I am trying to communicate from AutoIt with a Python TCP server using encryption, but I think there's something wrong with my algorithms since the results of both encryptions/decryptions are different:
AutoIt:
#include <Crypt.au3>
Global $key = "pjqFX32pfaZaOkkCFQuYziOApaBgRE1Y";
Global $str = "Am I welcome???"
_Crypt_Startup()
$hKey = _Crypt_DeriveKey($key, $CALG_AES_256)
$s = _Crypt_EncryptData($str, $hKey, $CALG_USERKEY)
$s = _Base64Encode($s)
ConsoleWrite("Encrypted: " & $s & @CRLF)
$s = _Base64Decode($s)
$str = _Crypt_DecryptData($s, $hKey, $CALG_USERKEY)
ConsoleWrite("Decrypted: " & BinaryToString($str) & @CRLF)
AutoIt Output:
Encrypted: ZFBnThUDPRuIUAPV6vx9Ng==
Decrypted: Am I welcome???
Python:
#!/usr/bin/env python
from Crypto.Cipher import AES
import base64
import binascii
BLOCK_SIZE = 16
PADDING = binascii.unhexlify(b"07")
pad = lambda s: s + (BLOCK_SIZE - len(s) % BLOCK_SIZE) * PADDING
EncodeAES = lambda c, s: base64.b64encode(c.encrypt(pad(s)))
DecodeAES = lambda c, e: c.decrypt(base64.b64decode(e)).rstrip(PADDING)
secret = 'pjqFX32pfaZaOkkCFQuYziOApaBgRE1Y'
cipher=AES.new(key=secret, mode=AES.MODE_ECB)
encoded = EncodeAES(cipher, 'Am I welcome???')
print 'Encrypted string:', encoded
decoded = DecodeAES(cipher, encoded)
print 'Decrypted string:', decoded
Python output:
Encrypted string: NDJepp4CHh5C/FZb4Vdh4w==
Decrypted string: Am I welcome???
The encrypted results are the NOT the same...
Where is my "bug"?
The problem can be solved by changing the paddings AND using a different AES implementation in AutoIt:
rijndael.au3 from here: http://www.autoitscript.com/forum/topic/44581-crypto-suite/
AutoIt:
#include <rijndael.au3>
#include <String.au3>
Global $key = "pjqFX32pfaZaOkkC";
Global $text = "Am I welcome???"
$encrypted = _StringToHex(BinaryToString(_rijndaelCipher($key, $text, 128, 0, '')))
ConsoleWrite("Encrypted: " & $encrypted & @CRLF)
$decrypted = BinaryToString(_rijndaelInvCipher($key, _HexToString($encrypted), 128, 0, ''))
ConsoleWrite("Decrypted: " & $decrypted & @CRLF)
Output:
Encrypted: A6848F1EF8C7C1313689E18567235A93
Decrypted: Am I welcome???
Python:
#!/usr/bin/env python
from Crypto.Cipher import AES
import base64
BLOCK_SIZE = 16
PADDING = chr(0)
pad = lambda s: s + (BLOCK_SIZE - len(s) % BLOCK_SIZE) * PADDING
EncodeAES = lambda c, s: base64.b16encode(c.encrypt(pad(s)))
DecodeAES = lambda c, e: c.decrypt(base64.b16decode(e)).rstrip(PADDING)
text = 'Am I welcome???'
secret = 'pjqFX32pfaZaOkkC'
cipher=AES.new(key=secret, mode=AES.MODE_ECB)
encoded = EncodeAES(cipher, text)
print 'Python Encrypted string: ', encoded
decoded = DecodeAES(cipher, encoded)
print 'Python Decrypted string: ', decoded.encode("hex")
print 'Python Decrypted string: ', decoded
myencoded = "A6848F1EF8C7C1313689E18567235A93"
print "AutoIt Result: ", myencoded
decoded = DecodeAES(cipher, myencoded)
print 'From AU Decrypted string:', decoded
mydecoded = EncodeAES(cipher, decoded)
print 'Re-Encrypted string: ', mydecoded.upper()
Output:
Python Encrypted string: A6848F1EF8C7C1313689E18567235A93
Python Decrypted string: 416d20492077656c636f6d653f3f3f
Python Decrypted string: Am I welcome???
AutoIt Result: A6848F1EF8C7C1313689E18567235A93
From AU Decrypted string: Am I welcome???
Re-Encrypted string: A6848F1EF8C7C1313689E18567235A93
Don't continue to use the base64 encoding/decoding since sending the raw binary is fine for TCP streams.