In Java code, i have source work well, this is use for encrypt:
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.Base64;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
public class HelloWorld{
private static final String hexKey = "B8EE12E123C0E300A202074A153CC0D27D739357480FFFFFFFFFFFFFFFFFFFEF";
public static void main(String []args){
System.out.println("Encryt ==== ");
String textToEncrypt = "From=ABC&Key=FootID1234&Value=ResultValue2324";
String encryptedText = encrypt(textToEncrypt);
System.out.println(encryptedText);
System.out.println("Decrypt ==== ");
String decryptedText = decrypt(encryptedText);
System.out.println(decryptedText);
}
public static String encrypt (String plainText) {
String encryptedText = null;
try {
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
SecretKeySpec secretKey = new SecretKeySpec(hexToBytes(hexKey), "AES");
IvParameterSpec ivparameterspec = new IvParameterSpec(hexKey.getBytes(), 0, 16);
cipher.init(Cipher.ENCRYPT_MODE, secretKey, ivparameterspec);
byte[] cipherText = cipher.doFinal(plainText.getBytes("UTF8"));
encryptedText = bytesToHex(cipherText);
} catch (Exception E) {
System.out.println("Encrypt Exception : " + E.getMessage());
}
return encryptedText;
}
public static String decrypt(String encryptedText) {
String decryptedText = null;
try {
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
SecretKeySpec secretKey = new SecretKeySpec(hexToBytes(hexKey), "AES");
IvParameterSpec ivparameterspec = new IvParameterSpec(hexKey.getBytes("UTF8"), 0, 16);
cipher.init(Cipher.DECRYPT_MODE, secretKey, ivparameterspec);
byte[] cipherText = hexToBytes(encryptedText);
byte[] dcrbyte = cipher.doFinal(cipherText);
decryptedText = new String(dcrbyte, "UTF-8");
} catch (Exception E) {
System.out.println("Encrypt Exception : " + E.getMessage());
}
return decryptedText;
}
private static byte[] hexToBytes(String hexStr) {
byte[] val = new byte[hexStr.length() / 2];
for (int i = 0; i < val.length; i++) {
int idx = i * 2;
int j = Integer.parseInt(hexStr.substring(idx, idx + 2), 16);
val[i] = (byte) j;
}
return val;
}
private static String bytesToHex(byte[] hashInBytes) {
char[] hexArray = "0123456789ABCDEF".toCharArray();
char[] hexChars = new char[hashInBytes.length * 2];
for (int i = 0; i < hashInBytes.length; i++) {
int v = hashInBytes[i] & 0xFF;
hexChars[i * 2] = hexArray[v >>> 4];
hexChars[i * 2 + 1] = hexArray[v & 0x0F];
}
return new String(hexChars);
}
}
And in c#, i try to write decryptAes() function like this:
public static class Encryption
{
// use these parameters to test decryptAes()
//string key = "B8EE12E123C0E300A202074A153CC0D27D739357480FFFFFFFFFFFFFFFFFFFEF";
//string textToDecrypt = "756AD4D80E2CF1E289D55A23E092F012E8D5F372A343A419BC87F77B6335F04EFB41C3B56F5CDA167F90F67CD672A186";
public static string decryptAes(string key, string textToDecrypt)
{
RijndaelManaged rijndaelCipher = new RijndaelManaged();
// Assumed Mode and padding values.
rijndaelCipher.Mode = CipherMode.CBC;
rijndaelCipher.Padding = PaddingMode.PKCS7;
// AssumedKeySize and BlockSize values.
rijndaelCipher.KeySize = 0x80; //128
rijndaelCipher.BlockSize = 0x80;
// Convert Hex keys to byte Array.
byte[] encryptedData = HexToBytes(textToDecrypt);
//byte[] pwdBytes = System.Text.Encoding.GetEncoding("UTF-8").GetBytes(key);
byte[] pwdBytes = HexToBytes(key);
byte[] keyBytes = new byte[0x10]; //16
int len = pwdBytes.Length;
if (len > keyBytes.Length)
{
len = keyBytes.Length;
}
Array.Copy(pwdBytes, keyBytes, len);
rijndaelCipher.Key = keyBytes;
rijndaelCipher.IV = keyBytes;
// Decrypt data
byte[] plainText = rijndaelCipher.CreateDecryptor()
.TransformFinalBlock(encryptedData, 0, encryptedData.Length);
return Encoding.UTF8.GetString(plainText);
}
public static byte[] HexToBytes(string str)
{
if (str.Length == 0 || str.Length % 2 != 0)
return new byte[0];
byte[] buffer = new byte[str.Length / 2];
char c;
for (int bx = 0, sx = 0; bx < buffer.Length; ++bx, ++sx)
{
// Convert first half of byte
c = str[sx];
buffer[bx] = (byte)((c > '9' ? (c > 'Z' ? (c - 'a' + 10) : (c - 'A' + 10)) : (c - '0')) << 4);
// Convert second half of byte
c = str[++sx];
buffer[bx] |= (byte)(c > '9' ? (c > 'Z' ? (c - 'a' + 10) : (c - 'A' + 10)) : (c - '0'));
}
return buffer;
}
public static string ByteToHex(byte[] ba)
{
StringBuilder hex = new StringBuilder(ba.Length * 2);
foreach (byte b in ba)
hex.AppendFormat("{0:x2}", b);
return hex.ToString().ToUpper();
}
}
But the c# decryptAes() function does not work as i expect. An error
System.Security.Cryptography.CryptographicException: 'Padding is invalid and cannot be removed.'
has occured at line rijndaelCipher.Padding = PaddingMode.PKCS7;
When i change to rijndaelCipher.Padding = PaddingMode.None, it does not work as i expect, the c# result is not the same as the result of java.
