Decrypt in Golang what was encrypted in Python AES CFB

Question

Based on the Golang documentation on CFB decryption I wrote a minimal working example to decrypt a string that was encrypted with AES CFB and then base 64 encoded in python3.

The golang decryption works fine when the message was encrypted within Golang (with the encryption function from the Golang doc example). However when I encrypt the message in a python script using the python crypto package, I am unable to decrypt it in the golang script successfully. I don't get the right bytes back.

$ python3 stack.py 
Going to encrypt and base64 "This is not encrypted" result:
b'jf9A5LCxKWPuNb1XiH+G3APAgR//'

Now going to call the Golang script:
b'Hello from Golang, going to decrypt: jf9A5LCxKWPuNb1XiH+G3APAgR//
Result:  Tl!\xca/\xf1\xc0\xb2\xd01Y\x02V\xec\xdf\xecy\xd38&\xd9\n'

Blocksize is 16 by default for both AES implementations.

So the question: What is going wrong?

Golang script:

package main

import (
    "crypto/aes"
    "crypto/cipher"
    "encoding/base64"
    "fmt"
    "os"

)

func main() {
    key := []byte("TfvY7I358yospfWKcoviZizOShpm5hyH")
    iv := []byte("mb13KcoviZizvYhp")
    payload_python := os.Args[1]

    fmt.Println("Hello from Golang, going to decrypt: "+payload_python+" Result: "+string(decrypt(key, payload_python, iv)))
}


func decrypt(key []byte, cryptoText string, iv []byte) []byte {
    ciphertext, _ := base64.StdEncoding.DecodeString(cryptoText)    //decode base64 coding

    //prepare decryption based on key and iv
    block, _ := aes.NewCipher(key)
    stream := cipher.NewCFBDecrypter(block, iv)

    //decrypt
    stream.XORKeyStream(ciphertext, ciphertext)

    return ciphertext
}

Python script:

 #!/usr/bin/env python3
import base64
from Crypto.Cipher import AES
from subprocess import check_output


original_message = 'This is not encrypted'

key = 'TfvY7I358yospfWKcoviZizOShpm5hyH'
iv = 'mb13KcoviZizvYhp'

#prepare encryption
cfb_cipher_encrypt = AES.new(key, AES.MODE_CFB, iv)
#encrypt and base64 encode
encryptedpayload = base64.b64encode(cfb_cipher_encrypt.encrypt(original_message))

print('Going to encrypt and base64 "{}" result:\n{}\n'.format(original_message,encryptedpayload))

print('Now going to call the Golang script:')
print(check_output('go run stack.go {}'.format(encryptedpayload.decode()),shell=True))

Answer 1

Try encrypting from Python like this.

The result can then be unencrypted from Go successfully.

 #!/usr/bin/env python3
import base64
from Crypto.Cipher import AES

MODE = AES.MODE_CFB
BLOCK_SIZE = 16
SEGMENT_SIZE = 128

def _pad_string(value):
    length = len(value)
    pad_size = BLOCK_SIZE - (length % BLOCK_SIZE)
    return value.ljust(length + pad_size, '\x00')

def encrypt(key, iv, plaintext):
    aes = AES.new(key, MODE, iv, segment_size=SEGMENT_SIZE)
    plaintext = _pad_string(plaintext)
    encrypted_text = aes.encrypt(plaintext)
    return encrypted_text

key = 'TfvY7I358yospfWKcoviZizOShpm5hyH'
iv = 'mb13KcoviZizvYhp'
original_message = 'This is not encrypted'

encryptedpayload = base64.b64encode(encrypt(key, iv, original_message))

print('Going to encrypt and base64 "{}" result:\n{}\n'.format(original_message,encryptedpayload))

Source: http://chase-seibert.github.io/blog/2016/01/29/cryptojs-pycrypto-ios-aes256.html