B4J Question AES128 ECB Decrypt

Discussion in 'B4J Questions' started by aaronk, Aug 21, 2019.

  1. aaronk

    aaronk Well-Known Member Licensed User

    Hi,

    I am trying to decrypt a message using AES128 in ECB mode, and not CBC mode.

    The data I am trying to decrypt is sent to my B4J as AES-128 in ECB mode, and that data I have put into a string called 'dataToDecrypt' in my code below.

    When I run the following code I get the following error:

    Line 83 is: decrypted = C.Decrypt(decrypted, kg.Key, False)

    Code:
    Dim dataToDecrypt As String = "�q�!DAZ��R��:f/�Ŝ��h�U�0h�V��ƅHw��s�Č)�o�yZ��%v��_,"
       
        
    Dim kg As KeyGenerator
        
    Dim C As Cipher
        
    Dim decrypted() As Byte
        
    Dim BConv As ByteConverter
       
        decrypted = dataToDecrypt.GetBytes(
    "UTF8")
     
        
    Dim Key As String = "0123456789ABCDEF" ' this is the same key that encrypted the string that was sent

        kg.Initialize(
    "AES")
        kg.KeyFromBytes(Key.GetBytes(
    "UTF8"))
         
        C.Initialize(
    "AES/ECB/NoPadding"' not 100% sure on the NoPadding part

        decrypted = C.Decrypt(decrypted, kg.Key, 
    False)

        
    Log("Decrypt = " & BConv.StringFromBytes(decrypted, "UTF8"))
    Anyone know where I have gone wrong ?
     
  2. Erel

    Erel Administrator Staff Member Licensed User

    Never convert "random" bytes to string.
    Only bytes that represent a string can be converted to a string.

    Worth repeating: never convert random bytes to string. It will not work.

    Use base64 encoding to convert the bytes to string.
     
  3. aaronk

    aaronk Well-Known Member Licensed User

    I am guessing you mean the encrypted text that I am trying to read, you are calling 'random' text ?

    Not 100% sure on how to do this.. But tried with the code below, but since it's not working I guess I did it wrong.

    I should have pointed out, a 3rd party software is sending a UDP message to my B4J app.
    This is a ASCII message, and it looks like:

    VALUE1//VALUE2//�q�!DAZ��R��:f/�Ŝ��h�U�0h�V��ƅHw��s�Č)�o�yZ��%v��_,

    The first 2 values VALUE1 & VALUE2 are in plan text, and the 3rd section is encrypted with AES128 ECB.

    I am reading this UDP like the following:
    (My code now looks like the following)

    Code:
    Private Sub SockUDP_PacketArrived (Packet As UDPPacket)

        
    Dim msg1 As String     ' This will hold the incoming message
        msg1 = BytesToString(Packet.Data, Packet.Offset, Packet.Length, "UTF8")

        msg1 = msg1.Replace(
    Chr(10),"")
        msg1 = msg1.Replace(
    Chr(13),"")

        
    Dim msg_string() As String = Regex.Split("//",msg1)
       
        
    Log("Full UDP Message = " & msg1) ' VALUE1//VALUE2//�q�!DAZ��R��:f/�Ŝ��h�U�0h�V��ƅHw��s�Č)�o�yZ��%v��_,
        Log("Encrypted Message = " & msg_string(2)) '  �q�!DAZ��R��:f/�Ŝ��h�U�0h�V��ƅHw��s�Č)�o�yZ��%v��_,

        
    Dim su As StringUtils
        
    Dim kg As KeyGenerator
        
    Dim C As Cipher
           
        
    Dim Key As String = "0123456789ABCDEF" ' this is the same key that encrypted the string that was sent
           
        kg.Initialize(
    "AES")
        kg.KeyFromBytes(Key.GetBytes(
    "UTF8"))
           
        C.Initialize(
    "AES/ECB/PKCS5Padding")
       
        
    Dim dataString As String
       
        dataString = su.EncodeBase64(msg_string(
    2).GetBytes("UTF8"))

        
    Dim decryptedBytes() As Byte = c.Decrypt(dataString.GetBytes("UTF8"), kg.Key , False)
       
        
    Log("Decrypt Text = " & BytesToString(decryptedBytes, 0, decryptedBytes.Length, "UTF8")) ' this seems to return the same encrypted text.
       
