Java encode and .NET decode - c#

The encryption is in java:
String salt = "DC14DBE5F917C7D03C02CD5ADB88FA41";
String password = "25623F17-0027-3B82-BB4B-B7DD60DCDC9B";
char[] passwordChars = new char[password.length()];
password.getChars(0,password.length(), passwordChars, 0);
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
KeySpec spec = new PBEKeySpec(passwordChars, salt.getBytes(), 2, 256);
SecretKey sKey = factory.generateSecret(spec);
byte[] raw = _sKey.getEncoded();
String toEncrypt = "The text to be encrypted.";
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
cipher.init(Cipher.ENCRYPT_MODE, skey);
AlgorithmParameters params = cipher.getParameters();
byte[] initVector = params.getParameterSpec(IvParameterSpec.class).getIV();
byte[] encryptedBytes = cipher.doFinal(toEncrypt.getBytes());
While the decryption is in c#:
string hashAlgorithm = "SHA1";
int passwordIterations = 2;
int keySize = 256;
byte[] saltValueBytes = Encoding.ASCII.GetBytes( salt );
byte[] cipherTextBytes = Convert.FromBase64String( cipherText );
PasswordDeriveBytes passwordDB = new PasswordDeriveBytes(password, saltValueBytes, hashAlgorithm passwordIterations );
byte[] keyBytes = passwordDB.GetBytes( keySize / 8 );
RijndaelManaged symmetricKey = new RijndaelManaged();
symmetricKey.Mode = CipherMode.CBC;
ICryptoTransform decryptor = symmetricKey.CreateDecryptor( keyBytes, initVector );
MemoryStream memoryStream = new MemoryStream( cipherTextBytes );
CryptoStream cryptoStream = new CryptoStream( memoryStream, decryptor, CryptoStreamMode.Read );
byte[] plainTextBytes = new byte[ cipherTextBytes.Length ];
int decryptedByteCount = cryptoStream.Read( plainTextBytes, 0, plainTextBytes.Length );
memoryStream.Close();
cryptoStream.Close();
string plainText = Encoding.UTF8.GetString( plainTextBytes, 0, decryptedByteCount );
The decryption failed with exception "Padding is invalid and cannot be removed."
Any idea what might be the problem?


This generally indicates that decryption has failed. I suggest you check the output of the key generation functions, to see if you are actually using the same key. I notice, for instance, that the Java code implies you are using a SHA1-based HMAC, whereas the .NET code implies you are using an unkeyed SHA1 hash to generate the key.
Alternatively, it could be a mismatch in the padding. I don't see where you are explicitly setting the PaddingMode to PKCS7 in the .NET code.

Related

c# Decrypt data which stored in sql server

In ms SQL server, I have a field text with data look like below:
"!"$$$$$$!#$$$$!!!!! !!!!!!!!!!!!!! "!! ! " !" ! !" !!!! ! !!"!".
I belive that from a plain text string, they using a Rijndael algorithm to encrypted this string. from encrypted string, it was transform to string above.
Can anyone recognize what the algorithm to decrypt from string above to the encrypted string of Rijndael algorithm?
thanks

