Simple AES encryption decryption with openssl library in C
Solution 1
I would almost go so far as to say this is a problem with OpenSSL. It seems that when the length parameter passed to AES_cbc_encrypt is > AES_BLOCK_SIZE but not an integral multiple thereof (i.e. length mod AES_BLOCK_SIZE != 0), then the last block is encrypted using the initial IV and not the previous block of ciphertext as should be the case for CBC mode.
You can fix this in one of two ways:
Copy your struct to a buffer whose size is an integral multiple of AES_BLOCK_SIZE, or encrypt in two parts - the full blocks, followed by a single partial block. The latter has the advantage of avoiding additional memory usage and can be done as follows:
size_t fullBlocks = inputslength - (inputslength % AES_BLOCK_SIZE);
size_t remainingBlock = inputslength - fullBlocks;
AES_cbc_encrypt((unsigned char *)&ticket, enc_out, fullBlocks, &enc_key, iv_enc, AES_ENCRYPT);
AES_cbc_encrypt((unsigned char *)&ticket + fullBlocks, enc_out + fullBlocks, remainingBlock, &enc_key, iv_enc, AES_ENCRYPT);
You should then be able to decrypt as you currently are without issue. It's worth noting however that you should declare dec_out as the same size as enc_out, because you're currently overrunning the dec_out buffer when decrypting.
Edit:
I raised this as a bug in OpenSSL: https://rt.openssl.org/Ticket/Display.html?id=3182&user=guest&pass=guest and whilst there is some argument over whether this is actually a bug, or just (undocumented) undefined behavior, the general consensus is that the EVP routines should be used instead, rather than these low-level functions.
Solution 2
The original code has done the padding for you. The problem is that you passed the wrong plaintext length to AES function. You should pass encslength(padded length) to AES_cbc_encrypt. Just change this line
AES_cbc_encrypt((unsigned char *)&ticket, enc_out, inputslength, &enc_key, iv_enc, AES_ENCRYPT);
to
AES_cbc_encrypt((unsigned char *)&ticket, enc_out, encslength, &enc_key, iv_enc, AES_ENCRYPT);
This should solve your problem.
Solution 3
The problem might be in the struct you are using, basically because of the struct padding and member sizes. Try to serialize your input and it must work. in a simple way, try to allocate one char buffer and copy your struct contents to the buffer one by one and try to encrypt that buffer and while decrypting also follow the same method. Post here what you are observing after that. We must be able to comment better on that.
Susitha Ravinda Senarath
Tech Lover. Has worked as a back end developer, front end developer and a full stack developer.
Updated on June 26, 2020Comments
-
Susitha Ravinda Senarath almost 4 years
I want to encrypt a struct containing few String and then decrypt it. I tried following code. The original code is found from the web and it was working perfectly. I change the input of it to a struct. following is the code.
#include <stdio.h> #include <stdlib.h> #include <string.h> #include <time.h> #include <openssl/aes.h> #include <openssl/rand.h> typedef struct ticket { /* test field */ int ticketId; char username[20]; char date[20]; } USR_TICKET; // a simple hex-print routine. could be modified to print 16 bytes-per-line static void hex_print(const void* pv, size_t len) { const unsigned char * p = (const unsigned char*)pv; if (NULL == pv) printf("NULL"); else { size_t i = 0; for (; i<len;++i) printf("%02X ", *p++); } printf("\n"); } // main entrypoint int main(int argc, char **argv) { int keylength; printf("Give a key length [only 128 or 192 or 256!]:\n"); scanf("%d", &keylength); /* generate a key with a given length */ unsigned char aes_key[keylength/8]; memset(aes_key, 0, keylength/8); if (!RAND_bytes(aes_key, keylength/8)) exit(-1); /* input struct creation */ size_t inputslength = sizeof(USR_TICKET); USR_TICKET ticket; ticket.ticketId = 1; time_t now = time(NULL); strftime(ticket.date, 20, "%Y-%m-%d", localtime(&now)); strcpy(ticket.username, "ravinda"); printf("Username - %s\n", ticket.username); printf("Ticket Id - %d\n", ticket.ticketId); printf("Date - %s\n", ticket.date); /* init vector */ unsigned char iv_enc[AES_BLOCK_SIZE], iv_dec[AES_BLOCK_SIZE]; RAND_bytes(iv_enc, AES_BLOCK_SIZE); memcpy(iv_dec, iv_enc, AES_BLOCK_SIZE); // buffers for encryption and decryption const size_t encslength = ((inputslength + AES_BLOCK_SIZE) / AES_BLOCK_SIZE) * AES_BLOCK_SIZE; unsigned char enc_out[encslength]; unsigned char dec_out[inputslength]; memset(enc_out, 0, sizeof(enc_out)); memset(dec_out, 0, sizeof(dec_out)); // so i can do with this aes-cbc-128 aes-cbc-192 aes-cbc-256 AES_KEY enc_key, dec_key; AES_set_encrypt_key(aes_key, keylength, &enc_key); AES_cbc_encrypt((unsigned char *)&ticket, enc_out, inputslength, &enc_key, iv_enc, AES_ENCRYPT); AES_set_decrypt_key(aes_key, keylength, &dec_key); AES_cbc_encrypt(enc_out, dec_out, encslength, &dec_key, iv_dec, AES_DECRYPT); printf("original:\t"); hex_print((unsigned char *)&ticket, inputslength); printf("encrypt:\t"); hex_print(enc_out, sizeof(enc_out)); printf("decrypt:\t"); hex_print(dec_out, sizeof(dec_out)); USR_TICKET * dyc = (USR_TICKET *)dec_out; printf("Username - %s\n", dyc->username); printf("Ticket Id - %d\n", dyc->ticketId); printf("Date - %s\n", dyc->date); return 0; }The problem is only first two members of the struct is decrypting correctly. After that data get currupted. What am I doing wrong here?