So I am making an app that sends secure messages to the specified IP address. I am using AES to encrypt the message and that part works great. I am able to encrypt the message and also decrypt it before I send the message. However, when I try to decrypt a message that has been recieved from the server, I can not decrypt it. It gets displayed in it's encrypted form.
I get this error "java.lang.NumberFormatException: Invalid int: "ne"" and I think it may have to do with the character encoding or something? Is a string altered in any way when it is sent over a network?
Here are snippets that may be related to the issue.
public static String encrypt(String seed, String cleartext)
throws Exception {
byte[] rawKey = getRawKey(seed.getBytes());
byte[] result = encrypt(rawKey, cleartext.getBytes());
return toHex(result);
}
public static String decrypt(String seed, String encrypted)
throws Exception {
byte[] rawKey = getRawKey(seed.getBytes());
byte[] enc = toByte(encrypted);
byte[] result = decrypt(rawKey, enc);
return new String(result);
}
public static byte[] toByte(String hexString) {
int len = hexString.length() / 2;
byte[] result = new byte[len];
for (int i = 0; i < len; i++)
result[i] = Integer.valueOf(hexString.substring(2 * i, 2 * i + 2),
16).byteValue();
return result;
}
public static String toHex(byte[] buf) {
if (buf == null)
return "";
StringBuffer result = new StringBuffer(2 * buf.length);
for (int i = 0; i < buf.length; i++) {
appendHex(result, buf[i]);
}
return result.toString();
}
This is where I do the decryption for the message to be displayed.
while (!goOut) {
if (dataInputStream.available() > 0) {
incoming = dataInputStream.readUTF();
if(encrypt == true) {
try{
msgLog += AESHelper.decrypt(seed,incoming);
} catch (Exception e) {
e.printStackTrace();
}
} else msgLog += incoming;
MainActivity.this.runOnUiThread(new Runnable() {
#Override
public void run() {
chatMsg.setText(msgLog);
}
});
This is encrypting the message:
OnClickListener buttonEncryptOnClickListener = new OnClickListener() {
public void onClick(View v) {
if (chatClientThread == null) {
return;
}
if (editTextSay.getText().toString().equals("")) {
return;
}
if(!editTextSay.getText().toString().equals("")){
String message = editTextSay.getText().toString();
encrypt = true;
int secLvl = Integer.parseInt(editTextSecurity.getText().toString());
String encryptedMsg;
try {
encryptedMsg = AESHelper.encrypt(seed, message);
textEncryptedmsg.setText(encryptedMsg);
textEncryptedmsg.setVisibility(View.VISIBLE);
} catch (Exception e) {
e.printStackTrace();
}
}
}
};
This is sending the message:
OnClickListener buttonSendOnClickListener = new OnClickListener() {
#Override
public void onClick(View v) {
if (editTextSay.getText().toString().equals("")) {
return;
}
if(chatClientThread==null){
return;
}
if (encrypt == true){
chatClientThread.sendMsg(textEncryptedmsg.getText().toString() + "\n");
} else {
chatClientThread.sendMsg(editTextSay.getText().toString() + "\n");
}
editTextSay.setText("");
textEncryptedmsg.setText("");
textDecryptedmsg.setText("");
encrypt = false;
incomingmsg.setVisibility(View.VISIBLE);
}
};
I'll assume that you're sending the ciphertext in a hex encoded form. DataInputStream#readUTF() reads a single Unicode character from the stream. Since you're sending hex characters this will mean that a single ciphertext byte can be constructed from two of such Unicode characters.
The problem is that AES operates on blocks. Trying to decrypt every single "half"-byte separately won't work.
You will need to rewrite the decryption method to either
use streaming decryption or
read the whole ciphertext and decrypt in one go.
If you want to try streaming decryption, then you have basically two options:
update the internal buffer of a Cipher object using the offset-version of Cipher#update() or
use a CipherInputStream.
