Skip to content

Instantly share code, notes, and snippets.

Created March 22, 2014 00:58
What would you like to do?
Use PKCS5_PBKDF2_HMAC_SHA1 from widthin Lua to decrypt aes128 with several roundtrips
functions = {}
aes = require("resty.aes")
local ffi = require "ffi"
int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
const unsigned char *salt, int saltlen, int iter,
int keylen, unsigned char *out);
local kCCKeySizeAES128 = 16
local kRoundTrips = 5000
function functions.decrypt_aes(password, salt, iv, payload)
-- Generate the Key
local buf ="unsigned char[?]", 16)
ffi.C.PKCS5_PBKDF2_HMAC_SHA1(password, #password, salt, #salt, kRoundTrips, kCCKeySizeAES128, buf)
local key = ffi.string(buf, ffi.sizeof(buf))
-- Decrypt the data
local cipher = aes.cipher(128, nil)
local data, err =, key, nil, cipher, {iv = iv,}, nil)
if err ~= nil then
return nil, err
return aes.decrypt(data, payload)
return functions
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment