kandi X-RAY | AES-CBC-256 Summary
kandi X-RAY | AES-CBC-256 Summary
AES-CBC-256
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of AES-CBC-256
AES-CBC-256 Key Features
AES-CBC-256 Examples and Code Snippets
Community Discussions
Trending Discussions on AES-CBC-256
QUESTION
I am looking for equivalent C code for below java code. i am trying to write two application one in java and other in C. Java application encrypt/decrypt "string" with below logic, and it is working when using below java method.
...ANSWER
Answered 2020-Dec-12 at 04:55FOR ENCRYPTION:
- We are using HMAC-sha256 for generating "key", which takes "salt", "password".
No, you are using PBKDF2 WITH HMAC-SHA256. That's not at all the same thing as plain HMAC-SHA256. However, the OpenSSL function you identified DOES match this assuming you give it the correct parameters. This also applies to decryption step 1.
- Padding input data.
Sort of. That padding only works correctly for input data that is up to 16 characters, all of which are ASCII (because you encode it as UTF-8, and any non-ASCII character produces more than one byte, making the encoded value an illegal length). Most longer values will fail, although a few will succeed by bad luck. And even for the values that 'succeed', some will be changed; this is considered bad practice and essentially all competently designed crypto schemes since about 1980 are designed to preserve all data. In particular the very common PKCS5 (sometimes called PKCS7 or PKCS5/PKCS7 for technical reasons) standard padding preserves all data correctly and is already implemented in both Java and OpenSSL, as well as nearly all other decent crypto libraries and devices, and would be a better choice as well as simpler.
With the padding fixed, the Java side could do non-ASCII data, but only if you both encode the plaintext to be encrypted and decode the plaintext after decryption suitably. You have the .getBytes(StandardCharsets.UTF_8)
on encrypt, but need to match it with new String(cipher.doFinal(...), StandardCharsets.UTF_8)
on decrypt, otherwise it may or may not work depending on the platform and environment you use to run it.
The C side may be harder. OpenSSL is based on old-school C code started before the 1995 and 1999 versions of C started to handle non-English characters, and it understands only bytes, which can be single-byte aka 'narrow' characters. Either you must wrap it with calling code that handles 'wide' characters in a multi-byte encoding such as UTF-8 (and calls the OpenSSL parts using bytes), or you must do this outside the program, by controlling the environment (such as the terminal or emulator) or files. Your question doesn't provide even a hint about any of those, so it's impossible to make any recommendation(s).
Because you treat the 'secret' (password), salt, and IV as String
s, the same considerations apply to them, except that they are likely to come from different source(s) than the data. IV and salt are designed to be byte sequences, and restricting IV in particular to ASCII or even UTF-8 encodings probably reduces security some, but as the topic of SO is programming and not security I won't pursue that. In actual PBKDF2 in PKCS5 password is also octets (Java bytes), but it 'recommends' that text (characters) be encoded as ASCII or UTF-8, and Java does take char[]
in PBEKeySpec
and encode as UTF-8, so for non-ASCII the OpenSSL caller or environment would need to match that.
Given those limitations: all values are ASCII only, data is not more than 16 chars=bytes and IV is exactly 16, the following C code matches and could interoperate with your Java. Error handling is minimal, and I do both encrypt and decrypt in a single function; you would want to be able to separate them. (corrected)
QUESTION
I want to compute the CBC-MAC of a given plaintext with openssl. I have the following plaintext (hexdump):
...ANSWER
Answered 2017-Jul-06 at 12:52Your mistake is here:
I have one extra block because the first block should be the encrypted IV.
The extra block is because OpenSSL adds padding to the plain text, so that it is a multiple of the block size (16 bytes for AES). In this case the plain text is already a multiple of 16 bytes, but the padding scheme used (PKCS7) always adds padding, so here an entire block is added before encryption.
It’s common to add the IV to the front of the ciphertext, but that’s not what’s happening here.
In order to get the same result from your code you will need to add this padding yourself. In this case it is fairly simple, just add sixteen 0x10
bytes to the end of msg1
(so its toal length is 64), and change the 48
in the call to AES_cbc_encrypt
to 64
. The zeros you are seeing a just the value you initialize obuf
to, since you are only writing 48 bytes into this buffer.
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install AES-CBC-256
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page