Hi me drona please find the below code. It will useful from you.
public static class Encrypt
{
// This size of the IV (in bytes) must = (keysize / 8). Default keysize is 256, so the IV must be
// 32 bytes long. Using a 16 character string here gives us 32 bytes when converted to a byte array.
private const string initVector = "pemgail9uzpgzl88";
// This constant is used to determine the keysize of the encryption algorithm
private const int keysize = 256;
//Encrypt
public static string EncryptString(string plainText, string passPhrase)
{
byte[] initVectorBytes = Encoding.UTF8.GetBytes(initVector);
byte[] plainTextBytes = Encoding.UTF8.GetBytes(plainText);
PasswordDeriveBytes password = new PasswordDeriveBytes(passPhrase, null);
byte[] keyBytes = password.GetBytes(keysize / 8);
RijndaelManaged symmetricKey = new RijndaelManaged();
symmetricKey.Mode = CipherMode.CBC;
ICryptoTransform encryptor = symmetricKey.CreateEncryptor(keyBytes, initVectorBytes);
MemoryStream memoryStream = new MemoryStream();
CryptoStream cryptoStream = new CryptoStream(memoryStream, encryptor, CryptoStreamMode.Write);
cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length);
cryptoStream.FlushFinalBlock();
byte[] cipherTextBytes = memoryStream.ToArray();
memoryStream.Close();
cryptoStream.Close();
return Convert.ToBase64String(cipherTextBytes);
}
//Decrypt
public static string DecryptString(string cipherText, string passPhrase)
{
byte[] initVectorBytes = Encoding.ASCII.GetBytes(initVector);
byte[] cipherTextBytes = Convert.FromBase64String(cipherText);
PasswordDeriveBytes password = new PasswordDeriveBytes(passPhrase, null);
byte[] keyBytes = password.GetBytes(keysize / 8);
RijndaelManaged symmetricKey = new RijndaelManaged();
symmetricKey.Mode = CipherMode.CBC;
ICryptoTransform decryptor = symmetricKey.CreateDecryptor(keyBytes, initVectorBytes);
MemoryStream memoryStream = new MemoryStream(cipherTextBytes);
CryptoStream cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read);
byte[] plainTextBytes = new byte[cipherTextBytes.Length];
int decryptedByteCount = cryptoStream.Read(plainTextBytes, 0, plainTextBytes.Length);
memoryStream.Close();
cryptoStream.Close();
return Encoding.UTF8.GetString(plainTextBytes, 0, decryptedByteCount);
}
enter code here

xamarin Android encryption GetBytes Method difference with C#

I have an App in Visual Studio 2013, with password Encryptation Methods, and i need to migrate it to Xamarin Android.
The problem I had is that encryptation method in Xamarin gives a different encryptation string.
The difference is in GetBytes Method.
Here is part of my code.
public static string Encript(string ptexto, string pClave)
{
return Encript2(ptexto, pClave + "pass75dc#avz10", "s#lAvz", "MD5", 1, "#1B2c3D4e5F6g7H8", 128);
}
private static string Encript2(string textoQueEncriptaremos, string passBase, string saltValue, string hashAlgorithm, int passwordIterations, string initVector, int keySize)
{
byte[] initVectorBytes = Encoding.ASCII.GetBytes(initVector);
byte[] saltValueBytes = Encoding.ASCII.GetBytes(saltValue);
byte[] plainTextBytes = Encoding.UTF8.GetBytes(textoQueEncriptaremos);
PasswordDeriveBytes password = new PasswordDeriveBytes(passBase,saltValueBytes, hashAlgorithm, passwordIterations);
byte[] keyBytes = password.GetBytes(keySize / 8);
RijndaelManaged symmetricKey = new RijndaelManaged()
{
Mode = CipherMode.CBC
};
ICryptoTransform encryptor = symmetricKey.CreateEncryptor(keyBytes,initVectorBytes);
MemoryStream memoryStream = new MemoryStream();
CryptoStream cryptoStream = new CryptoStream(memoryStream, encryptor,CryptoStreamMode.Write);
cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length);
cryptoStream.FlushFinalBlock();
byte[] cipherTextBytes = memoryStream.ToArray();
memoryStream.Close();
cryptoStream.Close();
string cipherText = Convert.ToBase64String(cipherTextBytes);
return cipherText;
}
The line that make the difference is
byte[] keyBytes = password.GetBytes(keySize / 8);
I can not change my Encryptation in my c# Applicaction, Is there a way to obtain the same result in Xamarin?

From documentation you can check, it's normal you getting different byte array, GetByte() always return RANDOM key bytes. more
GetBytes(Int32) : Byte[]
Returns pseudo-random key bytes.

