you need to add the bytes 'Salted_' at the beginning of your hash (the salt is therfore only 8 and not 16 bytes).
Padding_length = (bs - len(chunk) % bs) or bsĬhunk += (padding_length * chr(padding_length)).encode() If len(chunk) = 0 or len(chunk) % bs != 0: The following code is analog to echo | openssl aes-256-cbc -pbkdf2 -k -out : def encrypt(self, password, input):
To spare you, like me, to spend multiple days to figure this one out, here is my working code to encrypt data like openssl. I'm using this post, because it pops up as first result on DDG. Verify and remove the PKCS#7 padding from the result.īecause nowadays the base64-standard is deprecated and pbkdf2-hashing is state of the art, the answer is correct, but outdated.Decrypt the remaining decoded data using the AES key and the IV from step 3.Treat the first 8 bytes of the decoded data as salt.Decode the input data from Base64 into a binary string.The steps from decrypting are the reverse: Encode in Base64 and output the encrypted data from step 4.Encode in Base64 and output the salt from step 1.Encrypt the padded using AES-256 in CBC mode with the key and the IV from step 2.Derive AES key and IV from password using the salt from step 1.Generate 8 bytes of random data as salt.OpenSSL puts and expects the salt in the first 8 bytes of the encrypted payload.įinally, AES in CBC mode can only work with data aligned to the 16 byte boundary. The function returns the key and the IV which you can use to decrypt the payload. Where key_len is 32 and iv_len is 16 for AES-256. The Python equivalent is: def EVP_BytesToKey(password, salt, key_len, iv_len):ĭerive the key and the IV from the given password and salt.ĭ.append( md5(d + password + salt).digest() )
OpenSSL does it via its own EVP_BytesToKey function, which is described in this man page. The only non-standard (and most difficult) part is the derivation of the IV and the key from the password. Base 64 encoding and decoding can be easily handled via the standard base64 module.ĪES-256 decryption and encryption in CBC mode are supported by both P圜rypto and M2Crypto.
0 kommentar(er)