Please help, any advice would be appreciated!
Thanks!
You need to explicitly set the padding for both encryption and decryption. Unless you have a reason to do otherwise, use PKCS#7 padding.
rijndaelCipher.Padding=PaddingMode.none;
The java code below generates a SHA-256 hash of the input msg, using the key. However, all my attempts to write code that does same operation in C# have not yielded the same results given same input. I would need help getting the C# equivalent as I have tried a lot already with little success.
I think I've been able to translate most of the code into C# correctly, apart from the part which updates the digest (m.update()), first with the key, then later with the message before hashing.
JAVA CODE
public static String generateHash256Value(String msg, String key) {
MessageDigest m = null;
String hashText = null;
System.out.println("Value to hash::::::::::" + msg);
byte[] actualKeyBytes = HexToByte(secret_key);
try {
m = MessageDigest.getInstance("SHA-256");
m.update(actualKeyBytes, 0, actualKeyBytes.length);
try {
m.update(msg.getBytes("UTF-8"), 0, msg.length());
}
catch (UnsupportedEncodingException ex) {
ex.printStackTrace();
}
hashText = new BigInteger(1, m.digest()).toString(16);
if (hashText.length() < 64) { //must be 64 in length
int numberOfZeroes = 64 - hashText.length();
String zeroes = "";
for (int i = 0; i < numberOfZeroes; i++) {
zeroes = zeroes + "0";
}
hashText = zeroes + hashText;
}
}
catch (NoSuchAlgorithmException ex) {
ex.printStackTrace();
}
hashText = hashText.toUpperCase();
return hashText;
}
public static byte[] hex2Byte(String str) {
byte[] bytes = new byte[str.length() / 2];
for (int i = 0; i < bytes.length; i++) {
bytes[i] = (byte) Integer
.parseInt(str.substring(2 * i, 2 * i + 2), 16);
}
return bytes;
}
C# CODE (attempt)
private static string DoSpecialSha256Hash(string message, string key)
{
String hashText = null;
Console.WriteLine("Value to hash::::::::::" + message);
byte[] keyByte = hex2Byte(key);
Encoding encoder = new System.Text.UTF8Encoding();
var hashAlgo = new SHA256Managed();
var messageBytes = encoder.GetBytes(message);
var toDigest = Combine(keyByte, messageBytes);
hashText = ByteToString(hashAlgo.ComputeHash(toDigest, 0, message.Length));
if (hashText.Length < 64)
{ //must be 64 in length
int numberOfZeroes = 64 - hashText.Length;
String zeroes = "";
for (int i = 0; i < numberOfZeroes; i++)
{
zeroes = zeroes + "0";
}
hashText = zeroes + hashText;
}
hashText = hashText.ToUpper();
return hashText;
}
public static byte[] HexToByte(String hex)
{
return Enumerable.Range(0, hex.Length)
.Where(x => x % 2 == 0)
.Select(x => Convert.ToByte(hex.Substring(x, 2), 16))
.ToArray();
}
private static string ByteToString(byte[] buff)
{
string sbinary = "";
for (int i = 0; i < buff.Length; i++)
{
sbinary += buff[i].ToString("X2"); // hex format
}
return (sbinary);
}
private static byte[] Combine(params byte[][] arrays)
{
byte[] rv = new byte[arrays.Sum(a => a.Length)];
int offset = 0;
foreach (byte[] array in arrays)
{
System.Buffer.BlockCopy(array, 0, rv, offset, array.Length);
offset += array.Length;
}
return rv;
}
Thanks,
I have an app that is downloading and parsing an xml into an sql database. My problem is that the data from the xml once the app is deployed could easily be scraped and other people could use my hard earned data for their own evil purposes/apps. Basically I need to encrypt the xml using php, and then decrypt it using android. I've seen a couple of php classes that make it easy to encrypt but I'm not entirely sure what method to encrypt would be compatible with android.
Edit after solution:
At first I thought I had to ignore brackets for some reason and was going to iterate through all the text and spit out formatted xml lol. Much simpler than that.
$mcrypt = new MCrypt();
$datainxml = file_get_contents("data.xml");
$cipher = $mcrypt->encrypt($value);
echo $cipher;
The following code might help you. Using this you can encrypt/decrypt strings between PHP and Android.
Java Part:
import java.security.NoSuchAlgorithmException;
import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
public class MCrypt {
private String iv = "fedcba9876543210";//Dummy iv (CHANGE IT!)
private IvParameterSpec ivspec;
private SecretKeySpec keyspec;
private Cipher cipher;
private String SecretKey = "0123456789abcdef";//Dummy secretKey (CHANGE IT!)
