I’m currently investigating a piece of software which encrypts it’s files with AES-128-CBC.
From disassembly it is truly known that the algorithm used is correct (log messages plus calls to the BCrypt library).
The key and IV are static and stored within the executable as a blob of 96 bytes, which is split using a set of XOR loops into 2 blobs of 16 bytes — one for the key, and one for the IV.
I have been able to reproduce the same algorithm and acquire both the key and the IV.
However, when I try to use the acquired data to decrypt the file, either using tiny-aes or the OpenSSL command line tool, I get a piece of the correct decrypted header for the file, containing human-readable text at that, but further just a bunch of zero bytes, and then seemingly the original encrypted data again.
Reading up about CBC on Wikipedia leads to the fact that:
Decrypting with the incorrect IV causes the first block of plaintext to be corrupt but subsequent plaintext blocks will be correct.
However, this seems to be the exactly inverse in my case. Moreover, even if I set the IV to all zeros during decryption, I still get the header, but not the further data.
Am I missing a critical point in how to apply the algorithm properly? Or may it be that the implementation in Windows BCrypt differs from tinyAES and OpenSSL on Linux?