C# RIJNDAEL decrypt

I try to decrypt request params for JDownloader CNL Feature.
http://jdownloader.org/knowledge/wiki/glossary/cnl2
In this sample the iv and the key is '31323334353637383930393837363534' and i try to decrypt this value 'DRurBGEf2ntP7Z0WDkMP8e1ZeK7PswJGeBHCg4zEYXZSE3Qqxsbi5EF1KosgkKQ9SL8qOOUAI'
The php code in sample to encrypt is the following
I know i need to decode the key from hex to string, that means the correct key is 1234567890987654
function base16Encode($arg){
$ret="";
for($i=0;$i<strlen($arg);$i++){
$tmp=ord(substr($arg,$i,1));
$ret.=dechex($tmp);
}
return $ret;
}
$key="1234567890987654";
$transmitKey=base16Encode($key);
$link="http://rapidshare.com/files/285626259/jDownloader.dmg\r\nhttp://rapidshare.com/files/285622259/jDownloader2.dmg";
$cp = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', 'cbc', '');
#mcrypt_generic_init($cp, $key,$key);
$enc = mcrypt_generic($cp, $link);
mcrypt_generic_deinit($cp);
mcrypt_module_close($cp);
$crypted=base64_encode($enc);
echo $crypted;
My last try to decrypt is the following c# code but i have some troble with lenght of input.
public static String DecryptRJ(string input, string iv, string key )
{
key = key.DecodeBase16(); // Extension method
byte[] initVectorBytes = Encoding.UTF8.GetBytes(iv);
byte[] cipherTextBytes = Encoding.UTF8.GetBytes(input);
byte[] keyBytes = Encoding.UTF8.GetBytes(key);
RijndaelManaged symmetricKey = new RijndaelManaged();
symmetricKey.Mode = CipherMode.CBC;
symmetricKey.BlockSize = 256;
symmetricKey.KeySize = 256;
ICryptoTransform decryptor = symmetricKey.CreateDecryptor(keyBytes, initVectorBytes);
MemoryStream memoryStream = new MemoryStream(cipherTextBytes);
CryptoStream cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read);
byte[] plainTextBytes = new byte[cipherTextBytes.Length];
int decryptedByteCount = cryptoStream.Read(plainTextBytes, 0, plainTextBytes.Length);
memoryStream.Close();
cryptoStream.Close();
return Encoding.UTF8.GetString(plainTextBytes, 0, decryptedByteCount);
}
One more Information this PHP Code works fine and can decode and decrypt correct.
function decrypt($data, $_key){
echo '<br><hr><br>';
out($data);
$plain=base64_decode($data);
out($plain);
echo 'init';
//$e = mcrypt_decrypt ( $_cp , $_key , $plain , 'cbc' );
$e = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $_key, $plain, 'cbc', $_key);
out($e);
echo 'end';
}

Ok now i can decrypt the encrypted sample data (see php code or http://jdownloader.org/knowledge/wiki/glossary/cnl2) Code C# is this
public static string DecryptDLCData(string data, string _key, Encoding encoding = null)
{
if (encoding == null)
encoding = Encoding.Default;
data = data.DecodeBase64(encoding);
RijndaelManaged rijndaelCipher = new RijndaelManaged();
rijndaelCipher.Mode = CipherMode.CBC;
rijndaelCipher.Padding = PaddingMode.Zeros;
rijndaelCipher.KeySize = 256;
rijndaelCipher.BlockSize = 128;
byte[] pwdBytes = Encoding.Default.GetBytes(_key);
byte[] keyBytes = new byte[16];
int len = pwdBytes.Length;
if (len > keyBytes.Length) len = keyBytes.Length;
Array.Copy(pwdBytes, keyBytes, len);
rijndaelCipher.Key = keyBytes;
rijndaelCipher.IV = keyBytes;
var transform = rijndaelCipher.CreateDecryptor();
byte[] plainText = Encoding.Default.GetBytes(data);
byte[] cipherBytes = transform.TransformFinalBlock(plainText, 0, plainText.Length);
return Encoding.UTF8.GetString(cipherBytes);
}