public MCrypt()
{
ivspec = new IvParameterSpec(iv.getBytes());
keyspec = new SecretKeySpec(SecretKey.getBytes(), "AES");
try {
cipher = Cipher.getInstance("AES/CBC/NoPadding");
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (NoSuchPaddingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
public byte[] encrypt(String text) throws Exception
{
if(text == null || text.length() == 0)
throw new Exception("Empty string");
byte[] encrypted = null;
try {
cipher.init(Cipher.ENCRYPT_MODE, keyspec, ivspec);
encrypted = cipher.doFinal(padString(text).getBytes());
} catch (Exception e)
{
throw new Exception("[encrypt] " + e.getMessage());
}
return encrypted;
}
public byte[] decrypt(String code) throws Exception
{
if(code == null || code.length() == 0)
throw new Exception("Empty string");
byte[] decrypted = null;
try {
cipher.init(Cipher.DECRYPT_MODE, keyspec, ivspec);
decrypted = cipher.doFinal(hexToBytes(code));
} catch (Exception e)
{
throw new Exception("[decrypt] " + e.getMessage());
}
return decrypted;
}
public static String bytesToHex(byte[] data)
{
if (data==null)
{
return null;
}
int len = data.length;
String str = "";
for (int i=0; i<len; i++) {
if ((data[i]&0xFF)<16)
str = str + "0" + java.lang.Integer.toHexString(data[i]&0xFF);
else
str = str + java.lang.Integer.toHexString(data[i]&0xFF);
}
return str;
}
public static byte[] hexToBytes(String str) {
if (str==null) {
return null;
} else if (str.length() < 2) {
return null;
} else {
int len = str.length() / 2;
byte[] buffer = new byte[len];
for (int i=0; i<len; i++) {
buffer[i] = (byte) Integer.parseInt(str.substring(i*2,i*2+2),16);
}
return buffer;
}
}
private static String padString(String source)
{
char paddingChar = ' ';
int size = 16;
int x = source.length() % size;
int padLength = size - x;
for (int i = 0; i < padLength; i++)
{
source += paddingChar;
}
return source;
}
}
PHP Part:
<?php
class MCrypt
{
private $iv = 'fedcba9876543210'; #Same as in JAVA
private $key = '0123456789abcdef'; #Same as in JAVA
function __construct()
{
}
function encrypt($str) {
//$key = $this->hex2bin($key);
$iv = $this->iv;
$td = mcrypt_module_open('rijndael-128', '', 'cbc', $iv);
mcrypt_generic_init($td, $this->key, $iv);
$encrypted = mcrypt_generic($td, $str);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
return bin2hex($encrypted);
}
function decrypt($code) {
//$key = $this->hex2bin($key);
$code = $this->hex2bin($code);
$iv = $this->iv;
$td = mcrypt_module_open('rijndael-128', '', 'cbc', $iv);
mcrypt_generic_init($td, $this->key, $iv);
$decrypted = mdecrypt_generic($td, $code);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
return utf8_encode(trim($decrypted));
}
protected function hex2bin($hexdata) {
$bindata = '';
for ($i = 0; $i < strlen($hexdata); $i += 2) {
$bindata .= chr(hexdec(substr($hexdata, $i, 2)));
}
return $bindata;
}
}
Usage (Java):
mcrypt = new MCrypt();
/* Encrypt */
String encrypted = MCrypt.bytesToHex( mcrypt.encrypt("Text to Encrypt") );
/* Decrypt */
String decrypted = new String( mcrypt.decrypt( encrypted ) );
Usage (PHP):
$mcrypt = new MCrypt();
#Encrypt
$encrypted = $mcrypt->encrypt("Text to encrypt");
#Decrypt
$decrypted = $mcrypt->decrypt($encrypted);
after struggling for a while, I figured that I should bring my question here as I do not really know exactly what I am doing. Basically, I am using a somewhat modified version of the cryptastic version found here.
I am currently base64 encoding everything, then converting to hexidecimal in order to keep the data the same between the two langauges. Right now, I have managed to get decryption from PHP to work, but keep coming across errors when I try to encrypt. I am using BouncyCastle... and for some reason in the decrypt when I do an init, instead of using false it will only work with true (which the docs say is for encryption...)
Anyway, here is my class thus far if anyone has a chance to look at it that would be great.
Technically, decrypt is working only because I have a hack function to remove padding as the ZeroByteEncoding isn't working properly either.
So, I am able to decrypt from the PHP cryptastic, but not encrypt properly so that it can decrypt (it throws an error in my stringToHexidecimal then)
public class Cryptastic {
public final static String CHARSET = "US-ASCII";
public byte[] encrypt(String toEncrypt, byte[] keyBytes, boolean base64Encode)
{
try
{
toEncrypt = serialize(toEncrypt);
byte[] newEncrypt = toEncrypt.getBytes(CHARSET);
BlockCipher blockCipher = new RijndaelEngine(256);
SecureRandom secureRandom = new SecureRandom();
byte[] iv = new byte[32];
secureRandom.nextBytes(iv);
CipherParameters cipherParameters = new ParametersWithIV(new KeyParameter(keyBytes), iv);
RijndaelEngine rijndael = new RijndaelEngine(256);
SICBlockCipher ctrMode = new SICBlockCipher(rijndael);
PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(ctrMode, new ZeroBytePadding());
cipher.init(true, cipherParameters);
int size = cipher.getOutputSize(newEncrypt.length);