    End Sub
     
  4. DonManfred

    DonManfred Expert Licensed User

    Is there any Documentation about the UDP Packet?
    i dont think this is a ASCII Message. Maybe parts of it are text.

    Usually UDP Packets have a "Structure".
     
    OliverA likes this.
  5. aaronk

    aaronk Well-Known Member Licensed User

    Kind of, but need to decrypt the message first.

    VALUE1 and VALUE2 are in plan text, and the 3rd part is encrypted. Basically VALUE1 and VALUE2 are telling me information about the user sending the message, and then to read the message the user sent I need to decrypt the 3rd part to read the message.

    It's an ASCII message otherwise I wouldn't be able to read the first part of the message.

    It sounds to me that the 3rd part of the ASCII message is encrypted wrong, but been told it's meant to be sending the message correctly.
     
  6. DonManfred

    DonManfred Expert Licensed User

    I think your problem starts here. You are expecting the hole Packet payload to be a String.
    In fact it seems that the message payload, the Packet.Data is binary.

    I suggest to start debugging here.

    - Get the packet data into a bytearray
    - convert the bytearray to a hexstring.
    - save the hexstring to a file to upload it here.

    Looking at the HEX Dump may reveal more info about the Struct the payload does have.
     
    OliverA likes this.
  7. DonManfred

    DonManfred Expert Licensed User

    Code:
    Sub UDP_PacketArrived (Packet As UDPPacket)
        
    Dim pkt() As Byte = Packet.Data
    Code:
    Dim hexdata As String = bc.HexFromBytes(pkt) ' bc is a ByteConverter
        File.WriteString("D:\","DataHEX.txt",hexdata) ' Adapt path...
    Please upload such a DataHEX.txt

    If would be easier to help if you would point a link to the udp packet documentation of these 3rd party software. Or the name of it.
     
    OliverA likes this.
  8. aaronk

    aaronk Well-Known Member Licensed User

    Attached is the HEX as requested.

    The attached is when the remote side sent the message encrypted.

    I have made the remote side send the same ASCII message as plain text to compare:

    3670BB9F//0//0000754C//00409D27558D//05.03.10//02.00.44//Hello

    The difference between the plain text and encrypted text is:

    Plain text starts with 3670BB9F//0//
    Encrypted text starts with 3670BB9F//1//

    So, the following text:

    0000754C//00409D27558D//05.03.10//02.00.44//Hello

    is the encrypted text:

    �q�!DAZ��R��:f/�Ŝ��h�U�0h�V��ƅHw��s�Č)�o�yZ��%v��_,

    Just trying to work out how to now decrypt the message to read the same text as the plain text.

    I used the following code to write the encrypted text and also logged the incoming data to the IDE log:

    Code:
    Sub UDP_PacketArrived (Packet As UDPPacket)
           
        
    Dim pkt() As Byte = Packet.Data
            
        
    Dim bc As ByteConverter
        
    Dim hexdata As String = bc.HexFromBytes(pkt) ' bc is a ByteConverter
        File.WriteString("c:\","DataHEX.txt",hexdata) ' Adapt path...
        
        
    Dim msg1 As String     ' This will hold the incoming message
        msg1 = BytesToString(Packet.Data, Packet.Offset, Packet.Length, "UTF8")
        
        
    Log(msg1)
    End Sub
    It Logs:
    img.png

    Looks like it split the message?

    Any help on working out how to decrypt the message would be great.
     