Rijndael Encryption/Decryption C# vs PHP

I'm trying to encrypt data on client side(C#) then transmit it to the server through POST and decode it at the server side(PHP).
For this test purpose I'm also attaching to the POST all values were used on the client side to match it for the server
Values are:
Plain Text
Pass Phrase
IV
Generated By Client Encrypted Text
These parameters im re-using at the server side, it is mean i'm using the same plain text, the same pass phrase and the same IV
however results doesn't match
Encrypted text at the client side doesn't match to the encrypted text from server side where both of them were generated from the same input parameters
Here is Console output where you can clearly see what is going on:
https://dl.dropboxusercontent.com/u/15715229/ConsoleOutput.JPG
As You see server generate different hash with use of same "in" parameters...
What am I doing wrong?
here is my code:
C# Code:
static void Main(string[] args)
{
string url = "http://localhost/temp.php";
WebClient web = new WebClient();
string plainText = "This is sentence I want to encrypt";
string passPhrase = "MyPassPhrase";
string IV = DateTime.Now.ToLongTimeString() + "InVector";
Console.WriteLine("");
Console.WriteLine("----- Start Client -----");
Console.WriteLine("Plain text = " + plainText);
Console.WriteLine("PassPhrase = " + passPhrase);
Console.WriteLine("IV = " + IV);
string encryptedText = Encrypt(plainText, passPhrase, IV);
Console.WriteLine("Encrypted Text = " + encryptedText);
string decryptedText = Decrypt(encryptedText, passPhrase, IV);
Console.WriteLine("Decrypted Text = " + decryptedText);
Console.WriteLine("----- End Client -----");
Console.WriteLine("");
NameValueCollection postData = new NameValueCollection();
postData.Add("plainText", plainText);
postData.Add("encryptedText", encryptedText);
postData.Add("passPhrase", passPhrase);
postData.Add("IV", IV);
string webData = Encoding.UTF8.GetString(web.UploadValues(url, "POST", postData));
Console.WriteLine("----- Start Server Respond -----");
Console.WriteLine(webData);
Console.WriteLine("----- End Server Respond -----");
}
public static string Encrypt(string plainText, string passPhrase, string IV)
{
byte[] initVectorBytes = Encoding.UTF8.GetBytes(IV);
byte[] plainTextBytes = Encoding.UTF8.GetBytes(plainText);
byte[] keyBytes = Encoding.UTF8.GetBytes(passPhrase);
RijndaelManaged symmetricKey = new RijndaelManaged();
symmetricKey.Mode = CipherMode.CBC;
ICryptoTransform encryptor = symmetricKey.CreateEncryptor(keyBytes, initVectorBytes);
MemoryStream memoryStream = new MemoryStream();
CryptoStream cryptoStream = new CryptoStream(memoryStream, encryptor, CryptoStreamMode.Write);
cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length);
cryptoStream.FlushFinalBlock();
byte[] cipherTextBytes = memoryStream.ToArray();
memoryStream.Close();
cryptoStream.Close();
return Convert.ToBase64String(cipherTextBytes);
}
public static string Decrypt(string cipherText, string passPhrase, string IV)
{
byte[] initVectorBytes = Encoding.UTF8.GetBytes(IV);
byte[] cipherTextBytes = Convert.FromBase64String(cipherText);
byte[] keyBytes = Encoding.UTF8.GetBytes(passPhrase);
RijndaelManaged symmetricKey = new RijndaelManaged();
symmetricKey.Mode = CipherMode.CBC;
ICryptoTransform decryptor = symmetricKey.CreateDecryptor(keyBytes, initVectorBytes);
MemoryStream memoryStream = new MemoryStream(cipherTextBytes);
CryptoStream cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read);
byte[] plainTextBytes = new byte[cipherTextBytes.Length];
int decryptedByteCount = cryptoStream.Read(plainTextBytes, 0, plainTextBytes.Length);
memoryStream.Close();
cryptoStream.Close();
return Encoding.UTF8.GetString(plainTextBytes, 0, decryptedByteCount);
}
My PHP Code:
<?php
if(isset($_POST['plainText']))
{
$plainText = $_POST['plainText'];
$clientEncryptedText = $_POST['encryptedText'];
$passPhrase = $_POST['passPhrase'];
$iv = $_POST['IV'];
echo "Plain text = ".$plainText."\n";
echo "PassPhrase = ".$passPhrase."\n";
echo "IV = ".$iv."\n";
$encryptedText = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $passPhrase, $plainText, MCRYPT_MODE_CBC, $iv ));
echo "Server Encrypted Text = ".$encryptedText."\n";
echo "Client Encrypted Text = ".$clientEncryptedText."\n";
$decryptedText = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $passPhrase, base64_decode($encryptedText), MCRYPT_MODE_CBC, $iv );
echo "Server Decrypted Text = ".$decryptedText."\n";
$decryptedText = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $passPhrase, base64_decode($clientEncryptedText), MCRYPT_MODE_CBC, $iv );
echo "Decrypted text from Client = ".$decryptedText."\n";
}
else
{
echo "POST is not set";
}
Can you please tell me what am i doing wrong and where? at the client (C#) or at the server (PHP)?
Regards
Vadims Briksins

