[Gambas-user] What is equivalent of -nosalt in gambas gb.openssl

T Lee Davidson t.lee.davidson at gmail.com
Wed Apr 8 19:11:24 CEST 2020 

On 4/8/20 3:08 AM, Safiur Rahman wrote:
> How can I get the following command using gb.openssl
> Shell "echo abc | openssl enc -aes-256-cbc -nosalt -pass pass:password | base64"
> 
> Safiur Rahman
> 

I am certainly no expert on this. But, as far as I can tell, you can't - at least not as simply especially given that the 
component currently has no EVP_BytesToKey method.

The documentation does not specify, so I have to assume that to generate a cipher with no salt, we use the .Encrypt method. This 
means that the Key and Initialization Vector must be separately generated and provided.

Here is a short test* that I worked up rather quickly so it may have algorithm bugs:
' Gambas module file

Public Sub Main()

   Dim CipherMethod As String = "AES-256-CBC"
   Dim Pass As String = "password"
   Dim KeyAndIv As Collection
   Dim sCipher As String

   KeyAndIv = BytesToKey(CipherMethod, Pass)
   sCipher = Cipher[CipherMethod].Encrypt("abc", KeyAndIv["key"], KeyAndIv["iv"]).Cipher
   Print Base64(sCipher)

End

Public Sub BytesToKey(Method As String, Pass As String) As Collection

   Dim KeyLength, IvLength As Integer
   Dim CurrentHash, HashList As String

   KeyLength = Cipher[Method].KeyLength
   IvLength = Cipher[Method].IvLength

   CurrentHash = Digest["sha256"](Pass)
   HashList = CurrentHash

   While Len(HashList) < KeyLength + IvLength
     CurrentHash = Digest["sha256"](CurrentHash & Pass)
     HashList &= CurrentHash
   Wend

   Return ["key": Left(HashList, KeyLength), "iv": Mid(HashList, KeyLength + 1, IvLength)]

End

It doesn't produce the same results as the openssl command line version, but it's results are consistent.


* The BytesToKey function is adapted and simplified from 
https://stackoverflow.com/questions/8008253/c-sharp-version-of-openssl-evp-bytestokey-method/8011654#8011654

See also:
https://github.com/openssl/openssl/blob/b96dba9e5ec7afc355be1eab915f69c8c0d51741/crypto/evp/evp_key.c#L74
https://linux.die.net/man/3/evp_bytestokey


-- 
Lee

More information about the User mailing list