Here is an (pseudo-code) example of reading the whole thing before trying to decrypt it:
StringBuilder incoming = new StringBuilder();
while (!goOut && ) {
incoming.append(dataInputStream.readUTF());
}
if(encrypt == true) {
try{
msgLog += AESHelper.decrypt(seed, incoming.toString());
} catch (Exception e) {
e.printStackTrace();
}
} else msgLog += incoming;
I found a way around the issue without using CipherInputStream.
Whenever I encrypted a message and sent it, the encryption/decryption algorithm would not decrypt the message received from the server. Since the output encrypted message was identical to what I sent, I printed the incoming encrypted message into a TextView then I copied the TextView into a String and decrypted it and it works great now.
while (!goOut) {
if (dataInputStream.available() > 0) {
final String incoming = dataInputStream.readUTF();
MainActivity.this.runOnUiThread(new Runnable() {
#Override
public void run() {
incomingmsg.setText(incoming);
mustDecrypt = incomingmsg.getText().toString();
if (encrypt)
try {
mustDecrypt = AESHelper.decrypt(seed, mustDecrypt);
msgLog += mustDecrypt;
} catch (Exception e){
e.printStackTrace();
}
else msgLog += mustDecrypt;
chatMsg.setText(msgLog);
}
});
}
Related
I am new to Android and java in general, i wanted to inspect how a specific app works, so i begun by de-compiling the app using apktool and then used jadx to browse the source files, everything makes sense so far, so i added a mitmproxy to inspect the network traffic from the app.
I know that the request reply is a JSON payload, however "some of them" are encrypted possibly using mcrypt or openssl? so tracing methods leads me to this file.
import java.security.NoSuchAlgorithmException;
import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
public class MC {
private IvParameterSpec a;
private SecretKeySpec b;
private Cipher c;
private native int getint();
public native String I6MOYF();
static {
System.loadLibrary("native-lib");
}
public MC(String str) {
this.a = new IvParameterSpec(str.getBytes());
this.b = new SecretKeySpec((I6MOYF() + String.valueOf(getint())).getBytes(), "AES");
try {
this.c = Cipher.getInstance("AES/CBC/NoPadding");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e2) {
e2.printStackTrace();
}
}
public byte[] encrypt(String str) throws Exception {
if (str == null || str.length() == 0) {
throw new Exception("Empty string");
}
try {
this.c.init(1, this.b, this.a);
return this.c.doFinal(a(str).getBytes());
} catch (Exception e) {
throw new Exception("[encrypt] " + e.getMessage());
}
}
private static String a(String str) {
int length = 16 - (str.length() % 16);
for (int i = 0; i < length; i++) {
str = str + 0;
}
return str;
}
public byte[] des(String str) throws Exception {
if (str == null || str.length() == 0) {
throw new Exception("Empty string");
}
try {
this.c.init(2, this.b, this.a);
Object doFinal = this.c.doFinal(hexToBytes(str));
if (doFinal.length > 0) {
int i = 0;
for (int length = doFinal.length - 1; length >= 0; length--) {
if (doFinal[length] == (byte) 0) {
i++;
}
}
if (i > 0) {
Object obj = new byte[(doFinal.length - i)];
System.arraycopy(doFinal, 0, obj, 0, doFinal.length - i);
return obj;
}
}
return doFinal;
} catch (Exception e) {
throw new Exception("[decrypt] " + e.getMessage());
}
}
public static byte[] hexToBytes(String str) {
byte[] bArr = null;
if (str != null && str.length() >= 2) {
int length = str.length() / 2;
bArr = new byte[length];
for (int i = 0; i < length; i++) {
bArr[i] = (byte) Integer.parseInt(str.substring(i * 2, (i * 2) + 2), 16);
}
}
return bArr;
}
}
i understand that it uses OpenSSL "AES/CBC/NoPadding" mode for for decrypting the payload, however i am at loss how to take the payload and do it manually.
