AutoIt to Python encrypt/decrypt

Question

I am trying to communicate from AutoIt with a Python TCP server using encryption, but I think there's something wrong with my algorithms since the results of both encryptions/decryptions are different:

AutoIt:

#include <Crypt.au3>

Global $key = "pjqFX32pfaZaOkkCFQuYziOApaBgRE1Y";
Global $str = "Am I welcome???"
_Crypt_Startup()
$hKey = _Crypt_DeriveKey($key, $CALG_AES_256)
$s = _Crypt_EncryptData($str, $hKey, $CALG_USERKEY)
$s = _Base64Encode($s)
ConsoleWrite("Encrypted: " & $s & @CRLF)
$s = _Base64Decode($s)
$str = _Crypt_DecryptData($s, $hKey, $CALG_USERKEY)
ConsoleWrite("Decrypted: " & BinaryToString($str) & @CRLF)

AutoIt Output:

Encrypted: ZFBnThUDPRuIUAPV6vx9Ng==
Decrypted: Am I welcome???

Python:

#!/usr/bin/env python

from Crypto.Cipher import AES
import base64
import binascii

BLOCK_SIZE = 16

PADDING = binascii.unhexlify(b"07")

pad = lambda s: s + (BLOCK_SIZE - len(s) % BLOCK_SIZE) * PADDING

EncodeAES = lambda c, s: base64.b64encode(c.encrypt(pad(s)))
DecodeAES = lambda c, e: c.decrypt(base64.b64decode(e)).rstrip(PADDING)

secret = 'pjqFX32pfaZaOkkCFQuYziOApaBgRE1Y'
cipher=AES.new(key=secret, mode=AES.MODE_ECB)

encoded = EncodeAES(cipher, 'Am I welcome???')
print 'Encrypted string:', encoded

decoded = DecodeAES(cipher, encoded)
print 'Decrypted string:', decoded

Python output:

Encrypted string: NDJepp4CHh5C/FZb4Vdh4w==
Decrypted string: Am I welcome???

The encrypted results are the NOT the same...

Where is my "bug"?

Answer 1

The problem can be solved by changing the paddings AND using a different AES implementation in AutoIt:

rijndael.au3 from here: http://www.autoitscript.com/forum/topic/44581-crypto-suite/

AutoIt:

#include <rijndael.au3>
#include <String.au3>

Global $key = "pjqFX32pfaZaOkkC";
Global $text = "Am I welcome???"
$encrypted = _StringToHex(BinaryToString(_rijndaelCipher($key, $text, 128, 0, '')))
ConsoleWrite("Encrypted: " & $encrypted & @CRLF)
$decrypted = BinaryToString(_rijndaelInvCipher($key, _HexToString($encrypted), 128, 0, ''))
ConsoleWrite("Decrypted: " & $decrypted & @CRLF)

Output:

Encrypted: A6848F1EF8C7C1313689E18567235A93
Decrypted: Am I welcome???

Python:

#!/usr/bin/env python

from Crypto.Cipher import AES
import base64

BLOCK_SIZE = 16

PADDING = chr(0)

pad = lambda s: s + (BLOCK_SIZE - len(s) % BLOCK_SIZE) * PADDING

EncodeAES = lambda c, s: base64.b16encode(c.encrypt(pad(s)))
DecodeAES = lambda c, e: c.decrypt(base64.b16decode(e)).rstrip(PADDING)

text = 'Am I welcome???'
secret = 'pjqFX32pfaZaOkkC'

cipher=AES.new(key=secret, mode=AES.MODE_ECB)

encoded = EncodeAES(cipher, text)
print 'Python Encrypted string: ', encoded

decoded = DecodeAES(cipher, encoded)
print 'Python Decrypted string: ', decoded.encode("hex")
print 'Python Decrypted string: ', decoded

myencoded = "A6848F1EF8C7C1313689E18567235A93"
print "AutoIt Result:           ", myencoded
decoded = DecodeAES(cipher, myencoded)
print 'From AU Decrypted string:', decoded
mydecoded = EncodeAES(cipher, decoded)
print 'Re-Encrypted string:     ', mydecoded.upper()

Output:

Python Encrypted string:  A6848F1EF8C7C1313689E18567235A93
Python Decrypted string:  416d20492077656c636f6d653f3f3f
Python Decrypted string:  Am I welcome???
AutoIt Result:            A6848F1EF8C7C1313689E18567235A93
From AU Decrypted string: Am I welcome???
Re-Encrypted string:      A6848F1EF8C7C1313689E18567235A93

Don't continue to use the base64 encoding/decoding since sending the raw binary is fine for TCP streams.