byte[] encrypted = new byte[size];
System.out.println(displayBytes(encrypted, false));
int outputLength = cipher.processBytes(newEncrypt, 0, newEncrypt.length, encrypted, 0);
cipher.doFinal(encrypted, outputLength);
if(base64Encode)
{
encrypted = Base64.encode(encrypted);
}
byte[] temp = new byte[encrypted.length + 32];
for(int i = 0; i < iv.length; i++)
{
temp[i] = iv[i];
}
for(int i = iv.length; i < temp.length; i++)
{
temp[i] = encrypted[i - iv.length];
}
encrypted = temp;
byte[] mac = generateKey(encrypted, keyBytes, 1000, 32);
temp = new byte[encrypted.length + mac.length];
for(int i = 0; i < encrypted.length; i++)
{
temp[i] = encrypted[i];
}
for(int i = encrypted.length; i < temp.length; i++)
{
temp[i] = mac[i - encrypted.length];
}
return encrypted;
//System.out.println("Original IV: " + displayBytes(iv, false));
}
catch (Exception e)
{
e.printStackTrace();
}
return null;
}
public byte[] decrypt(String toDecrypt, byte[] keyBytes, boolean base64Encode)
{
try
{
byte[] newDecrypt = hexToByte(toDecrypt);
//toDecrypt = hexToString(toDecrypt);
if(base64Encode)
{
newDecrypt = Base64.decode(newDecrypt);
//toDecrypt = new String(Base64.decode(toDecrypt.getBytes(CHARSET)), CHARSET);
}
byte[] iv = new byte[32];
byte[] extractedMac = new byte[32];
int offset = newDecrypt.length - 32;
for(int i = 0; i < 32; i++)
{
iv[i] = newDecrypt[i];
extractedMac[i] = newDecrypt[i + offset];
}
byte[] temp = new byte[offset - 32];
for(int i = 0; i < temp.length; i++)
{
temp[i] = newDecrypt[i + 32];
}
newDecrypt = temp;
byte[] combo = new byte[newDecrypt.length + iv.length];
for(int i = 0; i < iv.length; i++)
{
combo[i] = iv[i];
}
for(int i = iv.length; i < combo.length; i++)
{
combo[i] = newDecrypt[i - iv.length];
}
byte[] mac = generateKey(new String(combo, CHARSET), new String(keyBytes, CHARSET), 1000, 32);
boolean matches = new String(extractedMac).equals(new String(mac));
if(!matches)
{
byte[] toReturn = new byte[0];
return toReturn;
}
CipherParameters cipherParameters = new ParametersWithIV(new KeyParameter(keyBytes), iv);
RijndaelEngine rijndael = new RijndaelEngine(256);
SICBlockCipher ctrMode = new SICBlockCipher(rijndael);
PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(ctrMode, new ZeroBytePadding());
cipher.init(true, cipherParameters);
int size = cipher.getOutputSize(newDecrypt.length);
byte[] decrypted = new byte[size];
System.out.println(displayBytes(newDecrypt, false));
System.out.println(displayBytes(decrypted, false));
int outputLength = cipher.processBytes(newDecrypt, 0, newDecrypt.length, decrypted, 0);
cipher.doFinal(decrypted, outputLength);
System.out.println(displayBytes(decrypted, false));
temp = new byte[newDecrypt.length];
for(int i = 0; i < temp.length; i++)
{
temp[i] = decrypted[i];
}
decrypted = temp;
decrypted = unserialize(new String(decrypted, CHARSET)).getBytes(CHARSET);
return decrypted;
}
catch (Exception e)
{
e.printStackTrace();
}
return null;
}
public byte[] generateKey(String password, String salt, int blockIterations, int keyLength)
{
try
{
SHA256Digest digest = new SHA256Digest();
int hashLength = digest.getDigestSize();
long keyBlocks = (long) Math.ceil( (double) keyLength / (double) hashLength);
String derived_key = "";
//System.out.println("Number of blocks: " + keyBlocks);
for(long block = 1; block <= keyBlocks; block++)
{
byte[] initialHash = hash_hmac(salt + new String(pack(block)/*, CHARSET */), password);
byte[] compareHash = initialHash;
//System.out.println("Block: " + block);
for(int i = 1; i < blockIterations; i++)
// XOR each iterate
compareHash = hash_hmac(compareHash, password);
for(int j = 0; j < initialHash.length; j++)
{
initialHash[j] = (byte) (initialHash[j] ^ compareHash[j]);
}
}
derived_key += new String(initialHash/*, CHARSET */);
}
return derived_key.substring(0, keyLength).getBytes(CHARSET);
}
catch (Exception e)
{
e.printStackTrace();
}
return null;
}
public byte[] generateKey(byte[] password, byte[] salt, int blockIterations, int keyLength)
{
try
{
SHA256Digest digest = new SHA256Digest();
int hashLength = digest.getDigestSize();
long keyBlocks = (long) Math.ceil( (double) keyLength / (double) hashLength);
byte[] derived_key = null;
//System.out.println("Number of blocks: " + keyBlocks);
for(long block = 1; block <= keyBlocks; block++)
{
byte[] packed = pack(block);
byte[] combined = new byte[salt.length + packed.length];
for(int i = 0; i < salt.length; i++)
{
combined[i] = salt[i];
}
for(int i = salt.length; i < combined.length; i++)
{
combined[i] = packed[i - salt.length];
}
byte[] initialHash = hash_hmac(combined, password);
byte[] compareHash = initialHash;
//System.out.println("Block: " + block);
for(int i = 1; i < blockIterations; i++)
{
// XOR each iterate
compareHash = hash_hmac(compareHash, password);
for(int j = 0; j < initialHash.length; j++)
{
initialHash[j] = (byte) (initialHash[j] ^ compareHash[j]);
}
}
if(derived_key == null)
{
derived_key = initialHash;
}
else
{
byte[] temp = new byte[derived_key.length + initialHash.length];