Your Passphrase is not a key of the appropriate length. Same goes for the IV. Thus, some kind of padding, truncation or hashing will happen. PHP and C# likely do it differently. Also, you don't specify if AES-128 or AES-256 is to be used in C# - thus, you are likely using AES-256 in C#, while decrypting with AES-128. Also C# could, theoretically, also use different block sizes (it likely doesn't). Padding could also differ, which could cause issues later down the road.
Make sure your IV matches the block size used (should be 128 bit = 16 byte) and the passphrase/key matches whatever key size you chose.
If you will be using real passphrases in practice, you need to use something like PBKDF2 to derive keys from them.
You also may want to add integrity checking (e.g. using HMAC with a separate key).
Also, don't implement crypto yourself if you don't have to. Check if SSL/TLS could fix the problem for you, and then use it if possible. You can use hardcoded selfsigned certificates if you want to and it matches your requirements, but using an existing crypto protocol is usually a better idea than building your own.

finally got it sorted. Whole day was fighting with it and now would love to share the code with you.
Code is 100% working - Tested and Verified!
Content of C# CryptoMaster.cs file (Client Side):
using System;
using System.Collections.Generic;
using System.Collections.Specialized;
using System.Diagnostics;
using System.IO;
using System.Linq;
using System.Net;
using System.Security.Cryptography;
using System.Text;
using System.Threading.Tasks;
namespace EncryptionClient
{
class CryptoMaster
{
private string encryptedText;
public void StartEncryption()
{
Console.WriteLine("");
Console.WriteLine("----- Client Start -----");
string plainText = "Hello, this is a message we need to encrypt";
Console.WriteLine("Plain Text = " + plainText);
string passPhrase ="Pass Phrase Can be any length";
string saltValue = DateTime.Now.ToLongTimeString(); //slat should be 8 bite len, in my case im using Time HH:MM:SS as it is dynamic value
string hashAlgorithm = "SHA1";
int passwordIterations = 1;
string initVector = "InitVector Should be 32 bite len";
int keySize = 256;
encryptedText = Encrypt(plainText, passPhrase, saltValue, hashAlgorithm, passwordIterations, initVector, keySize);
Console.WriteLine("Encrypted Text = " + encryptedText);
string decryptedText = Decrypt(encryptedText, passPhrase, saltValue, hashAlgorithm, passwordIterations, initVector, keySize);
Console.WriteLine("Decripted Text = " + decryptedText);
Console.WriteLine("----- Client End -----");
SendDataToWebServer(plainText, passPhrase, saltValue, hashAlgorithm, passwordIterations, initVector, keySize);
}
private void SendDataToWebServer(string plainText, string passPhrase, string saltValue, string hashAlgorithm, int passwordIterations, string initVector, int keySize)
{
NameValueCollection POST = new NameValueCollection();
//NOTE: I'm Including all this data to POST only for TESTING PURPOSE
//and to avoid manual entering of the same data at server side.
//In real live example you have to keep sensative data hidden
POST.Add("plainText", plainText);
POST.Add("passPhrase", passPhrase);
POST.Add("saltValue", saltValue);
POST.Add("hashAlgorithm", hashAlgorithm);
POST.Add("passwordIterations", passwordIterations+"");
POST.Add("initVector", initVector);
POST.Add("keySize", keySize+"");
POST.Add("encryptedText", encryptedText);
WebClient web = new WebClient();
string URL = "http://localhost/Encryptor.php";
Console.WriteLine("");
string serverRespond = Encoding.UTF8.GetString(web.UploadValues(URL, "POST", POST));
Console.WriteLine("----- Server Start -----");
Console.WriteLine(serverRespond);
Console.WriteLine("----- Server End -----");
}
public string Encrypt(string plainText, string passPhrase, string saltValue, string hashAlgorithm, int passwordIterations, string initVector, int keySize)