here is an example of the payload the server gives, the app send key header, however changing and dropping it does not change the payload, so i concluded it's not using the key for the actual encryption
AwFpdchYa7twLSEwN884uGQ/CNoLKrGBxtwIXGcL9OQTPPh96I1uhuh85HXLw3XUikVCmKaKgnssGorqYuvHQELce3nAhnaeHDcEsMFIykeitgDWLXeCed6f9UXHn+XF8nC3arHVbhMgIW8bUlWMq6KygRb4jeUufRHJzJ7LK0q6TvY+rF+utv3i//3NCuKfmbiiMlBvyDdMWPIL83YywkdjLujbBn0RNaeqUDjE0I7xqYypWPjwPXH1DZPbnGFYHemJgNS8QKtFnbtiRwEhpzx2sEoe/NBIgvcXsYkRSgrt+Q==
So the main question is, how would you use the provided code to manually decrypt the payload?
EDIT:
as suggested by Mr. #Robert, i tried to see how the native functions being called, so i installed frida-server on android emulator, and here is the interesting call, not sure what to make of it
/* TID 0x10b1 */
15066 ms open(pathname="/data/app/com.friga.gameapp-lPtwMqeZ36x47-Yo8YDzOg==/lib/x86/libnative-lib.so", flags=0x0)
i guess this supposed to be the key? -lPtwMqeZ36x47-Yo8YDzOg==
I managed to solve the problem using frida by following "Frida hooking android part 5: Bypassing AES encryption" post by 11x256 blog
Could anyone tell me how I would decrypt data (using Java) that has been encrypted with this PHP function?
PHP Code
public function pad($data, $blocksize = 16) {
$pad = $blocksize - (strlen($data) % $blocksize);
return $data . str_repeat(chr($pad), $pad);
}
public function decryptECB($data) {
return mcrypt_decrypt(MCRYPT_RIJNDAEL_128, self::BLOB_ENCRYPTION_KEY, self::pad($data), MCRYPT_MODE_ECB);
}
public function encryptECB($data) {
return mcrypt_encrypt(MCRYPT_RIJNDAEL_128, self::BLOB_ENCRYPTION_KEY, self::pad($data), MCRYPT_MODE_ECB);
}
I have tried most of the things here but most of them are without padding and even when I add padding they don't work.
Edit 1:
(From PHP)
The input looks like this: http://pastebin.com/2cyig9nh
Key is this:
M02cnQ51Ji97vwT4
And output is this: http://pastebin.com/XcA50UGH
(The Java code)
public class Mcrypt {
private SecretKeySpec keyspec;
private Cipher cipher;
private String SecretKey = "M02cnQ51Ji97vwT4";
public Mcrypt() {
keyspec = new SecretKeySpec(SecretKey.getBytes(), "AES");
try {
cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
}
}
public String encrypt(String text) throws Exception {
if (text == null || text.length() == 0)
throw new Exception("Empty string");
byte[] encrypted = null;
try {
cipher.init(Cipher.ENCRYPT_MODE, keyspec );
encrypted = cipher.doFinal(padString(text).getBytes());
} catch (Exception e) {
throw new Exception("[encrypt] " + e.getMessage());
}
return Base64.encodeBase64String(encrypted);
}
public byte[] decrypt(String code) throws Exception {
if (code == null || code.length() == 0)
throw new Exception("Empty string");
byte[] decrypted = null;
try {
cipher.init(Cipher.DECRYPT_MODE, keyspec );
decrypted = cipher.doFinal(new Base64().decode(code.getBytes()));
} catch (Exception e) {
throw new Exception("[decrypt] " + e.getMessage());
}
return decrypted;
}
private static String padString(String source) {
char paddingChar = ' ';
int size = 16;
int x = source.length() % size;
int padLength = size - x;
for (int i = 0; i < padLength; i++) {
source += paddingChar;
}
return source;
}
}
You are encoding and decoding to Base64 in your Java code, but your PHP code does not seem to perform any encoding/decoding whatsoever. This seems to be confirmed by what you posted on Pastebin. If you want to use strings instead of bytes - bytes are the only input accepted by modern ciphers - then you should make sure that the (character) encoding is correct on both sides. If you just want to use bytes, don't decode the binary in Java - the input is already in bytes, not text.