for(int i = 0; i < derived_key.length; i++)
{
temp[i] = derived_key[i];
}
for(int i = derived_key.length; i < temp.length; i++)
{
temp[i] = initialHash[i - derived_key.length];
}
derived_key = temp;
}
}
byte[] toReturn = new byte[keyLength];
for(int i = 0; i < toReturn.length; i++)
{
toReturn[i] = derived_key[i];
}
return toReturn;
}
catch (Exception e)
{
e.printStackTrace();
}
return null;
}
public byte[] pack(long toPack)
{
String test = Long.toHexString(toPack);
while(test.length() < 8)
{
test = "0" + test;
}
byte[] toReturn = new byte[4];
toReturn[0] = Byte.parseByte(test.substring(0, 2));
toReturn[1] = Byte.parseByte(test.substring(2, 4));
toReturn[2] = Byte.parseByte(test.substring(4, 6));
toReturn[3] = Byte.parseByte(test.substring(6, 8));
return toReturn;
}
public String hexToString(String hex)
{
return new String(hexToByte(hex));
}
public byte[] hexToByte(String hex)
{
if(hex.length() % 2 != 0)
{
hex = "0" + hex;
}
byte[] toReturn = new byte[hex.length() / 2];
for(int i = 0; i < toReturn.length; i++)
{
toReturn[i] = Byte.parseByte(hex.substring(i * 2, (i + 1) * 2), 16);
}
//System.out.println(displayBytes(toReturn, false));
return toReturn;
}
public byte[] hash_hmac(String data, String key)
{
return hash_hmac("HmacSHA256", data, key);
}
public byte[] hash_hmac(String algorithm , String data , String key)
{
try
{
SecretKeySpec secret = new SecretKeySpec(key.getBytes(/*CHARSET*/), algorithm);
Mac mac = Mac.getInstance(algorithm);
mac.init(secret);
byte[] digest = mac.doFinal(data.getBytes(/*CHARSET*/));
return digest;
}
catch (Exception e)
{
e.printStackTrace();
}
return null;
}
public byte[] hash_hmac(byte[] data, String key)
{
return hash_hmac("HmacSHA256", data, key);
}
public byte[] hash_hmac(byte[] data, byte[] key)
{
return hash_hmac("HmacSHA256", data, key);
}
public byte[] hash_hmac(String algorithm , byte[] data , byte[] key)
{
try
{
SecretKeySpec secret = new SecretKeySpec(key, algorithm);
Mac mac = Mac.getInstance(algorithm);
mac.init(secret);
byte[] digest = mac.doFinal(data);
return digest;
}
catch (Exception e)
{
e.printStackTrace();
}
return null;
}
public byte[] hash_hmac(String algorithm , byte[] data , String key)
{
try
{
SecretKeySpec secret = new SecretKeySpec(key.getBytes(/*CHARSET*/), algorithm);
Mac mac = Mac.getInstance(algorithm);
mac.init(secret);
byte[] digest = mac.doFinal(data);
return digest;
}
catch (Exception e)
{
e.printStackTrace();
}
return null;
}
public String displayBytes(byte[] bytes, boolean rawDisplay)
{
String toReturn = "";
if(rawDisplay)
{
toReturn = new String(bytes/*, CHARSET */);
}
else
{
for (byte b : bytes)
{
toReturn += String.format("%02x", b);
}
}
return toReturn;
}
public String toHex(String toConvert) {
if(toConvert.getBytes().length == 0)
{
return "";
}
return String.format("%04x", new BigInteger(toConvert.getBytes(/*YOUR_CHARSET?*/)));
}
/*
* This creates a string representation that should line up with PHPs serialize.
*/
public String serialize(String toSerialize)
{
return "s:" + toSerialize.length() + ":\"" + toSerialize + "\";";
}
public String unserialize(String toUnserialize)
{
System.out.println(toUnserialize);
int endIndex = toUnserialize.indexOf("\";");
while (endIndex < toUnserialize.length() && endIndex < toUnserialize.indexOf("\";", endIndex + 1))
{
endIndex = toUnserialize.indexOf("\";", endIndex + 1);
}
return toUnserialize.substring(toUnserialize.indexOf(":\"") + 2, endIndex);
}
Without reading through all the code, if an encrypt works instead of a decrypt, then you may have "decrypted" the plain text to form the cipher text, as symmetric encryption/decryption is reversable. In other words, you could use plain = encrypt(decrypt(plain)) as well as plain = decrypt(encrypt(plain)).
The only possible difference could be padding: decrypt should remove padding and encrypt should add it, so that would make a difference.
I have it working now... entire class is as follows. When using it with the PHP cryptastic, add in conversion to hexidecimal after conversion to base64.
public class Cryptastic {
public final static String CHARSET = "US-ASCII";
public byte[] encrypt(String toEncrypt, byte[] keyBytes, boolean base64Encode)
{
try
{
toEncrypt = serialize(toEncrypt);
byte[] newEncrypt = toEncrypt.getBytes(CHARSET);
BlockCipher blockCipher = new RijndaelEngine(256);
SecureRandom secureRandom = new SecureRandom();
byte[] iv = new byte[32];
secureRandom.nextBytes(iv);
CipherParameters cipherParameters = new ParametersWithIV(new KeyParameter(keyBytes), iv);
RijndaelEngine rijndael = new RijndaelEngine(256);
SICBlockCipher ctrMode = new SICBlockCipher(rijndael);
PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(ctrMode, new ZeroBytePadding());
cipher.init(false, cipherParameters);
int size = cipher.getOutputSize(newEncrypt.length);
byte[] padded = new byte[size];
for(int i = 0; i < newEncrypt.length; i++)
{
padded[i] = newEncrypt[i];
}
for(int i = newEncrypt.length; i < size; i++)
{
padded[i] = 0;
}
newEncrypt = padded;
