8000 bug in CBC implementation of AES OpenSSL-256 encryption · Issue #19 · zamiere/slowaes · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

bug in CBC implementation of AES OpenSSL-256 encryption #19

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
GoogleCodeExporter opened this issue Apr 25, 2015 · 0 comments
Open

bug in CBC implementation of AES OpenSSL-256 encryption #19

GoogleCodeExporter opened this issue Apr 25, 2015 · 0 comments
Labels
auto-migrated Priority-Medium Type-Defect

Comments

@GoogleCodeExporter
Copy link 
What steps will reproduce the problem?
1. run code in "2." (i am running a gs script in google spreadsheets)
2.
function aesTester() {
  var password = "mypw";
  // generate the private key based on user's input password
  var privateKey = cryptoHelpers.generatePrivateKey(password, 128);

  var myplaintext = "hello plain text";
  // using OPENSSL_256 key size but could use
  var keysize = slowAES.aes.keySize.SIZE_256;
  var mode = slowAES.modeOfOperation.CBC;
  var key = cryptoHelpers.toNumbers("5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8");
  // initialization vector, make this unique and RANDOM!!
  var iv = cryptoHelpers.toNumbers("6bbda7892ad344e06c31e64564a69a9a");
  var plaintext = cryptoHelpers.convertStringToByteArray(myplaintext);
  // keysize is no longer a parameter because it auto finds size
  var encrypted = slowAES.encrypt(plaintext, mode, privateKey, iv);
  var base64 = cryptoHelpers.base64.encode(encrypted);
  // this is the plain text
  Logger.log(myplaintext);
  // this is the encrypted text
  Logger.log(base64);
  // decryption in reverse order of encryption
  var decodedText = cryptoHelpers.base64.decode(base64);
  // keysize is no longer a parameter because it auto finds size
  var decrypted = slowAES.decrypt(decodedText, mode, privateKey, iv);
  var decryptedText = cryptoHelpers.convertByteArrayToString(decrypted);
  // this is the decrypted text
  Logger.log(decryptedText );
}

What is the expected output? What do you see instead?
expected output is the input but you will see an extra character at the end. I 
have tracked the bug down to the "unpadBytesOut" function. it does not remove 
the "=" from the string. should the unpadding be done AFTER the 
decryption??!!?? or should it be removed before. (removing a decrypted "=" 
sounds difficult.)


What version of the product are you using? On what operating system?
not sure, i just copied the code today. running on windows 7. google chrome. 
google docs as a .gs (google script). js code runs as-is.

Please provide any additional information below.
i can try to figure out the fix, but hopefully someone beats me to it.

Original issue reported on code.google.com by samuelel...@gmail.com on 10 Dec 2013 at 7:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
auto-migrated Priority-Medium Type-Defect
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@GoogleCodeExporter
0