Can someone figure out why the output of these (php and java) snippets of code don't return the same SHA512 for the same input?
$password = 'whateverpassword';
$salt = 'ieerskzcjy20ec8wkgsk4cc8kuwgs8g';
$salted = $password.'{'.$salt.'}';
$digest = hash('sha512', $salted, true);
echo "digest: ".base64_encode($digest);
for ($i = 1; $i < 5000; $i++) {
$digest = hash('sha512', $digest.$salted, true);
}
$encoded_pass = base64_encode($digest);
echo $encoded_pass;
This is the code on the android application:
public String processSHA512(String pw, String salt, int rounds)
{
try {
md = MessageDigest.getInstance("SHA-512");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
throw new RuntimeException("No Such Algorithm");
}
String result = hashPw(pw, salt, rounds);
System.out.println(result);
return result;
}
private static String hashPw(String pw, String salt, int rounds) {
byte[] bSalt;
byte[] bPw;
String appendedSalt = new StringBuilder().append('{').append(salt).append('}').toString();
try {
bSalt = appendedSalt.getBytes("ISO-8859-1");
bPw = pw.getBytes("ISO-8859-1");
} catch (UnsupportedEncodingException e) {
throw new RuntimeException("Unsupported Encoding", e);
}
byte[] digest = run(bPw, bSalt);
Log.d(LCAT, "first hash: " + Base64.encodeBytes(digest));
for (int i = 1; i < rounds; i++) {
digest = run(digest, bSalt);
}
return Base64.encodeBytes(digest);
}
private static byte[] run(byte[] input, byte[] salt) {
md.update(input);
return md.digest(salt);
}
The library for base64 encoding is this: base64lib
This java code is actually some modified code I found around another question in StackOverflow.
Although the Android code is running fine it doesn't match with the output from the php script. It doesn't even match the first hash!
Note 1: On php hash('sha512',$input, $raw_output) returns raw binary output
Note 2: On java I tried to change the charset (UTF-8, ASCII) but it also didn't work.
Note 3: The code from the server can not be changed, so I would appreciate any answer regarding how to change my android code.
The first hash should be the same on the server and in Java. But then in the loop what gets appended to the digest is password{salt} in the PHP code, but only {salt} in the Java code.
For the lazy ones, one example better than a thousand words ;). I finally understood what was happening. The method update appends bytes to the digest, so when you append $password.{$salt} is the same as doing mda.update(password bytes) and the mda.digest("{$salt}" bytes. I do that answer because I was going crazy finding why it was not working and it was all in this answer.
Thanks guys.
This is the example that works in a Java Server:
public static String hashPassword(String password, String salt) throws Exception {
String result = password;
String appendedSalt = new StringBuilder().append('{').append(salt).append('}').toString();
String appendedSalt2 = new StringBuilder().append(password).append('{').append(salt).append('}').toString();
if(password != null) {
//Security.addProvider(new BouncyCastleProvider());
MessageDigest mda = MessageDigest.getInstance("SHA-512");
byte[] pwdBytes = password.getBytes("UTF-8");
byte[] saltBytes = appendedSalt.getBytes("UTF-8");
byte[] saltBytes2 = appendedSalt2.getBytes("UTF-8");
byte[] digesta = encode(mda, pwdBytes, saltBytes);
//result = new String(digesta);
System.out.println("first hash: " + new String(Base64.encode(digesta),"UTF-8"));
for (int i = 1; i < ROUNDS; i++) {
digesta = encode(mda, digesta, saltBytes2);
}
System.out.println("last hash: " + new String(Base64.encode(digesta),"UTF-8"));
result = new String(Base64.encode(digesta));
}
return result;
}
private static byte[] encode(MessageDigest mda, byte[] pwdBytes,
byte[] saltBytes) {
mda.update(pwdBytes);
byte [] digesta = mda.digest(saltBytes);
return digesta;
}
I am working on AES algorithm and I get this Exception:
javax.crypto.BadPaddingException: Given final block not properly padded
at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
at com.sun.crypto.provider.AESCipher.engineDoFinal(DashoA13*..)