    Attached Files:

  9. DonManfred

    DonManfred Expert Licensed User

    you need to split out the msgpayload (which is binary (probably the encrypted bytes)

    Code:
    Dim hex As String = "33363730424239462F2F312F2F8971C5072144415AEEEE5212B7B13A662F84C59C99E71D68D17F55BF30680DB556E2ADC4C6854877A3C17384C48C132903E66FAA795AD0E3812576F4EC0F5F2C000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
        
    Log("Length HEX: "&hex.Length)
        
        
    Dim raw() As Byte = bc.HexToBytes(hex)
        bb.Initialize
        bb.Append(raw)
        
    Dim binaryflag() As Byte = Array As Byte(0x330x360x370x300x420x420x390x460x2f,0x2f,0x31,0x2f,0x2f)
        
    If bb.IndexOf(binaryflag) > -1 Then
            
    Log("Binary-Flag found")
            
    Log("Searching for next zero byte (0x0)")
            
    Log(bb.IndexOf2(Array As Byte(0x0),13)) ' i expect the encrypted message ends with a zerobyte. here just logging the position
            Log("Substract binarymessage")
            
    Dim msgbytes() As Byte = bb.SubArray2(13,bb.IndexOf2(Array As Byte(0x0),13)) ' use the index of the zerobyte to mark the "end". 
            Log("Message Bytes extracted. Length: "&msgbytes.Length)
            
    File.WriteBytes("E:\","messageraw.bin",msgbytes)
        
    End If
    I guess you now need to decrypt THIS bytes....

    PS: bb is a
    Code:
    Private bb As B4XBytesBuilder
    from the B4XCollections lib.
     
    KMatle, aaronk and Erel like this.
  10. DonManfred

    DonManfred Expert Licensed User

    Do you know the password used for enryption of the message using AES ECB?
     
  11. aaronk

    aaronk Well-Known Member Licensed User

    0123456789ABCDEF
     
  12. aaronk

    aaronk Well-Known Member Licensed User

    I am not 100% sure if this is correct..

    I tried using:

    Code:
    Sub Decrypt
        
        
    Dim hex As String = "33363730424239462F2F312F2F8971C5072144415AEEEE5212B7B13A662F84C59C99E71D68D17F55BF30680DB556E2ADC4C6854877A3C17384C48C132903E66FAA795AD0E3812576F4EC0F5F2C000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
        
        
    Dim bb As B4XBytesBuilder
        
    Dim bc As ByteConverter
        
    Dim kg As KeyGenerator
        
    Dim C As Cipher
        
    Dim BConv As ByteConverter
        
        
    Log("Length HEX: " & hex.Length) ' logs Length HEX: 16000
        
        
    Dim raw() As Byte = bc.HexToBytes(hex)
        bb.Initialize
        bb.Append(raw)
        
    Dim binaryflag() As Byte = Array As Byte(0x330x360x370x300x420x420x390x460x2f,0x2f,0x31,0x2f,0x2f)
        
    If bb.IndexOf(binaryflag) > -1 Then
            
    Log("Binary-Flag found")
            
    Log("Searching for next zero byte (0x0)"
            
    Log(bb.IndexOf2(Array As Byte(0x0),13)) 'logs 77
            Log("Substract binarymessage")
            
    Dim msgbytes() As Byte = bb.SubArray2(13,bb.IndexOf2(Array As Byte(0x0),13)) ' use the index of the zerobyte to mark the "end".
            Log("Message Bytes extracted. Length: " & msgbytes.Length) ' Message Bytes extracted. Length: 64
            File.WriteBytes("c:\","messageraw.txt",msgbytes) ' file attached
        End If

        
    Dim Key As String = "0123456789ABCDEF" ' this is the same key that encrypted the string that was sent

        kg.Initialize(
    "AES")
        kg.KeyFromBytes(Key.GetBytes(
    "UTF8"))
        
        C.Initialize(
    "AES/ECB/NoPadding")

        msgbytes = C.Decrypt(msgbytes, kg.Key, 
    False)

        
    Log("Decrypted Plain text: " & BConv.StringFromBytes(msgbytes, "UTF8"))

    End Sub
    I attached the messageraw.txt file it created.