{
byte[] initVectorBytes = Encoding.ASCII.GetBytes(initVector);
byte[] saltValueBytes = Encoding.ASCII.GetBytes(saltValue);
byte[] plainTextBytes = Encoding.UTF8.GetBytes(plainText);
Rfc2898DeriveBytes password = new Rfc2898DeriveBytes(passPhrase, saltValueBytes, passwordIterations);
byte[] keyBytes = password.GetBytes(keySize / 8);
RijndaelManaged symmetricKey = new RijndaelManaged();
symmetricKey.BlockSize = 256;
symmetricKey.KeySize = 256;
symmetricKey.Padding = PaddingMode.Zeros;
symmetricKey.Mode = CipherMode.CBC;
ICryptoTransform encryptor = symmetricKey.CreateEncryptor(keyBytes, initVectorBytes);
MemoryStream memoryStream = new MemoryStream();
CryptoStream cryptoStream = new CryptoStream(memoryStream, encryptor, CryptoStreamMode.Write);
cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length);
cryptoStream.FlushFinalBlock();
byte[] cipherTextBytes = memoryStream.ToArray();
memoryStream.Close();
cryptoStream.Close();
string cipherText = Convert.ToBase64String(cipherTextBytes);
return cipherText;
}
public static string Decrypt(string cipherText, string passPhrase, string saltValue, string hashAlgorithm, int passwordIterations, string initVector, int keySize)
{
byte[] initVectorBytes = Encoding.ASCII.GetBytes(initVector);
byte[] saltValueBytes = Encoding.ASCII.GetBytes(saltValue);
byte[] cipherTextBytes = Convert.FromBase64String(cipherText);
Rfc2898DeriveBytes password = new Rfc2898DeriveBytes(passPhrase, saltValueBytes, passwordIterations);
byte[] keyBytes = password.GetBytes(keySize / 8);
RijndaelManaged symmetricKey = new RijndaelManaged();
symmetricKey.BlockSize = 256;
symmetricKey.KeySize = 256;
symmetricKey.Padding = PaddingMode.Zeros;
symmetricKey.Mode = CipherMode.CBC;
ICryptoTransform decryptor = symmetricKey.CreateDecryptor(keyBytes, initVectorBytes);
MemoryStream memoryStream = new MemoryStream(cipherTextBytes);
CryptoStream cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read);
byte[] plainTextBytes = new byte[cipherTextBytes.Length];
int decryptedByteCount = cryptoStream.Read(plainTextBytes, 0, plainTextBytes.Length);
memoryStream.Close();
cryptoStream.Close();
string plainText = Encoding.UTF8.GetString(plainTextBytes, 0, decryptedByteCount);
return plainText;
}
}
}
Content of PHP Encryptor.PHP file (Server Side):
<?php
error_reporting(0);
if (isset($_POST['plainText'])) {
$plainText = $_POST['plainText'];
$passPhrase = $_POST['passPhrase'];
$saltValue = $_POST['saltValue'];
$hashAlgorithm = $_POST['hashAlgorithm'];
$passwordIterations = $_POST['passwordIterations'];
$initVector = $_POST['initVector'];
$keySize = $_POST['keySize'];
$clientEncryptedText = $_POST['encryptedText'];
$key = getKey($passPhrase,$saltValue, $passwordIterations, $keySize, $hashAlgorithm);
echo "Plain Text = ".$plainText."\n";
echo "Client Encrypted Text = ".$clientEncryptedText."\n";
$encryptedText = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $plainText, MCRYPT_MODE_CBC, $initVector));
echo "Server Encrypted Text = ".$encryptedText."\n";
$decryptedText = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($encryptedText), MCRYPT_MODE_CBC, $initVector), "\0");
echo "Server Decrypted Text = ".$decryptedText."\n";
$decryptedText = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($clientEncryptedText), MCRYPT_MODE_CBC, $initVector), "\0");
echo "Client Decrypted Text = ".$decryptedText;
}
function getKey( $passPhrase, $saltValue, $passwordIterations, $keySize, $hashAlgorithm ) {
$hl = strlen(hash($hashAlgorithm, null, true));
$kb = ceil($keySize / $hl);
$dk = '';
for ( $block = 1; $block <= $kb; $block ++ ) {
$ib = $b = hash_hmac($hashAlgorithm, $saltValue . pack('N', $block), $passPhrase, true);
for ( $i = 1; $i < $passwordIterations; $i ++ )
$ib ^= ($b = hash_hmac($hashAlgorithm, $b, $passPhrase, true));
$dk .= $ib;
}
return substr($dk, 0, $keySize);
}
?>
Console Output can be viewed by this link