at javax.crypto.Cipher.doFinal(DashoA13*..)
at org.enterprisepower.io.MyEncryptTools.decrypt(MyEncryptTools.java:41)
at org.enterprisepower.io.IOUtils.copyStream(IOUtils.java:132)
at org.enterprisepower.net.portforward.Processor$Copier.run(Processor.java:99)
at java.lang.Thread.run(Unknown Source)
the exception happen in the decryption part.I encrypt a message in myClient program and send cipherMessage to myServer program.After server recieve the cipherMessage it throws the above exception, but in client I can decrypt the exact same cipherMessage.(I check this with printing the bytes in both side...)
These are my codes:
//It's decrypt method for both client and server
public byte[] decrypt(byte[] encryptedData, int length) throws Exception {
Key key = generateKey();
Cipher c = Cipher.getInstance(ALGO);
c.init(Cipher.DECRYPT_MODE, key);
byte[] enc = new byte[length];
for (int i = 0; i < length; i++) {
enc[i] = encryptedData[i];
}
byte[] decordedValue= Base64.decodeBase64(enc);//org.apache.commons.codec.binary.*;
byte[] decValue = c.doFinal(decordedValue);
return decValue;
}
//Client side
public static void copyStream(InputStream in, OutputStream out,
boolean closeOnFinish, boolean encrypt, String password) throws Exception {
MyEncryptTools mit;
try {
mit = new MyEncryptTools(password);
byte[] buf = new byte[BUF_SIZE];
byte[] enbuf ;
int count;
try {
if (encrypt) {
while (((count = in.read(buf)) != -1) && alive) {
enbuf = mit.encrypt(buf,count);
out.write(enbuf, 0, enbuf.length);
}
} else {
buf = new byte[172];
while (((count = in.read(buf)) != -1) && alive) {
enbuf = mit.decrypt(buf, count);
out.write(enbuf, 0, enbuf.length);
}
}
} finally {
if (closeOnFinish)
close(in);
if (closeOnFinish)
close(out);
}
} catch (Exception e) {
e.printStackTrace();
}
}
//Server side
public static void copyStream(InputStream in, OutputStream out,
boolean closeOnFinish, boolean encrypt, String user, String password) throws Exception {
MyEncryptTools mit;
try {
mit = new MyEncryptTools(password);
byte[] buf = new byte[BUF_SIZE];
byte[] enbuf ;
int count;
try {
if (encrypt) {
System.out.println("Encrypt;");
while (((count = in.read(buf)) != -1)) {
enbuf = mit.encrypt(buf,count);
out.write(enbuf, 0, enbuf.length);
}
} else {
buf = new byte[172];
while (((count = in.read(buf)) != -1)) {
enbuf = mit.decrypt(buf, count);
out.write(enbuf, 0, enbuf.length);
}
}
} finally {
if (closeOnFinish)
close(in);
if (closeOnFinish)
close(out);
}
} catch (Exception e) {
e.printStackTrace();
}
}
I should mention that I use an array of 117 byte for encrypting and an array of 172 for decrypting.
Use the wonderful CipherInputStream and forget about buffers length.
Your error message says: "Given final block not properly padded". To fix the error specify PKCS7 padding for both encryption or decryption. Alternatively switch to CTR mode, which does not require padding.
I use DES algorithm to encrypt/decrypt my text. And it works perfect with latin texts.
But when I start encrypt/decrypt cyrillic text, decrypted one is shown as ????? ???????? in my TextField form and in console. How can i fix it?
