[pycrypto] Why does PyCrypto not produce the same ciphertext as OpenSSL in this example (AES-128 ECB)

Richard Moore richmoore44 at gmail.com
Sat Feb 21 07:38:05 PST 2015


On 21 February 2015 at 15:08, James McMurray <jamesmcm03 at gmail.com> wrote:

> Hi,
>
> If I run the following, for openSSL:
>
> echo -n "0123456789abcdef0123456789abcdef" | openssl aes-128-ecb
> -nosalt -nopad | xxd
>
> and enter the key "YELLOW SUBMARINE", I get the following ciphertext:
>
> a2a5 8316 129f c596 8341 c78a 0c36 5d20
> a2a5 8316 129f c596 8341 c78a 0c36 5d20
>
> Yet in PyCrypto, the following code:
>
> from Crypto.Cipher import AES
> key = b'YELLOW SUBMARINE'
> cipher = AES.new(key, AES.MODE_ECB, "")
> msg =  cipher.encrypt(b'0123456789abcdef0123456789abcdef')
>
> Outputs:
>
> 20 1e 80 2f 7b 6a ce 6f 6c d0 a7 43 ba 78 ae ad
> 20 1e 80 2f 7b 6a ce 6f 6c d0 a7 43 ba 78 ae ad
>
> (line breaks added for clarity)
>
> What is the cause of this discrepancy? Both are 128-bit AES in ECB
> mode. PyCrypto doesn't appear to be salting, and padding should be
> unnecessary in any case with this plaintext.
>

OpenSSL doesn't use the passphrase directly, it applies a key derivation
function to it. Use -K to specify a key explicitly (as a string of hex).

Cheers

Rich.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dlitz.net/pipermail/pycrypto/attachments/20150221/b45aefe1/attachment.html>


More information about the pycrypto mailing list