    I am guessing this created the encrypted text I am trying to decrypt, as bytes into that file ?

    I then tried to decrypt the message (the bytes from messageraw.txt), but looks like it didn't do it.

    img.png

    I have been told this is working in VB / C# with the following:

    Code:
    ' struct that holds the buffer and count of bytes in it and some other stuff
    Public Structure XepQData_Class

            
    Public EPProtocol As Protocol
            
    Public EP As IPEndPoint
            
    Public RmtTcpSess As XepTcpObject
            
    Public RmtUdpClient As UdpClient
            
    Public IOBuff() As Byte
            
    Public NumBytesInBuff As Integer

        
    End Structure

    'define a variable from that struct:
        Dim XepQData As New XepQData_Class

    ' code to pass the message to the aes decryption is as follows:
        Dim crypt As New AES(AESkey)
        crypt.Decrypt(XepQData.IOBuff, XepQData.NumBytesInBuff)

    Public Class AES
        
    Dim cAES As RijndaelManaged

        
    Public Sub New(ByVal AESkey As Byte())

            
    Dim InitVector() As Byte = {0000000000000000}

            cAES = New RijndaelManaged
            cAES.BlockSize = 128
            cAES.KeySize = 128
            cAES.Mode = CipherMode.ECB
            cAES.IV = InitVector
            cAES.Padding = PaddingMode.Zeros
            cAES.Key = AESkey

        End Sub



        
    Public Sub Decrypt(ByRef cBytes As Byte(), ByVal NumBytes As Integer)

            
    Dim PlainBytes(IOBuffSize) As Byte
            
    Dim i As Integer
            
    Dim cDecryptor As ICryptoTransform = cAES.CreateDecryptor()

            
    ' Skip over the first 13 bytes - they are already in the plain.
            For i = 13 To NumBytes - 16 Step 16
                cDecryptor.TransformBlock(cBytes, i, 
    16, PlainBytes, i)
            
    Next

            
    Array.Copy(PlainBytes, 13, cBytes, 13, NumBytes - 13)

        
    End Sub


        
    Public Sub Encrypt(ByRef cBytes As Byte(), ByRef NumBytes As Integer)

            
    Dim EncryptedBytes(IOBuffSize) As Byte
            
    Dim i As Integer

            
    ' pad to a multiple of 16
            Dim numPadBytes As Integer = 16 - ((NumBytes - 13Mod 16)
            ReDim Preserve cBytes(NumBytes + numPadBytes - 
    1)
            
    For i = NumBytes To NumBytes + numPadBytes - 1
                cBytes(i) = 
    0
            
    Next i

            NumBytes += numPadBytes

            
    Dim cEncryptor As ICryptoTransform = cAES.CreateEncryptor()

            
    ' Skip over the first 13 bytes - they are left in the plain.
            For i = 13 To NumBytes - 1 Step 16
                cEncryptor.TransformBlock(cBytes, i, 
    16, EncryptedBytes, i)
            
    Next

            
    Array.Copy(EncryptedBytes, 13, cBytes, 13, NumBytes - 13)

        
    End Sub
    End Class
    “AES” is a class that is defined based on the windows’ RijndaelManaged class (https://docs.microsoft.com/en-us/do...ography.rijndaelmanaged?view=netframework-4.8) which is basically the code as above.

    Not 100% sure on how to do the same thing in B4X (I thought I was doing something very similar already but guess not since it's not working).

    0123456789ABCDEF is the AES key that was used to encrypt the message.
     

