Implementation of AES as used by https://aesencryption.net

aes.py

#!/usr/bin/env python3
# -*- coding: utf-8 -*-
#
# (c) 2020 Bernd Busse
#
"""Implementation of AES as used by https://aesencryption.net."""

import base64
import sys

from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.ciphers import Cipher
from cryptography.hazmat.primitives.ciphers.algorithms import AES
from cryptography.hazmat.primitives.ciphers.modes import CBC


AES_IV = b'\x31\x32\x33\x34\x35\x36\x37\x38\x62\x30\x7a\x32\x33\x34\x35\x6e'


class EncryptionError(RuntimeError):
    pass


class DecryptionError(RuntimeError):
    pass


def usage(executable):
    sys.stderr.write("usage: {} -e KEY KEYSIZE TEXT\n".format(executable))
    sys.stderr.write("       {} -d KEY KEYSIZE CIPHER\n".format(executable))
    sys.stderr.flush()


def encrypt(password, message, keysize=128):
    if keysize not in (128, 192, 256):
        raise EncryptionError(
                "Invalid key size: {} must be one of (128, 192, 256)"
                .format(keysize))

    aes_key = (password + '\0' * ((keysize // 8) - len(password))).encode("utf-8")
    cipher = Cipher(algorithm=AES(aes_key[:(keysize // 8)]),
                    mode=CBC(AES_IV),
                    backend=default_backend())
    cipher = cipher.encryptor()

    count = 16 - (len(message) % 16)
    c_text = cipher.update(message.encode("utf-8")) + \
        cipher.update(count * bytes([count])) + \
        cipher.finalize()

    try:
        return base64.b64encode(c_text).decode("utf-8")
    except UnicodeDecodeError:
        return base64.b64encode(c_text)


def decrypt(password, ciphertext, keysize=128):
    if keysize not in (128, 192, 256):
        raise DecryptionError(
                "Invalid key size: {} must be one of (128, 192, 256)"
                .format(keysize))

    aes_key = (password + '\0' * ((keysize // 8) - len(password))).encode("utf-8")
    cipher = Cipher(algorithm=AES(aes_key[:(keysize // 8)]),
                    mode=CBC(AES_IV),
                    backend=default_backend())
    cipher = cipher.decryptor()

    message = cipher.update(base64.b64decode(ciphertext)) + cipher.finalize()
    message = message[:-message[-1]]

    try:
        return message.decode("utf-8")
    except UnicodeDecodeError:
        return message


if __name__ == "__main__":
    if len(sys.argv) != 5:
        usage(sys.argv[0])
        exit(1)

    if sys.argv[1] == "-e":
        # Run encryption
        cipher = encrypt(sys.argv[2], sys.argv[4], keysize=int(sys.argv[3]))
        print("Ciphertext: {:s}".format(cipher))
    elif sys.argv[1] == "-d":
        # Run decryption
        plain = decrypt(sys.argv[2], sys.argv[4], keysize=int(sys.argv[3]))
        print("Plaintext: {:s}".format(plain))
    else:
        usage(sys.argv[0])
        exit(1)

How on earth did you derive the IV? The code on the site says it's '1234567890123456' but yours is clearly correct.

Through the magic of the CBC mode:

• When decrypting the first ciphertext block, the IV is XOR-ed onto the output of the block cipher, yielding the plaintext.
• Given we can use the site as an oracle to generate the ciphertext for a known plaintext and key, we can calculate the output of the block cipher in ECB mode with the same ciphertext and key.
• Since we now know two inputs to the XOR function (output of block cipher and plaintext) we can calculate the third value which is the IV in this case.