Help with crypto module - crypto_one_time method - (ArgumentError) argument error Issue

Hi Everyone,

Any help will be really appreciated!

I am new to elixir and was trying the crypto module for aes_128_cbc but facing issue

not sure why for eg. string “Hello” - it gives argument error while decryption and for large string eg. “testing the aes_cbc_128 encryption logic” first few words are getting dropped.

encryption process needs to be iv + plaintext with secret_key in AES 128 CBC mode and decrypt with the same secret_key.

sample I/O -

iex(5)> Aes.encrypt("hello")
"Wz0sXikhrijDsYjzz3AhnQ=="
iex(6)> Aes.decrypt("Wz0sXikhrijDsYjzz3AhnQ==")
** (ArgumentError) argument error

iex(6)> Aes.encrypt("testing the aes_cbc_128 encryption logic")
"R9OxXtbhEyyklWxGc6dffsUkXvQVTHnAeBhlSJgQ8nFpOlEYm2fMJuDAhXSKDEa8"
iex(7)> Aes.decrypt("R9OxXtbhEyyklWxGc6dffsUkXvQVTHnAeBhlSJgQ8nFpOlEYm2fMJuDAhXSKDEa8")
"cbc_128 encryption logic"
iex(8)> 

Erlang/OTP 23 [erts-11.1.8]
Interactive Elixir (1.9.1)

–Below is the code snippet for the same

defmodule Aes do
  # Use AES 128 Bit Keys for Encryption.
  @block_size 16

  def encrypt(plaintext) do
    # create random Initialisation Vector
    iv = :crypto.strong_rand_bytes(16)
    # sample secret_key is a 32 bit hex string 
    secret_key = Base.decode16!("548F11DE7F4393EAC0BB2391797AF7B5")
    plaintext = pad(plaintext, @block_size)
    encrypted_text = :crypto.crypto_one_time(:aes_128_cbc, secret_key, iv, plaintext, true )
    :base64.encode(encrypted_text)
  end

  def decrypt(ciphertext) do
    secret_key = Base.decode16!("548F11DE7F4393EAC0BB2391797AF7B5")
    ciphertext = :base64.decode(ciphertext)
    <<iv::binary-16, ciphertext::binary>> = ciphertext
    decrypted_text = :crypto.crypto_one_time(:aes_128_cbc, secret_key, iv, ciphertext, false )
    unpad(decrypted_text)
  end

  def unpad(data) do
    to_remove = :binary.last(data)
    :binary.part(data, 0, byte_size(data) - to_remove)
  end

# PKCS5Padding
  def pad(data, block_size) do
    to_add = block_size - rem(byte_size(data), block_size)
    data <> :binary.copy(<<to_add>>, to_add)
  end
end

Thanks!
Niranjan

1 Like

I might missremember things, though :crypto.crypto_one_time/4,5 does not carry the iv in the result.

You need to prepend it manually if you want to have it part of the message.

5 Likes

Thanks a Lot @NobbZ - Solution worked as expected.

The updated code snippet I used -

def encrypt(plaintext) do
    # create random Initialisation Vector
    iv = :crypto.strong_rand_bytes(16)
    # sample secret_key is a 32 bit hex string 
    secret_key = Base.decode16!("548F11DE7F4393EAC0BB2391797AF7B5")
    plaintext = pad(plaintext, @block_size)
    encrypted_text = :crypto.crypto_one_time(:aes_128_cbc, secret_key, iv, plaintext, true )
    encrypted_text = ( iv <>  encrypted_text )
    :base64.encode(encrypted_text)
  end

before base64’ing I concatenated with IV.
Thanks,
Niranjan

2 Likes

Hi,
I am trying out the same function :crypto.crypto_one_time/5 however, i am getting an error

(UndefinedFunctionError) function :crypto.crypto_one_time/5 is undefined or private

I cant quite see whats missing

@McTheels Please check if you are using Erlang version 23 and above - crypto_one_time/5 is supported in this version .

1 Like

Thank you @Niranjan , update OTP solved the issue.
On that note:
I have a symmetric key that i generate using aes_256_key= ExCrypto.generate_aes_key(:aes_256,:bytes), I use ExPublicKey.encrypt_public(aes_256_key, rsa_pub_key) to encrypt the result. However i need to return the result within a maximum byte size of 256,but each time, it exceeds this size.
Any ideas how i can attend to this?

Thanks!