I’ve managed to get AES/Rijndael [256bit key / 128bit block size] symmetric encryption working: encrypt with pycrypto and decrypting with Botan in C++.

However, when I try to base64 encode the encryption result in python, the resulting string is shorter than the same string generated by Botan using a Base64_Encoder. Example:

Botan Base64:

zjjxmJf5KPs183I/EvC+JuNbOdmbm4bWyhLsdZI8fuVUnKQAeSj0ivmKIYu7HBjM7gLgLV+xtSKcsCeQD7Gy4w==

Py-3k Base64:

zjjxmJf5KPs183I/EvC+JuNbOdmbm4bWyhLsdZI8fuVUnKQAeSj0ivmKIYu7HBjM

You can see that the strings are exactly the same up until the 64 character mark. If I try to decrypt the Python base64 string in Botan it complains about “not enough input”.

How do I get the Python base64 string to be acceptable by Botan?

— EDIT —
When decoding the Botan base64 encoded string in Python:

Botan Decoded:[b'\xce8\xf1\x98\x97\xf9(\xfb5\xf3r?\x12\xf0\xbe&\xe3[9\xd9\x9b\x9b\x86\xd6\xca\x12\xecu\x92<~\xe5T\x9c\xa4\x00y(\xf4\x8a\xf9\x8a!\x8b\xbb\x1c\x18\xcc\xee\x02\xe0-_\xb1\xb5"\x9c\xb0\'\x90\x0f\xb1\xb2\xe3']
Botan Encoded:[b'zjjxmJf5KPs183I/EvC+JuNbOdmbm4bWyhLsdZI8fuVUnKQAeSj0ivmKIYu7HBjM7gLgLV+xtSKcsCeQD7Gy4w==']

Thus, the Python pycrypto result:

Encryption result: b'\xce8\xf1\x98\x97\xf9(\xfb5\xf3r?\x12\xf0\xbe&\xe3[9\xd9\x9b\x9b\x86\xd6\xca\x12\xecu\x92<~\xe5T\x9c\xa4\x00y(\xf4\x8a\xf9\x8a!\x8b\xbb\x1c\x18\xcc'

Base64 encoded: b'zjjxmJf5KPs183I/EvC+JuNbOdmbm4bWyhLsdZI8fuVUnKQAeSj0ivmKIYu7HBjM

Python seems to be “omitting” something. But what?

— EDIT 2 —

When I try to base64decode & decrypt the pycrypto result, Botan throws this:

Botan exception caught: Buffered_Operation::final - not enough input

So pycrypto is not producing “enough” output such that it can be decrypted by Botan.

— EDIT 3 —
Code examples:

Python: changed sensitive info.

import sys
import base64
import binascii
from Crypto.Cipher import AES

plaintext = "097807897-340284-083-08-8034-0843324890098324948"

hex_key = b'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
key = binascii.unhexlify( hex_key )
hex_iv = b'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
iv = binascii.unhexlify( hex_iv )

aes_enc_bytes = AES.new(key, AES.MODE_CBC, iv).encrypt( plaintext )
aes_enc = base64.encodebytes(aes_enc_bytes )

print( "Encrypted:[{}]".format( aes_enc ) )

aes_dec = AES.new(key, AES.MODE_CBC, iv).decrypt( binascii.a2b_base64( aes_enc ) )
print( "Decrypted:[{}]".format( aes_dec ) )

C++ (Qt + Botan)

void botanDecryptor::decrypt()
{
    Botan::SymmetricKey key( private_key );
    Botan::InitializationVector iv( iv_value );
    try
    {
        // Now decrypt...
        Botan::Pipe dec_pipe(new Base64_Decoder, get_cipher("AES-256/CBC", key, iv, Botan::DECRYPTION));

        dec_pipe.process_msg( ciphertext );

        string decrypted = dec_pipe.read_all_as_string();

        cout << "Decrypted:[" << decrypted << "]" << endl;
    }
    catch(Botan::Exception& e)
    {
        cout << "Botan exception caught: " << e.what() << endl;
        return;
    }

— EDIT 4 —

I decided to try and decrypt the Botan encrypted, base64 encoded string in python and it worked, but it added a bunch of what looks like padding:

Decrypted:[b'097807897-340284-083-08-8034-0843324890098324948\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10\x10']

I then proceeded to add that padding to my pycrypto result before base64 encoding to produce the following, which Botan refuses to decrypt ;(

zjjxmJf5KPs183I/EvC+JuNbOdmbm4bWyhLsdZI8fuVUnKQAeSj0ivmKIYu7HBjMEBAQEBAQEBAQ\nEBAQEBAQEA==

— ANSWER —
(system wouldn’t allow me to self answer for another 5 hours!)

I’ve finally schlepped through all the documentation and found the answer! One needs to specify what padding method is to be used for the mode. I specified NoPadding e.g.

Pipe dec_pipe(new Base64_Decoder, get_cipher("AES-256/CBC/NoPadding", key, iv, Botan::DECRYPTION));

and viola! The output matches the pycrypto exactly. For reference: [http://botan.randombit.net/filters.html][1]

[1]: Botan Docs: Cipher Filters