in reply to Re: Encrypt using AES(block size 128-bit) in CBC
in thread Encrypt using AES(block size 128-bit) in CBC

I'm really confused now, the result I need is what the provider requires, so is it the hex encryption that's wrong, is there another form of Perl hex encryption decryption I need to use.
  • Comment on Re^2: Encrypt using AES(block size 128-bit) in CBC

Replies are listed 'Best First'.
Re^3: Encrypt using AES(block size 128-bit) in CBC
by flexvault (Monsignor) on Jun 14, 2015 at 21:04 UTC

    Dear Monks,

      "...using the provided password as both the key and initialisation vector..."

    That looks like your problem. and we can't verify the results without knowing the exact inputs to the conversion. I suspect, as others have stated, that you are taking the 8 byte password and converting to hex to get the 16 bytes that AES requires. That will definitely give you a wrong answer. The way encryption works is: change any character and you get an entirely different encrypted result.

    Ask you client for the exact '-key' and '-iv' and then see if it works. If he gave you the password, then the '-key' and '-iv' values should be 'no problem'.

    Regards...Ed

    "Well done is better than well said." - Benjamin Franklin

[reply]
      problem is, the "client" in this case, turns out to be a badly-written API doc, put out by Some Large Bank that won't actually care about making things work in Perl (and thus whose response is most likely to be something like, "Just use our Java or PHP libraries. Besides, you shouldn't be trying to write this stuff yourself since you're not experts on security like we are" [cough])
[reply]

In Section Seekers of Perl Wisdom