通过 OpenSSL 解密字符串

Question

My goal is to decrypt a base64 encoded string.

Running the command fully works:

openssl enc -base64 -d -aes-128-cbc -iv '{iv}' -K {hex_key} <<< {hex_enc_password}

I'd like to do the exact same via the C api. I know there're many similar questions on stackoverflow, but nothing seems to work for me, so I kindly ask you not to flag this as duplicate.

Info:

• hex_enc_password is base64 encoded

• hex_key is a string as byte-string (via hexlify()) (example: 0x1a,0xc4 -> "1ac4")

My current Code:

char* key = "lbzA54tAAg3E/jPxiJc34e==";
unsigned char *hex_key = hexlify(key);

char encrypted[] = {0x3d,0xd2,0x02,0xc3,0xae,0x1e,0xf5,0x7e,0x33,0xc3,0x1d,0x7b,0x1e,0x48,0x73,0x84};
size_t output_length;
unsigned char *hex_enc_password = base64_encode(encrypted, sizeof(encrypted), &output_length);

decrypt(hex_enc_password, strlen(hex_enc_password),hex_key, iv);

char* decrypt(unsigned char *ciphertext, int ciphertext_len, unsigned char *key, unsigned char *iv ) {
    int outLen1 = 0; int outLen2 = 0;
    unsigned char *outdata = malloc(ciphertext_len+1);
    bzero(outdata, ciphertext_len+1);
    //setup decryption
    EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
    EVP_DecryptInit(ctx,EVP_aes_128_cbc(),key,iv);                     //returns 1
    EVP_DecryptUpdate(ctx,outdata,&outLen1,ciphertext,ciphertext_len); //returns 1
    EVP_DecryptFinal(ctx,outdata + outLen1,&outLen2);                  //returns 0

    return outdata;
}

Any ideas what could be wrong?

Answer 1

I finally got it to work. As described in the comments above, nothing should be encoded in base64. Calling the command line binary with the -base64 simply makes openssl decode it before continuing. Same goes for hexlifying, just skip that.

Everything besides that should be the same as above.