After Joachim Sauer advice I changed inputBytes = textToEnrypt.getBytes(); to inputBytes = textToEnrypt.getBytes("UTF-8"); and now I have javax.crypto.IllegalBlockSizeException. Help me, please...
package crypting;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import javax.microedition.midlet.*;
public class Encryptor extends MIDlet {
String buffer;
public void startApp() {
String keyString = "testtest";
// encrypt("Text for encrypting", keyString);
encrypt("Привет", keyString);
decrypt(buffer, keyString);
}
public void pauseApp() {
}
public void destroyApp(boolean unconditional) {
}
public void encrypt(String textToEnrypt, String keyString) {
Cipher cipher;
try {
cipher = Cipher.getInstance("DES");
} catch (Exception ex) {
System.out.println(ex.toString());
return;
}
byte[] keyData = keyString.getBytes();
SecretKeySpec key = new SecretKeySpec(keyData, 0, keyData.length, "DES");
try {
cipher.init(Cipher.ENCRYPT_MODE, key);
} catch (Exception ex) {
System.out.println(ex.toString());
return;
}
int cypheredBytes = 0;
byte[] inputBytes;
try {
inputBytes = textToEnrypt.getBytes("UTF-8");
// inputBytes = textToEnrypt.getBytes();
} catch (Exception ex) {
System.out.println(ex.toString());
return;
}
byte[] outputBytes = new byte[100];
try {
cypheredBytes = cipher.doFinal(inputBytes, 0, inputBytes.length,
outputBytes, 0);
} catch (Exception ex) {
System.out.println(ex.toString());
return;
}
String str = new String(outputBytes, 0, cypheredBytes);
buffer = str;
System.out.println("Encrypted string = " + str);
}
public void decrypt(String textToDecrypt, String keyString) {
Cipher cipher;
try {
cipher = Cipher.getInstance("DES");
} catch (Exception ex) {
System.out.println(ex.toString());
return;
}
byte[] keyData = keyString.getBytes();
SecretKeySpec key = new SecretKeySpec(keyData, 0, keyData.length, "DES");
try {
cipher.init(Cipher.DECRYPT_MODE, key);
} catch (Exception ex) {
System.out.println("2. " + ex.toString());
return;
}
int cypheredBytes = 0;
byte[] inputBytes;
try {
inputBytes = textToDecrypt.getBytes("UTF-8");
// inputBytes = textToDecrypt.getBytes();
} catch (Exception ex) {
System.out.println("3. " + ex.toString());
return;
}
byte[] outputBytes = new byte[100];
try {
cypheredBytes = cipher.doFinal(inputBytes, 0, inputBytes.length,
outputBytes, 0);
} catch (Exception ex) {
System.out.println("4. " + ex.toString());
return;
}
String str = new String(outputBytes, 0, cypheredBytes);
System.out.println("Decrypted string = " + str);
}
}
I was able to make it work with the following changes.
Change the return type of encrypt method, from void to byte[]:
static public byte[] encrypt(String textToEnrypt, String keyString)
throws Exception
{
//at the end
//write this down:
byte[] newResponse = new byte[cypheredBytes];
for(int i=0;i < cypheredBytes;i++)
{
newResponse[i] = outputBytes[i];
}
return newResponse;
}
Instead of:
String str = new String(outputBytes, 0, cypheredBytes);
buffer = str;
System.out.println("Encrypted string = " + str);
My guess (and I can't do more without you showing some code) is that you're using getBytes() without a parameter and construct the String from the byte[] without a parameter as well. That means using the platform default encoding and if that can't represent cyrillic characters, then that's what you get.
It's better to use UTF-8 for both transformations, this way you can represent every Unicode character.
DES uses a 64-bit (8-byte) block size. You have to make sure that the data you're encrypting is a multiple of 8 bytes, i.e. pad it out with zero bytes or whatever to ensure that it is. Otherwise you'll get an IllegalBlockSizeException. You'll need to do this after you convert the string to UTF-8, of course....
One problem is the line
String str = new String(outputBytes, 0, cypheredBytes);
in your encrypt method. You cannot use String as a container for binary data. Encrypted data should not be converted to a String unless it is a requirement, and then you need to use an appropriate codec such as base64.