byte[] encrypted = new byte[size];
int outputLength = cipher.processBytes(newEncrypt, 0, newEncrypt.length, encrypted, 0);
cipher.doFinal(encrypted, outputLength);
byte[] temp = new byte[encrypted.length + 32];
for(int i = 0; i < iv.length; i++)
{
temp[i] = iv[i];
}
for(int i = iv.length; i < temp.length; i++)
{
temp[i] = encrypted[i - iv.length];
}
encrypted = temp;
byte[] mac = generateKey(new String(encrypted, CHARSET), new String(keyBytes, CHARSET), 1000, 32);
temp = new byte[encrypted.length + mac.length];
for(int i = 0; i < encrypted.length; i++)
{
temp[i] = encrypted[i];
}
for(int i = encrypted.length; i < temp.length; i++)
{
temp[i] = mac[i - encrypted.length];
}
encrypted = temp;
if(base64Encode)
{
encrypted = Base64.encode(encrypted);
}
return encrypted;
}
catch (Exception e)
{
e.printStackTrace();
}
return null;
}
public byte[] decrypt(String toDecrypt, byte[] keyBytes, boolean base64Encode)
{
try
{
byte[] newDecrypt = hexToByte(toDecrypt);
if(base64Encode)
{
newDecrypt = Base64.decode(newDecrypt);
}
byte[] iv = new byte[32];
byte[] extractedMac = new byte[32];
int offset = newDecrypt.length - 32;
for(int i = 0; i < 32; i++)
{
iv[i] = newDecrypt[i];
extractedMac[i] = newDecrypt[i + offset];
}
byte[] temp = new byte[offset - 32];
for(int i = 0; i < temp.length; i++)
{
temp[i] = newDecrypt[i + 32];
}
newDecrypt = temp;
byte[] combo = new byte[newDecrypt.length + iv.length];
for(int i = 0; i < iv.length; i++)
{
combo[i] = iv[i];
}
for(int i = iv.length; i < combo.length; i++)
{
combo[i] = newDecrypt[i - iv.length];
}
byte[] mac = generateKey(new String(combo, CHARSET), new String(keyBytes, CHARSET), 1000, 32);
boolean matches = new String(extractedMac).equals(new String(mac));
if(!matches)
{
byte[] toReturn = new byte[0];
return toReturn;
}
CipherParameters cipherParameters = new ParametersWithIV(new KeyParameter(keyBytes), iv);
RijndaelEngine rijndael = new RijndaelEngine(256);
SICBlockCipher ctrMode = new SICBlockCipher(rijndael);
PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(ctrMode, new ZeroBytePadding());
cipher.init(true, cipherParameters);
int size = cipher.getOutputSize(newDecrypt.length);
byte[] decrypted = new byte[size];
int outputLength = cipher.processBytes(newDecrypt, 0, newDecrypt.length, decrypted, 0);
cipher.doFinal(decrypted, outputLength);
temp = new byte[newDecrypt.length];
for(int i = 0; i < temp.length; i++)
{
temp[i] = decrypted[i];
}
decrypted = temp;
decrypted = unserialize(new String(decrypted, CHARSET)).getBytes(CHARSET);
return decrypted;
}
catch (Exception e)
{
e.printStackTrace();
}
return null;
}
public byte[] generateKey(String password, String salt, int blockIterations, int keyLength)
{
try
{
SHA256Digest digest = new SHA256Digest();
int hashLength = digest.getDigestSize();
long keyBlocks = (long) Math.ceil( (double) keyLength / (double) hashLength);
String derived_key = "";
//System.out.println("Number of blocks: " + keyBlocks);
for(long block = 1; block <= keyBlocks; block++)
{
byte[] initialHash = hash_hmac(salt + new String(pack(block)/*, CHARSET */), password);
byte[] compareHash = initialHash;
//System.out.println("Block: " + block);
for(int i = 1; i < blockIterations; i++)
{
// XOR each iterate
compareHash = hash_hmac(compareHash, password);
for(int j = 0; j < initialHash.length; j++)
{
initialHash[j] = (byte) (initialHash[j] ^ compareHash[j]);
}
}
derived_key += new String(initialHash/*, CHARSET */);
}
return derived_key.substring(0, keyLength).getBytes(CHARSET);
}
catch (Exception e)
{
e.printStackTrace();
}
return null;
}
public byte[] generateKey(byte[] password, byte[] salt, int blockIterations, int keyLength)
{
try
{
SHA256Digest digest = new SHA256Digest();
int hashLength = digest.getDigestSize();
long keyBlocks = (long) Math.ceil( (double) keyLength / (double) hashLength);
byte[] derived_key = null;
for(long block = 1; block <= keyBlocks; block++)
{
byte[] packed = pack(block);
byte[] combined = new byte[salt.length + packed.length];
for(int i = 0; i < salt.length; i++)
{
combined[i] = salt[i];
}
for(int i = salt.length; i < combined.length; i++)
{
combined[i] = packed[i - salt.length];
}
byte[] initialHash = hash_hmac(combined, password);
byte[] compareHash = initialHash;
//System.out.println("Block: " + block);
for(int i = 1; i < blockIterations; i++)
{
// XOR each iterate
compareHash = hash_hmac(compareHash, password);
for(int j = 0; j < initialHash.length; j++)
{
initialHash[j] = (byte) (initialHash[j] ^ compareHash[j]);
}
}
if(derived_key == null)
{
derived_key = initialHash;
}
else
{
byte[] temp = new byte[derived_key.length + initialHash.length];
for(int i = 0; i < derived_key.length; i++)
{
temp[i] = derived_key[i];
}
for(int i = derived_key.length; i < temp.length; i++)
{
temp[i] = initialHash[i - derived_key.length];
}
derived_key = temp;
}
}
byte[] toReturn = new byte[keyLength];
for(int i = 0; i < toReturn.length; i++)
{
toReturn[i] = derived_key[i];
}
return toReturn;
}
catch (Exception e)
{
e.printStackTrace();
