This doesn't seem to be working, at least not for decrypting the filename. I haven't tried decrypting the data, yet.
I've got a file named
test.txt encrypted with the password
password123. The resulting filename is
This decodes to the 41 byte string
The first byte (
0x31) is always the same no matter what file I've encrypted, so it appears to be the 8-bit version information.
The remaining 40 bytes should contain the salt (8 bytes), IV (16 bytes), and ciphertext (16 bytes in this case), which adds up to 40 bytes. So far so good.
Using PBKDF2 with the password (
password123), the salt (
0xa522f02f1814d84d), 5000 iterations, a key length of 16 bytes, and HMAC-SHA256, I get the key
Using AES-256-CBC with the key and IV to decrypt the ciphertext (
0x1d5197825ab871eb8eb4cca3493da681) I get the plaintext
You can see three issues with this plaintext:
- It doesn't begin with four zero-value bytes (
- It doesn't have valid padding. Since the length of the zero-value bytes is 4 and the length of
test.txt is 8 for a total plaintext length of 12, there should be four bytes of padding (
- It doesn't contain the original filename
The padded plaintext should be
You can find the code I used to test this at https://gist.github.com/jordanbtucker/40be224bf48f28e807d51ba56a50e45e