You should take care that the key and IV are indeed
same. What I mean by that is that in the C and Java
code you should hardcode the actual hex values and it
should have the exact length. For instance DES
requires 8 byte key and you should hardcode something
like this.
unsigned char key[8] =
{0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xff};
Similarly for IV. Make sure you do the right thing for
Java also.
And the last block will not be decrypted correctly
unless you take care to do proper PKCS padding. So
don't worry about it. Typical block size is 8 bytes,
so first you have to make sure that you get the
correct encrypted output.
Verify that against the openssl enc command. Print
your encrypted output using "%02X" format and try this
on the command line.
echo -n "something"|openssl aes-128-cbc -K <> -iv
<>|od -x
od -x prints differently from your hex output as words
are reversed but you can easily see the
correspondence.
Hope this helps.
regards,
Girish
--- uno wand <[EMAIL PROTECTED]> wrote:
> Hi all,
>
> I've been pulling my hair for two days, trying to
> figure out why a msg
> encrypted in Java
> can not be decrypted with Openssl, and vice versa.
> It'd be very much
> appreciated if
> someone could give a hint.
>
> Here's the Java code (apologize for that) (no
> exception handling):
>
> byte[] key; // get hard-coded key, 16 bytes
> SecretKeySpec skeySpec = new SecretKeySpec(key,
> "AES"); // or
> "AES/CBC/PKCS5Padding", same result
> IvParameterSpec ivSpec = new
> IvParameterSpec("12345678".getBytes());
>
> // Encrypt
> Cipher cipher;
> cipher.init(Cipher.ENCRYPT_MODE, skeySpec,
> ivSpec);
> String clearText = "This is a test";
> byte[] ciphertext =
> cipher.doFinal(cleartext.getBytes());
> // ...
>
> // Decrypt
> cipher.init(Cipher.DECRYPT_MODE, skeySpec,
> ivSpec);
> byte[] cleartext = cipher.doFinal(ciphertext);
> // ....
>
> Here is the C code using Openssl (no error
> handling):
>
> unsigned char * key; // get hard-coded key, 16
> bytes
> unsigned cha * iv; // get hard-coded iv, same as
> in Java, iv[0] = 49,
> iv[1] = 50, ...
> EVP_CIPHER_CTX ctx;
>
> // Encrypt
> unsigned char outbuf[2048]; // should be enough
> for the work
> int outlen, tmplen;
> EVP_CipherInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
> _key, _iv, ENCRYPT);
> EVP_CipherUpdate(&ctx, outbuf, &outlen, (unsigned
> char*)clearText, len);
> EVP_CipherFinal_ex(&ctx, outbuf + outlen,
> &tmplen);
> outlen += tmplen;
> // ...
>
> //Decrypt
> EVP_CipherInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
> _key, _iv, DECRYPT);
> EVP_CipherUpdate(&ctx, outbuf, &outlen, (unsigned
> char*)cipherText, len);
> EVP_CipherFinal_ex(&ctx, outbuf + outlen,
> &tmplen);
> outlen += tmplen;
> // ...
>
> The problem is, I can't decrypt what is encrypted in
> Java. And in Java, I
> can't decrypt
> what is encrypted from Openssl. Java reported a "Pad
> block corrypted" error.
>
> I'd like to know which parameter did I set wrong?
> The key and IV are the
> same,
> hard-coded for the purpose of testing.
>
> Thanks in advance for any help.
>
> uw
>
>
_________________________________________________________________
> Express yourself instantly with MSN Messenger!
> Download today - it's FREE!
>
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
>
>
______________________________________________________________________
> OpenSSL Project
> http://www.openssl.org
> User Support Mailing List
> openssl-users@openssl.org
> Automated List Manager
> [EMAIL PROTECTED]
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