}
return null;
}
public byte[] pack(long toPack)
{
String test = Long.toHexString(toPack);
while(test.length() < 8)
{
test = "0" + test;
}
byte[] toReturn = new byte[4];
toReturn[0] = Byte.parseByte(test.substring(0, 2));
toReturn[1] = Byte.parseByte(test.substring(2, 4));
toReturn[2] = Byte.parseByte(test.substring(4, 6));
toReturn[3] = Byte.parseByte(test.substring(6, 8));
return toReturn;
}
public String hexToString(String hex)
{
return new String(hexToByte(hex));
}
public byte[] hexToByte(String hex)
{
if(hex.length() % 2 != 0)
{
hex = "0" + hex;
}
byte[] toReturn = new byte[hex.length() / 2];
for(int i = 0; i < toReturn.length; i++)
{
toReturn[i] = Byte.parseByte(hex.substring(i * 2, (i + 1) * 2), 16);
}
return toReturn;
}
public byte[] hash_hmac(String data, String key)
{
return hash_hmac("HmacSHA256", data, key);
}
public byte[] hash_hmac(String algorithm , String data , String key)
{
try
{
SecretKeySpec secret = new SecretKeySpec(key.getBytes(/*CHARSET*/), algorithm);
Mac mac = Mac.getInstance(algorithm);
mac.init(secret);
byte[] digest = mac.doFinal(data.getBytes(/*CHARSET*/));
return digest;
}
catch (Exception e)
{
e.printStackTrace();
}
return null;
}
public byte[] hash_hmac(byte[] data, String key)
{
return hash_hmac("HmacSHA256", data, key);
}
public byte[] hash_hmac(byte[] data, byte[] key)
{
return hash_hmac("HmacSHA256", data, key);
}
public byte[] hash_hmac(String algorithm , byte[] data , byte[] key)
{
try
{
SecretKeySpec secret = new SecretKeySpec(key, algorithm);
Mac mac = Mac.getInstance(algorithm);
mac.init(secret);
byte[] digest = mac.doFinal(data);
return digest;
}
catch (Exception e)
{
e.printStackTrace();
}
return null;
}
public byte[] hash_hmac(String algorithm , byte[] data , String key)
{
try
{
SecretKeySpec secret = new SecretKeySpec(key.getBytes(/*CHARSET*/), algorithm);
Mac mac = Mac.getInstance(algorithm);
mac.init(secret);
byte[] digest = mac.doFinal(data);
return digest;
}
catch (Exception e)
{
e.printStackTrace();
}
return null;
}
public String displayBytes(byte[] bytes, boolean rawDisplay)
{
String toReturn = "";
if(rawDisplay)
{
toReturn = new String(bytes/*, CHARSET */);
}
else
{
for (byte b : bytes)
{
toReturn += String.format("%02x", b);
}
}
return toReturn;
}
public String toHex(String toConvert) {
if(toConvert.getBytes().length == 0)
{
return "";
}
return String.format("%04x", new BigInteger(toConvert.getBytes(/*YOUR_CHARSET?*/)));
}
/*
* This creates a string representation that should line up with PHPs serialize.
*/
public String serialize(String toSerialize)
{
return "s:" + toSerialize.length() + ":\"" + toSerialize + "\";";
}
public String unserialize(String toUnserialize)
{
int endIndex = toUnserialize.indexOf("\";");
while (endIndex < toUnserialize.length() && endIndex < toUnserialize.indexOf("\";", endIndex + 1))
{
endIndex = toUnserialize.indexOf("\";", endIndex + 1);
}
return toUnserialize.substring(toUnserialize.indexOf(":\"") + 2, endIndex);
}
}
I'm trying to encrypt data between my android application and a PHP webservice.
I found the next piece of code in this website: http://schneimi.wordpress.com/2008/11/25/aes-128bit-encryption-between-java-and-php/
But when I try to decrypt I get the Exception of the title "data not block size aligned"
This are the method in my MCrypt class
public String encrypt(String text) throws Exception
{
if(text == null || text.length() == 0)
throw new Exception("Empty string");
Cipher cipher;
byte[] encrypted = null;
try {
cipher = Cipher.getInstance("AES/CBC/NoPadding");
cipher.init(Cipher.ENCRYPT_MODE, keyspec, ivspec);
encrypted = cipher.doFinal(padString(text).getBytes());
} catch (Exception e)
{
throw new Exception("[encrypt] " + e.getMessage());
}
return new String( encrypted );
}
public String decrypt(String code) throws Exception
{
if(code == null || code.length() == 0)
throw new Exception("Empty string");
Cipher cipher;
byte[] decrypted = null;
try {
cipher = Cipher.getInstance("AES/CBC/NoPadding");
cipher.init(Cipher.DECRYPT_MODE, keyspec, ivspec);
decrypted = cipher.doFinal(hexToBytes(code));
} catch (Exception e)
{
throw new Exception("[decrypt] " + e.getMessage());
}
return new String( decrypted );
}
private static byte[] hexToBytes(String hex) {
String HEXINDEX = "0123456789abcdef";
int l = hex.length() / 2;
byte data[] = new byte[l];
int j = 0;
for (int i = 0; i < l; i++) {
char c = hex.charAt(j++);
int n, b;
n = HEXINDEX.indexOf(c);
b = (n & 0xf) << 4;
c = hex.charAt(j++);
n = HEXINDEX.indexOf(c);
b += (n & 0xf);
data[i] = (byte) b;
}
return data;
}
private static String padString(String source)
{
char paddingChar = ' ';
int size = 16;
int x = source.length() % size;
int padLength = size - x;
for (int i = 0; i < padLength; i++)
{
source += paddingChar;
}
return source;
}
And this is how I'm using it in my activity to test:
String encrypted = mcrypt.encrypt(jsonUser.toString());
String decrypted = mcrypt.decrypt(encrypted);
the encrypt method works fine, but the second throws an exception.