    Attached Files:

  13. OliverA

    OliverA Expert Licensed User

    Something is not right (which can be on my part). But when I encrypt

    0000754C//00409D27558D//05.03.10//02.00.44//Hello

    using the key

    0123456789ABCDEF

    the hex output of the encrypted text is

    CB517EF65D218017C806EE2D4CF03E1A7859FD08E48E1F1D799E9A8D8593041ED6BC07D879092756A99BE059CA98BFEB45D7BF25523DE1FEA630E97414F8BD97

    That's nowhere near

    8971C5072144415AEEEE5212B7B13A662F84C59C99E71D68D17F55BF30680DB556E2ADC4C6854877A3C17384C48C132903E66FAA795AD0E3812576F4EC0F5F2C

    Also, de-crypting that string (the one starting with 8971C5...) with that key produces the gibberish you see in your code. I even tried (it should make no difference, and it did not) splitting up the packet manually as the VB code that you gave.

    Conclusion: We are not using the same key. How are you converting your key to a byte array? Are you sure you are using the key you are posting?

    My code:
    Code:
    'Non-UI application (console / server application)
    #Region Project Attributes
        
    #CommandLineArgs:
        
    #MergeLibraries: True
    #End Region

    #AdditionalJar: bcprov-jdk15on-160.jar
    '        External Libraries:
    '            #AdditionalJar: bcprov-jdk15on-160
    '            Library can be found here: https://www.bouncycastle.org/download/bcprov-jdk15on-160.jar

    Sub Process_Globals
      
    End Sub

    Sub AppStart (Args() As String)
        
    Dim joSecurity As JavaObject
        joSecurity.InitializeStatic(
    "java.security.Security")
    #if B4J
        Dim jo As JavaObject
        jo.InitializeNewInstance("org.bouncycastle.jce.provider.BouncyCastleProvider", Null)
        joSecurity.RunMethod("addProvider", Array As Object (jo))
    #else if B4A
        ' Seems to just work as of Android 5.1 (oldest version I have)
    '    Dim jo As JavaObject
    '    jo.InitializeNewInstance("org.spongycastle.jce.provider.BouncyCastleProvider", Null)
    '    joSecurity.RunMethod("insertProviderAt", Array As Object (jo, 1))
    #else
        LOG("ERROR: UNSUPPORTED PLATFORM")
        Return
    #End If

      
        
    Dim hex As String = "33363730424239462F2F312F2F8971C5072144415AEEEE5212B7B13A662F84C59C99E71D68D17F55BF30680DB556E2ADC4C6854877A3C17384C48C132903E66FAA795AD0E3812576F4EC0F5F2C000000"
      
        
    Dim hexCurated As String = "8971C5072144415AEEEE5212B7B13A662F84C59C99E71D68D17F55BF30680DB556E2ADC4C6854877A3C17384C48C132903E66FAA795AD0E3812576F4EC0F5F2C"
        
    'Dim hexCurated As String = "8971C5072144415AEEEE5212B7B13A66"
        Dim bc As ByteConverter
        
    Dim pktHeader() As Byte = bc.HexToBytes("33363730424239462F2F312F2F")
        
    Log(bc.StringFromBytes(pktHeader, "ASCII"))
        
    Dim pktData() As Byte = bc.HexToBytes(hexCurated)
        
    Log(BytesToString(pktData, 0, pktData.Length, "ASCII"))
        
    Log(pktData.Length)
        
    Dim kg As KeyGenerator
        
    Dim C As Cipher
        kg.Initialize(
    "AES")
        kg.KeyFromBytes(
    "0123456789ABCDEF".GetBytes("ASCII"))
          
        C.Initialize(
    "AES/ECB/ZeroBytePadding")
      
        
    Dim decryptedBytes() As Byte = C.Decrypt(pktData, kg.Key, False)
        
    Log(bc.HexFromBytes(decryptedBytes))
        
    Log(bc.StringFromBytes(decryptedBytes, "ASCII"))
      
        
    Dim textToEncrypt As String = "0000754C//00409D27558D//05.03.10//02.00.44//Hello"
        
    Dim textBytes() As Byte = textToEncrypt.GetBytes("ASCII")
        
    Log($"textBytes.Length = ${textBytes.Length}"$)
        
