Chilkat - AES Encryption

Am using “Chilkat - AES Encryption”
crypt.CipherMode = “cbc”
crypt.KeyLength = 256
crypt.EncodingMode = “hex”

My String is “MANIKANDANNAGAMO”
I get Encrypted string from Chilkat as “99E99E698CB4EAAEAFD0D8A5B52A468F4F7C0A67A7C31F28F07D33D9B9DCD91C

But when I try in “http://aes.online-domain-tools.com/
I get output as “99E99E698CB4EAAEAFD0D8A5B52A468F”

Its look like exactly 32byte added (which is bold) in Chilkat method.
Can anyone advice?

Likely the padding.

AES/cbc, like similar cyphers, works on blocks of a fixed size (16). To ensure the right length, padding is added to the last block using one of three main techniques, and that has to be known when decrypting:

  1. Nulls. Nulls are added to the last block bring it up to the required length. After decryption, the nulls are stripped. This is likely the method being used by the online tool.
  2. Nulls with count. Nulls are added with a count of the padding. For example, if the last block required 5 additional bytes, this padding would add 00 00 00 00 05.
  3. PKCS. This is the most popular and adds the count repeated count times. In the example above, the padding would be 05 05 05 05 05.

Take a look at my M_Crypto module. It implements AES (among other things) and comes with a tool that will let you try different encryptions with various options. That should be able to tell you exactly what options Chilkat is using. (Or you can use the package instead for pure Xojo code.) Based on your post, I’d say Chilkat is doing it correctly, but you didn’t post the password you used so I cannot confirm directly.

Finally, I gave a talk on encryption at XDC, and that video is online. Although it relates to databases, it starts with an explainer of encryption terms.

https://www.youtube.com/watch?v=JxrT-Z6r2y0

Hi Kem!
Do you think it is posible to use your module to make a replacement of this MBS function?
https://www.monkeybreadsoftware.net/example-encryption-aes-aes256textencryption.shtml

If yes, could you post an example?
Thanks

I didn’t include CFB mode (although I could), so you’d have to use CBC, and including a hash of the plaintext is not recommended as it would allow someone to brute-force the plain text, bypassing the encryption entirely.

Otherwise, sure.

The project itself comes with examples of how to use it.

FYI, I just added CFB and OFB modes to my M_Crypto module.

https://github.com/ktekinay/M_Crypto

Also FYI, the output from the web site mentioned in the original post is wrong for those modes, so I wouldn’t trust it for any modes.

1 Like