At last! I made it work! Thanks for all your suggestion. I would like to share the code just in case somebody get stuck like me:
JAVA
import java.security.NoSuchAlgorithmException;
import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
public class MCrypt {
private String iv = "fedcba9876543210";//Dummy iv (CHANGE IT!)
private IvParameterSpec ivspec;
private SecretKeySpec keyspec;
private Cipher cipher;
private String SecretKey = "0123456789abcdef";//Dummy secretKey (CHANGE IT!)
public MCrypt()
{
ivspec = new IvParameterSpec(iv.getBytes());
keyspec = new SecretKeySpec(SecretKey.getBytes(), "AES");
try {
cipher = Cipher.getInstance("AES/CBC/NoPadding");
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (NoSuchPaddingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
public byte[] encrypt(String text) throws Exception
{
if(text == null || text.length() == 0)
throw new Exception("Empty string");
byte[] encrypted = null;
try {
cipher.init(Cipher.ENCRYPT_MODE, keyspec, ivspec);
encrypted = cipher.doFinal(padString(text).getBytes());
} catch (Exception e)
{
throw new Exception("[encrypt] " + e.getMessage());
}
return encrypted;
}
public byte[] decrypt(String code) throws Exception
{
if(code == null || code.length() == 0)
throw new Exception("Empty string");
byte[] decrypted = null;
try {
cipher.init(Cipher.DECRYPT_MODE, keyspec, ivspec);
decrypted = cipher.doFinal(hexToBytes(code));
} catch (Exception e)
{
throw new Exception("[decrypt] " + e.getMessage());
}
return decrypted;
}
public static String bytesToHex(byte[] data)
{
if (data==null)
{
return null;
}
int len = data.length;
String str = "";
for (int i=0; i<len; i++) {
if ((data[i]&0xFF)<16)
str = str + "0" + java.lang.Integer.toHexString(data[i]&0xFF);
else
str = str + java.lang.Integer.toHexString(data[i]&0xFF);
}
return str;
}
public static byte[] hexToBytes(String str) {
if (str==null) {
return null;
} else if (str.length() < 2) {
return null;
} else {
int len = str.length() / 2;
byte[] buffer = new byte[len];
for (int i=0; i<len; i++) {
buffer[i] = (byte) Integer.parseInt(str.substring(i*2,i*2+2),16);
}
return buffer;
}
}
private static String padString(String source)
{
char paddingChar = ' ';
int size = 16;
int x = source.length() % size;
int padLength = size - x;
for (int i = 0; i < padLength; i++)
{
source += paddingChar;
}
return source;
}
}
HOW TO USE IT (JAVA)
mcrypt = new MCrypt();
/* Encrypt */
String encrypted = MCrypt.bytesToHex( mcrypt.encrypt("Text to Encrypt") );
/* Decrypt */
String decrypted = new String( mcrypt.decrypt( encrypted ) );
====================================================
PHP
<?php
class MCrypt
{
private $iv = 'fedcba9876543210'; #Same as in JAVA
private $key = '0123456789abcdef'; #Same as in JAVA
function __construct()
{
}
function encrypt($str) {
//$key = $this->hex2bin($key);
$iv = $this->iv;
$td = mcrypt_module_open('rijndael-128', '', 'cbc', $iv);
mcrypt_generic_init($td, $this->key, $iv);
$encrypted = mcrypt_generic($td, $str);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
return bin2hex($encrypted);
}
function decrypt($code) {
//$key = $this->hex2bin($key);
$code = $this->hex2bin($code);
$iv = $this->iv;
$td = mcrypt_module_open('rijndael-128', '', 'cbc', $iv);
mcrypt_generic_init($td, $this->key, $iv);
$decrypted = mdecrypt_generic($td, $code);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
return utf8_encode(trim($decrypted));
}
protected function hex2bin($hexdata) {
$bindata = '';
for ($i = 0; $i < strlen($hexdata); $i += 2) {
$bindata .= chr(hexdec(substr($hexdata, $i, 2)));
}
return $bindata;
}
}
HOW TO USE IT (PHP)
<?php
$mcrypt = new MCrypt();
#Encrypt
$encrypted = $mcrypt->encrypt("Text to encrypt");
#Decrypt
$decrypted = $mcrypt->decrypt($encrypted);
I'm guessing your keyspec and ivspec are not valid for decryption. I've typically transformed them into PublicKey and PrivateKey instances and then use the private key to decrypt.
I looked at the comments in the other answer. I ran into a similar problem trying to encrypt a large block of text using open SSL in php (on both sides). I imagine the same issue would come up in Java.
If you have a 1024 bit RSA key, you must split the incoming text into 117 byte chunks (a char is a byte) and encrypt each (you can concatenate them together). On the other end, you must split the encrypted data into 128 byte chunks and decrypt each. This should give you your original message.
Also note that http may not play friendly with the non-ASCII encrypted data. I base64 encode/decode it before and after transmission (plus you have to worry about additional urlencoding for the base64 change, but it is easy).
I'm not sure of your AES key length, but if it's 1024 bits the chunk length is probably the same. If it's not, you will have to divide the bits by 8 to find the byte chunk length coming out. I'm actually not sure how to get it coming in, unfortunately (maybe multiply by 117/128 ?)
Here's some php code:
class Crypto {
public function encrypt($key, $data) {
$crypto = '';
foreach (str_split($data, 117) as $chunk) {
openssl_public_encrypt($chunk, $encrypted, $key);
$crypto .= $encrypted;
}
return $crypto;
}
//Decrypt omitted. Basically the same, change 117 to 128.
/**##+
* Update data for HTTP transmission and retrieval
* Must be used on encrypted data, but also useful for any binary data
* (e.g. zip files).
*/
public function base64_encode($value) {
return rtrim(strtr(base64_encode($value), '+/', '-_'), '=');
}
//String length must be padded for decoding for some reason
public function base64_decode($value) {
return base64_decode(str_pad(strtr($value, '-_', '+/')
, strlen($value) % 4, '=', STR_PAD_RIGHT));
}
/**##-*/
}