Below is my code for creating a hash in openssl.
I was wondering why is my output always partially diffrent.
int main()
{
char alg[] = "MD5";
char buf[EVP_MAX_KEY_LENGTH] = "5";
unsigned char *testKey;
unsigned int olen;
testKey = simple_digest(alg, buf, EVP_MAX_KEY_LENGTH,&olen);
std::cout << "Printing key : >>";
print_hex(testKey,EVP_MAX_KEY_LENGTH);
std::cout << "<<" << std::endl;
}
unsigned char *simple_digest(char *alg, char *buf, unsigned int len,unsigned int *olen)
{
const EVP_MD *m;
EVP_MD_CTX ctx;
unsigned char *ret;
OpenSSL_add_all_digests();
if (!(m = EVP_get_digestbyname(alg)))
return NULL;
if (!(ret = (unsigned char *)malloc(EVP_MAX_MD_SIZE)))
return NULL;
EVP_DigestInit(&ctx, m);
EVP_DigestUpdate(&ctx, buf, len);
EVP_DigestFinal(&ctx, ret, olen);
// std::cout << "computed key" << ret << std::endl;
return ret;
}
void print_hex(unsigned char *bs, unsigned int n)
{
int i;
for (i = 0; i < n; i++)
printf("%02x", bs[i]);
printf("\n");
}
Output :
3afb8ebc9c93bf6d40285736f210b7856af8bab4d040ca090043ca09f840ca09
3afb8ebc9c93bf6d40285736f210b7856af8bab490a5f909c0a7f909b8a5f909
As you can see only the back few characters differ.
Thanks in advance! :D
Update (correct working version) :
int main()
{
char alg[] = "MD5";
char buf[EVP_MAX_KEY_LENGTH] = "5";
unsigned char *testKey;
unsigned int olen;
testKey = simple_digest(alg, buf,strlen(buf),&olen);
std::cout << "Printing key : >>";
print_hex(testKey,olen);
std::cout << "<<" << std::endl;
}
unsigned char *simple_digest(char *alg, char *buf, unsigned int len,unsigned int *olen)
{
const EVP_MD *m;
EVP_MD_CTX ctx;
unsigned char *ret;
OpenSSL_add_all_digests();
if (!(m = EVP_get_digestbyname(alg)))
return NULL;
if (!(ret = (unsigned char *)malloc(EVP_MAX_KEY_LENGTH)))
return NULL;
EVP_DigestInit(&ctx, m);
EVP_DigestUpdate(&ctx, buf, len);
EVP_DigestFinal(&ctx, ret, olen);
return ret;
}
void print_hex(unsigned char *bs, unsigned int n)
{
int i;
for (i = 0; i < n; i++)
printf("%02x", bs[i]);
}
output :
Printing key : >>e4da3b7fbbce2345d7772b0674a318d5<<
You are trying to hash a one-character string, "5", but you are telling EVP_Digest_Update that your buffer length is EVP_MAX_KEY_LENGTH. You need to pass the actual length of your buffer, not the maximum length it could be.
For completeness, here is what your main function should look like:
int main()
{
char alg[] = "MD5";
char buf[EVP_MAX_KEY_LENGTH] = "5";
unsigned char *testKey;
unsigned int olen;
# Pass the true length of but
testKey = simple_digest(alg, buf, strlen(buf), &olen);
std::cout << "Printing key : >>";
# Pass the true length of testKey
print_hex(testKey,olen);
std::cout << "<<" << std::endl;
}
One other caveat: you probably don't want to use EVP_MAX_KEY_LENGTH for your buffer, as that would limit the size of the message you could hash.
Related
I have this code and I want for each char[] inside message struct will be null terminated in order to avoid print all the memory values. if I create a single element it poses no problem. but when I have several elements in a msg array when I null terminate the char and when I add a new element it seems to overwrite and the null terminate will disapear!
typedef unsigned char byte;
enum msgType {
tree = 2
};
struct header {
msgType _type;
unsigned _value;
};
struct message {
uint16_t x;
bool b;
char c[5];
};
void allocateHeader(int value, byte* buffer, int size) {
header* t = (header*)buffer;
memset(buffer, 0, size);
t->_type = tree;
t->_value = value;
}
int main() {
byte buffer[1000];
std::string str = "hello";
std::string str2 = "fooo";
allocateHeader(8, buffer, 20);
message msg1;
msg1.x = 18;
msg1.b = false;
memset(msg1.c, 0, 5);
memcpy(msg1.c, str.c_str(), 5);
msg1.c[5] = '\0';
message msg2;
msg2.x = 1;
msg2.b = true;
memset(msg2.c, 0, 4);
memcpy(msg2.c, str2.c_str(), 4);
msg2.c[4] = '\0';
message msg[2];
msg[0] = msg1;
msg[0].c[5] = '\0';
msg[1] = msg2;
msg[1].c[4] = '\0';
memcpy(&buffer[sizeof(header)], &msg, sizeof(msg));
message msgrecp[2];
message* msgp = (message*)&buffer[8];
for(auto i=0; i < 2; i++){
msgrecp[i] = *msgp;
std::string str(msgrecp[i].c);
std::cout << msgrecp[i].b << " " << str << " " << msgrecp[i].x << std::endl;
//print
//0 hello[|[#{[ 18
//1 fooo 1
msgp = (message*)&buffer[8 + sizeof(message)];
}
return 0;
}
message::c is char[5]
so c[5]='\0' access outside of bound
c_str does contain the null terminate char, you can simply copy length()+1 given long enough buffer (not true in the code).
btw memset(msg.c, 0, 4) followed by memcpy(msg.c, str.c_str(), 4) doesn't make much sense, why you fill it if you're going to overwrite it immediately?
I have the working code below using OPENSSL AES 256 CBC to encrypt/decrypt.
It is working but I am missing something really important that is to CONVERT the Encryption result to readable text and STORE it to a STRING variable if possible (for later use).
For example, I need to see something like this: UkV8ecEWh+b1Dz0ZdwMzFVFieCI5Ps3fxYrfqAoPmOY=
Trying hard to find how to do that and what format OPENSSL is throwing out from Encryption process. (binary format ??) See image attached.
ps. Don't worry about the hashes below. They are not in production.
Thanks in Advance!!
Here is my code so far:
#include <iostream>
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
#include <openssl/evp.h>
#include <openssl/aes.h>
#include <openssl/rand.h>
using namespace std;
// HEX PRINT
static void hex_print(const void* pv, size_t len)
{
const unsigned char* p = (const unsigned char*)pv;
if (NULL == pv)
printf("NULL");
else
{
size_t i = 0;
for (; i < len; ++i)
printf("%02X ", *p++);
}
printf("\n");
}
// Starting MAIN function
int main()
{
int keylength = 256;
unsigned char aes_key[] = "1Tb2lYkqstqbh9lPAbeWpQOs3seHk6cX";
// Message we want to encrypt
unsigned char aes_input[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ 1234567890 abcdefghijklmnopqrstuvwxyz";
size_t inputslength = sizeof(aes_input)-1; // -1 because we don't want to encrypt the \0 character
// initialization vector IV - same for Encryption and Decryption
unsigned char iv_enc[] = "JxebB512Gl3brfx4" ;
unsigned char iv_dec[] = "JxebB512Gl3brfx4" ;
// buffers for encryption and decryption
const size_t encslength = inputslength ;
unsigned char enc_out[257];
unsigned char dec_out[257];
memset(enc_out, 0, sizeof(enc_out));
memset(dec_out, 0, sizeof(dec_out));
//Encryption START
AES_KEY enc_key, dec_key;
AES_set_encrypt_key(aes_key, keylength, &enc_key);
AES_cbc_encrypt(aes_input, enc_out, inputslength, &enc_key, iv_enc, AES_ENCRYPT);
//Decryption START
AES_set_decrypt_key(aes_key, keylength, &dec_key);
AES_cbc_encrypt(enc_out, dec_out, encslength, &dec_key, iv_dec, AES_DECRYPT);
// Printing Results
printf("original: \t");
hex_print(aes_input, sizeof(aes_input));
cout << aes_input << endl;
printf("encrypted: \t");
hex_print(enc_out, sizeof(enc_out));
cout << enc_out << endl;
printf("decrypt: \t");
hex_print(dec_out, sizeof(dec_out));
cout << dec_out << endl;
return 0;
}
Image of the Process
All Right. Thanks for the tips #RemyLebeau and #PaulSanders !!
I could resolve the issue using another tip from here -->
Base64 C++
Working REALLY fine now!!
Thanks Much!!
Here is the code for "encode" and "decode" Base64, just in case someone wants to do the same. Very usefull!!
typedef unsigned char uchar;
static const string b = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
static string base64_encode(const string &in) {
string out;
int val=0, valb=-6;
for (uchar c : in) {
val = (val<<8) + c;
valb += 8;
while (valb>=0) {
out.push_back(b[(val>>valb)&0x3F]);
valb-=6;
}
}
if (valb>-6) out.push_back(b[((val<<8)>>(valb+8))&0x3F]);
while (out.size()%4) out.push_back('=');
return out;
}
static string base64_decode(const string &in) {
string out;
vector<int> T(256,-1);
for (int i=0; i<64; i++) T[b[i]] = i;
int val=0, valb=-8;
for (uchar c : in) {
if (T[c] == -1) break;
val = (val<<6) + T[c];
valb += 6;
if (valb>=0) {
out.push_back(char((val>>valb)&0xFF));
valb-=8;
}
}
return out;
}
there is code
#include <stdio.h>
#include <string.h>
#include <openssl/hmac.h>
int main() {
const char key[] = "012345678";
char data[] = "hello world";
unsigned char* result;
unsigned int len = 20;
result = (unsigned char*)malloc(sizeof(char) * len);
HMAC_CTX ctx;
HMAC_CTX_init(&ctx);
HMAC_Init_ex(&ctx, key, strlen(key), EVP_sha1(), NULL);
HMAC_Update(&ctx, (unsigned char*)&data, strlen(data));
HMAC_Final(&ctx, result, &len);
HMAC_CTX_cleanup(&ctx);
printf("HMAC digest: ");
for (int i = 0; i != len; i++)
printf("%02x", (unsigned int)result[i]);
printf("\n");
free(result);
}
output HMAC digest: e19e220122b37b708bfb95aca2577905acabf0c0
I can not update this code for openssl 1.1.0.
The new version changed the syntax hmac.
#include <iostream>
#include <string.h>
#include <openssl/hmac.h>
using namespace std;
int main() {
const char key[] = "012345678";
char data[] = "hello world";
int datalen = strlen(data);
int keylen = strlen(key);
unsigned char* result;
unsigned int len = 20;
result = (unsigned char*)malloc(sizeof(char) * len);
cout << datalen << endl;
cout << keylen << endl;
cout << len << endl;
HMAC_CTX *HMAC_CTX_new();
int HMAC_CTX_reset(HMAC_CTX *ctx);
int HMAC_Init_ex(HMAC_CTX *ctx, const char key, int keylen, const EVP_MD EVP_sha1());
int HMAC_Update(HMAC_CTX * ctx, char &data, int datalen);
int HMAC_Final(HMAC_CTX * ctx, char result, int &len);
int HMAC_CTX_cleanup(HMAC_CTX * ctx);
printf("HMAC digest: ");
for (int i = 0; i != len; i++)
printf("%02x", (unsigned int)result[i]);
printf("\n");
free(result);
return 0;
}
output HMAC digest: 0000000000000000000000000000000000000000
I will be glad of any help
I need some help with decrypt a char array in C++ using AES decrypt with Open SSL library. I already done encryption mode and works fine, but decryption is not working.
This is the Encrypt Function:
string Encrypt(char *Key, char *Msg, int size)
{
static char* Res;
static const char* const lut = "0123456789ABCDEF";
string output;
AES_KEY enc_key;
Res = (char *)malloc(size);
AES_set_encrypt_key((unsigned char *)Key, 128, &enc_key);
for(int vuelta = 0; vuelta <= size; vuelta += 16)
{
AES_ecb_encrypt((unsigned char *)Msg + vuelta, (unsigned char *)Res + vuelta, &enc_key, AES_ENCRYPT);
}
output.reserve(2 * size);
for (size_t i = 0; i < size; ++i)
{
const unsigned char c = Res[i];
output.push_back(lut[c >> 4]);
output.push_back(lut[c & 15]);
}
free(Res);
return output;
}
This is the Decrypt Function (not working):
char * Decrypt( char *Key, char *Msg, int size)
{
static char* Res;
AES_KEY dec_key;
Res = ( char * ) malloc( size );
AES_set_decrypt_key(( unsigned char * ) Key, 128, &dec_key);
for(int vuelta= 0; vuelta<=size; vuelta+=16)
{
AES_ecb_encrypt(( unsigned char * ) Msg+vuelta, ( unsigned char * ) Res+vuelta, &dec_key, AES_DECRYPT);
}
return (Res);
}
This is an Example of the Main function that call the methods, the problem is thar no mather how i print the "Res" variable in the Decrypt function, it always show random ASCII values, and i like to show the result in a string like the Encrypt function:
#include <stdlib.h>
#include <stdio.h>
#include <unistd.h>
#include <string.h>
#include "openSSL/aes.h"
using namespace std;
int main(int argc, char const *argv[])
{
char key[16];
char message[128];
char enc_message[128];
string s_key = "THIS_IS_THE_KEY_";
string s_message = "Hello World !!!";
memset(key, 0, sizeof(key));
strcpy(key, s_key.c_str());
memset(message, 0, sizeof(message));
strcpy(message, s_message.c_str());
string response = Encrypt(key, message, sizeof(message));
cout<<"This is the Encrypted Message: "<<response<<endl;
memset(enc_message, 0, sizeof(enc_message));
strcpy(enc_message, response.c_str());
Decrypt(key, enc_message, sizeof(enc_message));
return 0;
}
Any improve in this methods?
I wanted to put the answer to how I solved it: The problem with my example was that I was trying to use the decrypt function with a HEXADECIMAL STRING and it should be done with an ASCII STRING with the values as delivered by the encryption function.
That is, instead of trying to decrypt a string like this: 461D019896EFA3
It must be decrypted with a string like this: #(%_!#$
After that, the decryption will be delivered in ASCII values. They must be passed to Hexadecimal and finally to a String.
Here is the example that worked for me:
string Decrypt_string(char *Key, string HEX_Message, int size)
{
static const char* const lut = "0123456789ABCDEF";
int i = 0;
char* Res;
AES_KEY dec_key;
string auxString, output, newString;
for(i = 0; i < size; i += 2)
{
string byte = HEX_Message.substr(i, 2);
char chr = (char) (int)strtol(byte.c_str(), NULL, 16);
auxString.push_back(chr);
}
const char *Msg = auxString.c_str();
Res = (char *)malloc(size);
AES_set_decrypt_key((unsigned char *)Key, 128, &dec_key);
for(i = 0; i <= size; i += 16)
{
AES_ecb_encrypt((unsigned char *)Msg + i, (unsigned char *)Res + i, &dec_key, AES_DECRYPT);
}
output.reserve(2 * size);
for (size_t i = 0; i < size; ++i)
{
const unsigned char c = Res[i];
output.push_back(lut[c >> 4]);
output.push_back(lut[c & 15]);
}
int len = output.length();
for(int i = 0; i < len; i += 2)
{
string byte = output.substr(i, 2);
char chr = (char) (int)strtol(byte.c_str(), NULL, 16);
newString.push_back(chr);
}
free(Res);
return newString;
}
I'm using C++ library PolarSSL for RSA encryption and decryption. But I'm not able to decrypt an encrypted string unless it's an output from encryption. Following code doesn't work (it's not refactored). It encrypts text and encodes the output to the Base64 and back. Condition on strcmp works (strings are the same).
AsymetricCipher::encrypt(const std::string &pathToPublicKey, std::istream &inputData, std::ostream &encryptedData) {
if(initServerPublicCtx(pathToPublicKey, 512)) {
std::cout << "Encryption error: Can't load public key from file: " << pathToPublicKey << std::endl;
return false;
}
entropy_context entropy;
ctr_drbg_context ctr_drbg;
char *pers = "rsa_encrypt";
entropy_init(&entropy);
if(ctr_drbg_init(&ctr_drbg, entropy_func, &entropy, (unsigned char*)pers, strlen(pers)) != 0) {
std::cout << "Encryption error: ctr_drbg_init failed" << std::endl;
return false;
}
size_t inputSize = ::getStreamSize(inputData);
char *input = new char[inputSize];
memset(input, 0, inputSize);
inputData.read(input, inputSize);
input[inputSize] = '\0';
unsigned char *buffer = new unsigned char[ctx.len];
memset(buffer, 0, ctx.len);
memcpy(buffer, input, inputSize);
// This has to be rewritten
size_t MAX_OUTPUT_LENGTH = ctx.len;
unsigned char *outputBuffer = new unsigned char[MAX_OUTPUT_LENGTH];
memset(outputBuffer, 0, MAX_OUTPUT_LENGTH);
if(rsa_pkcs1_encrypt(&ctx, ctr_drbg_random, &ctr_drbg, RSA_PUBLIC, inputSize, buffer, outputBuffer) != 0) {
std::cout << "Encryption error: rsa_pkcs1_encrypt failed" << std::endl;
return false;
}
initServerPrivateCtx("data/private.key", 512);
size_t outputSize = 0;
std::string copyBuffer = "";
std::stringstream encStream;
std::string base64 = "";
Base64Wrapper::encode(outputBuffer, strlen((char*)outputBuffer), base64);
for(size_t i = 0; i < base64.length();) {
encStream << base64[i++];
}
unsigned char *encBuffer = new unsigned char[MAX_OUTPUT_LENGTH+10];
memset(encBuffer, 0, MAX_OUTPUT_LENGTH);
encStream.read((char *)encBuffer, MAX_OUTPUT_LENGTH+10);
copyBuffer.append((char *)encBuffer);
unsigned char *decoded = NULL;
size_t decodedSize = 0;
Base64Wrapper::decode(copyBuffer, &decoded, &decodedSize);
decoded[decodedSize] = '\0';
if(strcmp((char*)outputBuffer, (char*)decoded) != 0) {
std::cout << "Different";
}
memset(buffer, 0, ctx.len);
if(rsa_pkcs1_decrypt(&ctx, RSA_PRIVATE, &outputSize, decoded, buffer, MAX_OUTPUT_LENGTH) != 0) {
std::cout << "Decryption error: rsa_pkcs1_decrypt failed" << std::endl;
return false;
}
::cleanMemory(outputBuffer, MAX_OUTPUT_LENGTH);
::cleanMemory(buffer, ctx.len);
delete [] outputBuffer;
delete [] buffer;
delete [] encBuffer;
delete [] decoded;
//delete [] input;
return true;
}
However, if I call rsa_pkcs1_decrypt with outputBuffer from encryption, everything works fine.
