M2Crypto doesn't work like openssl for AES-128 CBC

Question

I have a simple python script

import binascii
import M2Crypto

data = 'my super secret text to encrypt'
print 'secret data: ', data
key = '\0' * 16
iv = key
key_iv_as_hex = binascii.b2a_hex(key)
print 'hex representation of key/iv: ', key_iv_as_hex

ENC = 1  # means we are encrypting
cipher_enc = M2Crypto.EVP.Cipher(alg='aes_128_cbc', key=key, iv=iv, op=ENC)
v1 = cipher_enc.update(data)
v1 = v1 + cipher_enc.final()
encrypted_data_as_base64 = binascii.b2a_base64(v1)
print 'encrypted base64 data: ', encrypted_data_as_base64

The result is:

secret data:  my super secret text to encrypt
hex representation of key/iv:  00000000000000000000000000000000
encrypted base64 data:  SorHWZBvmWq0cH1QRmsoGo/nYzukotB/Jheg20AKk/w=

When I encrypt the same string using openssl command-line tool I get different encrypted data:

echo 'my super secret text to encrypt' >> in.txt
openssl enc -aes-128-cbc -e -in in.txt -out out.txt -a -K 00000000000000000000000000000000 -iv 00000000000000000000000000000000
cat out.txt 
SorHWZBvmWq0cH1QRmsoGkPiuRPIkAGD4BHv3Hu1X7/nO9pH2TulXHRZ7gFgEDFn

Why my super secret text to encrypt becomes SorHWZBvmWq0cH1QRmsoGo/nYzukotB/Jheg20AKk/w= in Python script and becomes SorHWZBvmWq0cH1QRmsoGkPiuRPIkAGD4BHv3Hu1X7/nO9pH2TulXHRZ7gFgEDFn when openssl command-line tool is used? I also can't decode data encoded by openssl in python script.

What do I do wrong?

Answer 1

You may not have done anything wrong. You are not using OpenSSL API's directly but command. This command may have done something extra that is why your output is different.

OpenSSL may have added some salt to your encrypted data and then decoded it.

To verify, do the following

1. Do base64 decoding in OpenSSL data and MCrypto data.
2. See if they are entirely different or matches at some point. They may differ significantly as OpenSSL may have added.

Try to encrypt the data with OpenSSL EVP_* interfaces.

This question also might help you.