    Log(bc.HexFromBytes(textBytes))
        
    Dim textEncryptedBytes() As Byte = C.Encrypt(textBytes, kg.Key, False)
        
    Log($"textEncryptedBytes.Length = ${textEncryptedBytes.Length}"$)
        
    Log(bc.HexFromBytes(textEncryptedBytes))
      
        
    Dim textLength As Int  = textBytes.Length
        
    Log($"textLength = ${textLength}"$)
        
    Dim byteBlocks As Int = textLength / 16
        
    If (textLength Mod 16) > 0 Then byteBlocks = byteBlocks + 1
        
    Log($"byteBlocks * 16 = ${byteBlocks *16}"$)
        
    Dim textPadded(byteBlocks * 16As Byte
        bc.ArrayCopy(textBytes, 
    0, textPadded, 0, textBytes.Length)
        
    Log($"textPadded.Length = ${textPadded.Length}"$)
        
    Log(bc.HexFromBytes(textPadded))
        
    For x = 0 To byteBlocks - 1
            
    Dim buffer(16As Byte
            bc.ArrayCopy(textPadded, x * 
    16, buffer, 016)
            
    Dim bufferEncrypted() As Byte = C.Encrypt(buffer, kg.Key, False)
            
    Log($"bufferEncrypted: ${bc.HexFromBytes(bufferEncrypted)}"$)
        
    Next
      
    End Sub

    'Return true to allow the default exceptions handler to handle the uncaught exception.
    Sub Application_Error (Error As Exception, StackTrace As StringAs Boolean
        
    Return True
    End Sub
     
    Last edited: Aug 23, 2019
    avalle and aaronk like this.
  14. aaronk

    aaronk Well-Known Member Licensed User

    Looks like I was sending the encryption key to remote side (setting the encryption key for encoding the message) wrong. Looks like I sent it as 0123456789ABCDEF and not encoding it as a base64binary key.

    Should have sent MDEyMzQ1Njc4OUFCQ0RFRg==
    and not 0123456789ABCDEF

    Soon as I sent it as the base64 key I could then decrypt the message.

    @DonManfred thanks heaps for your help.
     
    DonManfred likes this.
  15. DonManfred

    DonManfred Expert Licensed User

    you should click on LIKE link on the helpful post(s)
     
    Peter Simpson and Jorge M A like this.
  16. DonManfred

    DonManfred Expert Licensed User

    Great you got it sorted :)
     
    aaronk likes this.
  17. avalle

    avalle Active Member Licensed User

    @OliverA When I try your code above it compiles well but the line below triggers an error:

    Code:
    C.Initialize("AES/ECB/ZeroBytePadding")
    java.security.NoSuchAlgorithmException: Cannot find any provider supporting AES/ECB/ZeroBytePadding

    Any idea why?
    I compiled with B4J with Java 8 with the following Libraries enabled: ByteConverter 1.10, Encryption 1.10, JavaObject 2.06, jCore 7.50

    Thanks
    Andrea
     
  18. OliverA

    OliverA Expert Licensed User

    1) You need
    2) You need
    1) That's the Bouncy Castle library that you need for ZeroPadding. Look at the code above for the link for that library. Put it in the Additional Libraries folder
    2) That's needed to load/enable the Bouncy Castle library
    The code runs fine on my end.
     
  19. avalle

    avalle Active Member Licensed User

    I fully copied your sample so everything was already there.
    I also had the BC Jar in the External Library folder.

    The issue indeed was that #MergeLibraries must be set to False
     
  20. OliverA

    OliverA Expert Licensed User

    Odd. Not here. Neither Amazon's Corretto (JDK 1.8.0_212), nor the JDK 11 provided by @Erel do this on my end (notice the code above has #MergeLibraries: True). May be due to another issue (may be worth another post?). I actually still had B4J 6.8 running here and updated to 7.51 without any changes in results (meaning, it just works here).
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice