Beefy Boxes and Bandwidth Generously Provided by pair Networks
Do you know where your variables are?
 
PerlMonks  

Re: Encrypt using AES(block size 128-bit) in CBC

by flexvault (Monsignor)
on Jun 14, 2015 at 15:57 UTC ( [id://1130371]=note: print w/replies, xml ) Need Help??


in reply to Encrypt using AES(block size 128-bit) in CBC

Welcome mikemc24,

I downloaded your code and verified your results. I made some small changes:

my $encrypted = $cipher->encrypt_hex($user_string); my $decrypted = $cipher->decrypt_hex($encrypted); print $encrypted, "\n\n"; print $decrypted, "\n\n"; if ( $user_string eq $decrypted ) { print "Good!\n"; }
I got the 'Good!' result, so I think your Perl script is working.

The way it looks to me, you need to verify that the exact '-key' and '-iv' are correct. If they are correct, then your source string for comparison should be verified as being correct.

Good Luck...Ed

"Well done is better than well said." - Benjamin Franklin

Replies are listed 'Best First'.
Re^2: Encrypt using AES(block size 128-bit) in CBC
by mikemc24 (Novice) on Jun 14, 2015 at 17:39 UTC
    I'm really confused now, the result I need is what the provider requires, so is it the hex encryption that's wrong, is there another form of Perl hex encryption decryption I need to use.

      Dear Monks,

        "...using the provided password as both the key and initialisation vector..."

      That looks like your problem. and we can't verify the results without knowing the exact inputs to the conversion. I suspect, as others have stated, that you are taking the 8 byte password and converting to hex to get the 16 bytes that AES requires. That will definitely give you a wrong answer. The way encryption works is: change any character and you get an entirely different encrypted result.

      Ask you client for the exact '-key' and '-iv' and then see if it works. If he gave you the password, then the '-key' and '-iv' values should be 'no problem'.

      Regards...Ed

      "Well done is better than well said." - Benjamin Franklin

        problem is, the "client" in this case, turns out to be a badly-written API doc, put out by Some Large Bank that won't actually care about making things work in Perl (and thus whose response is most likely to be something like, "Just use our Java or PHP libraries. Besides, you shouldn't be trying to write this stuff yourself since you're not experts on security like we are" [cough])

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://1130371]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others meditating upon the Monastery: (6)
As of 2024-03-28 08:51 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found