m2crypto aes-256-cbc not working against encoded openssl files.

Posted by Gary on Stack Overflow See other posts from Stack Overflow or by Gary
Published on 2010-05-13T22:52:53Z Indexed on 2010/05/14 17:54 UTC
Read the original article Hit count: 337

Filed under:

m2crypto

$ echo 'this is text' > text.1
$ openssl enc -aes-256-cbc -a -k "thisisapassword" -in text.1 -out text.enc
$ openssl enc -d -aes-256-cbc -a -k "thisisapassword" -in text.enc -out text.2
$ cat text.2
this is text

I can do this with openssl. Now, how do I do the same in m2crypto. Documentation is lacking this. I looked at the snv test cases, still nothing there. I found one sample, http://passingcuriosity.com/2009/aes-encryption-in-python-with-m2crypto/ (changed to aes_256_cbc), and it will encrypted/descrypt it's own strings, but it cannot decrypt anything made with openssl, and anything it encrypts isn't decryptable from openssl.

I need to be able enc/dec with aes-256-cbc as have many files already encrypted with this and we have many other systems in place that also handle the aes-256-cbc output just fine.

We use password phrases only, with no IV. So setting the IV to \0 * 16 makes sense, but I'm not sure if this is also part of the problem.

Anyone have any working samples of doing AES 256 that is compatible with m2crypto?

I will also be trying some additional libraries and seeing if they work any better.

Related posts about m2crypto

socket.setdefaulttimeout interacting with M2Crypto connection

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello - I'm making a secure SSL connection to a server using python and M2Crypto. See code below. from M2Crypto import SSL, m2,x509 from M2Crypto.m2xmlrpclib import Server, SSL_Tranport ctx = SSL.Context() m2.ssl_ctx_use_pkey_privkey(ctx.ctx,myKey.pkey) m2.ssl_ctx_use_x509(ctx.ctx,myCert.x509) server… >>> More
How do I use m2crypto to validate a X509 certificate chain in a non-SSL setting

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm trying to figure out how to, using m2crypto, validate the chain of trust from a public key version of a X509 certificate back to one of a set of known root CA's when the chain may be arbitrarily long. The SSL.Context module looks promising except that I'm not doing this in the context of a SSL… >>> More
How to digitally sign a message with M2Crypto using the keys within a DER format certificate

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi everyone. I am working on a project to implement digital signatures of outgoing messages and decided to use M2Crypto for that. I have a certificate (in DER format) from which I extract the keys to sign the message. For some reason I keep getting an ugly segmentation fault error when I call the… >>> More
s/mime v3 with M2Crypto

as seen on Stack Overflow - Search for 'Stack Overflow'
Dear list, I would like to send a mail with a s/mime v3 attachment through SMTP. The excellent HOWTO below describes the procedure in detail for s/mime v2. http://sandbox.rulemaker.net/ngps/m2/howto.smime.html I would greatly appreciate any help in doing the same for s/mime v3. Arye. >>> More
M2Crypto RSA.gen_key - feed a password from Python code

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, RSA.gen_key function always asks for password when it's used to generate keys. Is there a way to feed it the password from the python code instead of typing it manually? Thanks, -R >>> More

Developer IT