Re: Encrypt using AES(block size 128-bit) in CBC

I downloaded your code and verified your results. I made some small changes:

my $encrypted = $cipher->encrypt_hex($user_string);
my $decrypted = $cipher->decrypt_hex($encrypted);

print $encrypted, "\n\n";
print $decrypted, "\n\n";
if ( $user_string eq $decrypted ) { print "Good!\n"; }
[download]

I got the 'Good!' result, so I think your Perl script is working.

The way it looks to me, you need to verify that the exact '-key' and '-iv' are correct. If they are correct, then your source string for comparison should be verified as being correct.

Good Luck...Ed

"Well done is better than well said." - Benjamin Franklin

Comment on Re: Encrypt using AES(block size 128-bit) in CBC Download Code

Replies are listed 'Best First'.
Re^2: Encrypt using AES(block size 128-bit) in CBC by mikemc24 (Novice) on Jun 14, 2015 at 17:39 UTC
I'm really confused now, the result I need is what the provider requires, so is it the hex encryption that's wrong, is there another form of Perl hex encryption decryption I need to use.	[reply]
Re^3: Encrypt using AES(block size 128-bit) in CBC by flexvault (Monsignor) on Jun 14, 2015 at 21:04 UTC
Dear Monks, *"...using the provided password as both the key and initialisation vector..."* That looks like your problem. and we can't verify the results without knowing the exact inputs to the conversion. I suspect, as others have stated, that you are taking the 8 byte password and converting to hex to get the 16 bytes that AES requires. That will definitely give you a wrong answer. The way encryption works is: change any character and you get an entirely different encrypted result. Ask you client for the exact '-key' and '-iv' and then see if it works. If he gave you the password, then the '-key' and '-iv' values should be 'no problem'. Regards...Ed "Well done is better than well said." - Benjamin Franklin	[reply]
Re^4: Encrypt using AES(block size 128-bit) in CBC by wrog (Friar) on Jun 14, 2015 at 22:53 UTC
problem is, the "client" in this case, turns out to be a badly-written API doc, put out by Some Large Bank that won't actually care about making things work in Perl (and thus whose response is most likely to be something like, "Just use our Java or PHP libraries. Besides, you shouldn't be trying to write this stuff yourself since you're not experts on security like we are" [cough])	[reply]