I need to encrypt text, send it and decrypt on another place in code.
Any suggestions what am I doing wrong?
Classic memory overflow
char *input = new char[inputSize];
input[inputSize] = '\0';
I've finally found a solution.
The problem was strlen((char*)outputBuffer) becuase it was always 0 since output from rsa_pkcs1_encrypt starts with \0.
The right solution is
bool AsymetricCipher::encrypt(const std::string &pathToPublicKey, std::istream &inputData, std::ostream &encryptedData) {
if(initServerPublicCtx(pathToPublicKey, 512)) {
std::cout << "Encryption error: Can't load public key from file: " << pathToPublicKey << std::endl;
return false;
}
entropy_context entropy;
ctr_drbg_context ctr_drbg;
char *pers = "rsa_encrypt";
entropy_init(&entropy);
if(ctr_drbg_init(&ctr_drbg, entropy_func, &entropy, (unsigned char*)pers, strlen(pers)) != 0) {
std::cout << "Encryption error: ctr_drbg_init failed" << std::endl;
return false;
}
size_t inputSize = ::getStreamSize(inputData);
unsigned char *buffer = new unsigned char[inputSize];
memset(buffer, 0, inputSize);
inputData.read((char *)buffer, inputSize);
size_t MAX_OUTPUT_LENGTH = ctx.len;
unsigned char *outputBuffer = new unsigned char[MAX_OUTPUT_LENGTH];
memset(outputBuffer, 0, MAX_OUTPUT_LENGTH);
bool retVal = true;
if(rsa_pkcs1_encrypt(&ctx, ctr_drbg_random, &ctr_drbg, RSA_PUBLIC, inputSize, buffer, outputBuffer) != 0) {
std::cout << "Encryption error: rsa_pkcs1_encrypt failed" << std::endl;
retVal = false;
}
if(retVal) {
std::string base64;
Base64Wrapper::encode(outputBuffer, MAX_OUTPUT_LENGTH, base64);
encryptedData << base64;
::cleanMemory(base64);
}
::cleanMemory(outputBuffer, MAX_OUTPUT_LENGTH);
::cleanMemory(buffer, ctx.len);
delete [] outputBuffer;
delete [] buffer;
return retVal;
}
And for decryption
bool AsymetricCipher::decrypt( const std::string &pathToPrivateKey, std::istream &encryptedData, std::ostream &decryptedData ) {
if(initServerPrivateCtx(pathToPrivateKey, 512)) {
std::cout << "Decrypt error: Can't load private key from file: " << pathToPrivateKey << std::endl;
return false;
}
size_t inputSize = ::getStreamSize(encryptedData);
size_t outputSize = 0;
unsigned char* buffer = NULL;
std::string base64;
size_t bufferSize = 0;
encryptedData >> base64;
Base64Wrapper::decode(base64, &buffer, &bufferSize);
::cleanMemory(base64);
size_t MAX_OUTPUT_LENGTH = ctx.len;
unsigned char *outputBuffer = new unsigned char[MAX_OUTPUT_LENGTH];
bool retVal = true;
if(rsa_pkcs1_decrypt(&ctx, RSA_PRIVATE, &outputSize, buffer, outputBuffer, MAX_OUTPUT_LENGTH) != 0) {
std::cout << "Decryption error: rsa_pkcs1_decrypt failed" << std::endl;
retVal = false;
}
if(retVal) {
outputBuffer[outputSize] = '\0';
decryptedData << outputBuffer;
}
::cleanMemory(buffer, bufferSize);
::cleanMemory(outputBuffer, outputSize);
delete [] outputBuffer;
delete [] buffer;
return retVal;
}