key of exactly 32 bytes, truncates or adds values if it's necessary std::string AES_NormalizeKey(const void *const apBuffer, size_t aSize) { static const unsigned char key32[] = {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31}; const char *const Buffer = reinterpret_cast<const char *>(apBuffer); std::string Result(reinterpret_cast<const char *>(key32), 32); std::copy(Buffer, Buffer + ((aSize < 32)? aSize: 32), Result.begin()); return Result; } // Encrypt using AES cbc std::string AESEncrypt(const void *const apBuffer, size_t aBufferSize, const void *const apKey, size_t aKeySize, std::string &aIVector) { // Create IVector. unsigned char AES_IVector[16] = {0}; std::srand(static_cast<int>(time(NULL))); std::generate(std::begin(AES_IVector), std::end(AES_IVector), std::rand); std::copy(std::begin(AES_IVector), std::end(AES_IVector), aIVector.begin()); // Create key. const std::string Key(AES_NormalizeKey(apKey, aKeySize)); AES_KEY EncryptKey; AES_set_encrypt_key(reinterpret_cast<const unsigned char *>(Key.c_str()), 256, &EncryptKey); // Encrypt. unsigned char AES_Encrypted[1024] = {0}; AES_cbc_encrypt(static_cast<const unsigned char *>(apBuffer), AES_Encrypted, aBufferSize, &EncryptKey, AES_IVector, AES_ENCRYPT); const std::string Encrypted(reinterpret_cast<const char *>(AES_Encrypted), ((aBufferSize / 16) + 1) * 16); // Finish. return Encrypted; }; // Decrypt using AES cbc std::string AESDecrypt(const void *const apBuffer, size_t aBufferSize, const void *const apKey, size_t aKeySize, std::string &aIVector) { // Read IVector. unsigned char AES_IVector[16] = {0}; std::copy(aIVector.begin(), aIVector.end(), std::begin(AES_IVector)); // Create Key. const std::string Key(AES_NormalizeKey(apKey, aKeySize)); AES_KEY DecryptKey; AES_set_decrypt_key(reinterpret_cast<const unsigned char *>(Key.c_str()), 256, &DecryptKey); // Decrypt. unsigned char AES_Decrypted[1024] = {0}; AES_cbc_encrypt(static_cast<const unsigned char *>(apBuffer), AES_Decrypted, aBufferSize, &DecryptKey, AES_IVector, AES_DECRYPT); const std::string Decrypted(reinterpret_cast<const char *>(AES_Decrypted)); // Finish. return Decrypted; }; // Entry point int main(unsigned int argc, char **argv) { typedef std::vector<const std::string> vs; vs a; for (vs::size_type Index = 0; Index < argc; ++Index) { a.push_back(argv[Index]); } if (a.size() == 3) { std::string IV(""); std::string e(AESEncrypt(a.at(1).c_str(), a.at(1).size(), a.at(2).c_str(), a.at(2).size()), IV); std::cout << "Encrypting : " << a.at(1) << "\n" << "With Key : " << a.at(2) << "\n" << "Becomes : " << e << ".\n"; std::string d(AESDecrypt(e.c_str(), e.size(), a.at(2).c_str(), a.at(2).size()), IV); std::cout << "Decrypting : " << e << "\n" << "With Key : " << a.at(2) << "\n" << "Becomes : " << d << ".\n"; } return 0; }