Decrypting AES from C#, Encrypted from Java

We are using below code to encrypt in Java
public encrypt(String text) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidKeySpecException {
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
KeySpec spec = new PBEKeySpec(passPhrase.toCharArray(), SALT, ITERATION_COUNT, KEY_LENGTH); //256 bit
SecretKey tmp = factory.generateSecret(spec);
SecretKey secret = new SecretKeySpec(tmp.getEncoded(), "AES");
this.ecipher = Cipher.getInstance("AES");
this.ecipher.init(Cipher.ENCRYPT_MODE, secret);
byte[] bytes = encrypt.getBytes("UTF-8");
byte[] encrypted = this.ecipher.doFinal(bytes);
return Base64.encodeBase64String(encrypted);
}
Our vendor is using C# to decrypt the data
His code
string Decrypt(string textToDecrypt, string key)
{
RijndaelManaged rijndaelCipher = new RijndaelManaged();
rijndaelCipher.Mode = CipherMode.ECB;
rijndaelCipher.KeySize = 0x80;
rijndaelCipher.BlockSize = 0x80;
byte[] encryptedData = Convert.FromBase64String(textToDecrypt);
byte[] pwdBytes = Encoding.UTF8.GetBytes(key);
byte[] keyBytes = new byte[0x10];
int len = pwdBytes.Length;
if (len > keyBytes.Length) {
len = keyBytes.Length;
}
Array.Copy(pwdBytes, keyBytes, len);
rijndaelCipher.Key = keyBytes;
byte[] plainText = rijndaelCipher.CreateDecryptor().TransformFinalBlock(encryptedData, 0, encryptedData.Length);
return Encoding.UTF8.GetString(plainText);
}
But he's unable to decrypt the data. He's getting some garbage data.
Any idea how to decrypt using C# for Java Encryption part.

First off, Don't have any allusions of security with your java code. ECB mode not a good choice.
Second, the problem with the C# code is that it's using the raw bytes of the passphase for the key rather than PBKDF2WithHmacSHA1 which the java code is using. The class in C# to do the key generation is Rfc2898DeriveBytes

Categories

Resources