We are talking about AES. I have had encrypted files created in version 4.3.3 for a long time. And they are perfectly decrypted in the same version. But if I update to version 5.0, these files are no longer decrypted. I use the same parameters, including the key from version 4.3.3. But if I create new files in version 5.0, then version 5.0 successfully decrypts them. Why do files created in version 4.3.3. not want to be decrypted by version 5.0? Are they not compatible? The encryption parameters are completely identical.
Hi, it should be fully interoperable. Can you provide some code?
The example is very simple. If you simply encrypt a text file in an application made on version 4.3, and try to decrypt it in the application 5.0, then nothing works. I am attaching the code and the created applications.
Test_AES.zip (86.4 KB)
Project_aes5.zip (3.5 MB)
Project1_aes4.3.zip (3.6 MB)
Hi, to keep you posted, there is a key conversion issue that messes up the cryptogram between the two versions. I fail to understand why but am working on it.
Can you try this?
tmsAES50.zip (3.5 MB)
It seems to have worked!It seems to have worked! The decrypted text on version 5, previously encrypted in version 4, is readable.
But there is a question. If I look at the encrypted files with a simple notepad, they are different. Is this normal?
Good news!
The files are different because the Initialization Vector (IV) is randomly generated. The fist 16 bytes of the file are different each time and then the rest of the file is different because the first 16 bytes of the text are XORed with the IV and so on. In the end, the entire content is different. And that is on purpose to thwart dictionnary attacks.
The bug in V5 was not with the key format as I thought but with the encryption mode. The CBC mode was not passed to the AES engine (in AEScore) and set to ECB by default. So it was not possible to decrypt an ECB encrypted file (that makes no sense BTW) in the CBC mode.
My mistake and fixed now.
I will issue a new version soon with 2 fixes : this one and another to ensure RSA encryption/decryption/signature/verification interoperability with openSSL and mbedTLS.
Excellent! Thank you, I will wait for the update!
Version 5.0.1.0 beta is available for registered users.