Archived Forum Post

Index of archived forum posts

Question:

Algorithm for SetSecretKeyViaPassword?

Nov 27 '12 at 20:24

Another dev in our company is using the Chilkat VisualBASIC library to encrypt strings that I need to decode. I'm using Ruby OpenSSL, and am having trouble decoding it. He is using the example almost verbatim from the examples on your website, except using aes-256-cbc instead of the 128 the example provides. The example has some comments that explain that, regarding encrypting the secret key, if its 128 bit, the MD5 hash is returned instead of the encrypted secret phrase. How will the encrypted password be determined when using aes-256-cbc? I can't seem to find it in the SDK.


Answer

If 32-bytes of key material is required (such as for 256-bit encryption), then the binary secret key is derived from the password string as follows:

1) The 1st 16 bytes is the MD5 hash of the ANSI byte representation of the password string. (This is important if a programming language uses Unicode strings -- it is not the Unicode chars (2 bytes/char) that are hashed, but the ANSI bytes (typically 1 byte/char) that is hashed.)

2) The 2nd 16 bytes is the MD5 hash of the Base64 encoded representation of the password string. (The ANSI representation of the Base64 string is hashed -- i.e. 1 byte/char).