Android Question Encryption is no longer working

JonRubin

Member
Licensed User
Longtime User
With the Upgrade to B4A 6.00 my encryption is no longer working. Neither the Server correctly decrypts what is sent from the phone nor is B4A able to decrypt from the server.... The following is from B4A to Server. The Error Msg on the server is : Bad Data

I thought maybe the keys were changed.. but it doesn't appear as that is the case...

This works when not encrypted... BTW there will be a later post as there is an additional problem with JOB which is why the ?Query is contained in the URL and the passed string. (But that is another Post)

The following is the log.
B4X:
Installing file.
PackageAdded: package:b4a.example
** Service (starter) Create **
** Service (starter) Start **
** Activity (main) Create, isFirst = true **
** Activity (main) Resume **
vj(vb3Ux1XQrHEZEJCYeqO55nldRoPgg
** Service (httputils2service) Create **
** Service (httputils2service) Start **
Error occurred. Query=vj(vb3Ux1XQrHEZEJCYeqO55nldRoPgg
System.EventArgs
** Activity (main) Pause, UserClosed = false **


Here is the code that calls... BTW the library is Encryption V 1.10

B4X:
Sub Globals
   'These global variables will be redeclared each time the activity is created.
   'These variables can only be accessed from this module.

   Private Button1 As Button
   Private Password,UserName As EditText
   Private ResultLbl As Label
   
   Dim JobSuccess As Boolean
   Dim CallSubAfterJob As String
   Dim rows As List
   
   Dim WrkStr1 As String
   
   
End Sub


Sub CallDatabase(SQLStr As String)

  WrkStr1 = "Select * from Owner"
   
   Dim job As HttpJob
   job.Initialize("Job1", Me)
   
   WrkStr1 =  Encryption.Encrypt(WrkStr1)
   
   ServerUrl = "http://xxxx.xxxx.com/RDC/RDC.aspx?Query=" & WrkStr1
   Log(WrkStr1)     
   job.PostString(ServerUrl, WrkStr1 )
  
  
End Sub

Here is the Encyption Code

B4X:
Sub Encrypt(dataToEncrypt As String ) As String

   Dim WrkStr As String
   Dim kg As KeyGenerator
   Dim c As Cipher
   Dim B64 As Base64
   Dim bconv As ByteConverter

   Dim data(0) As Byte
   Dim iv(0) As Byte
   iv = Array As Byte(110, 169, 26, 69, 178, 65, 200, 219) ' 16 bytes for AES
     
   c.Initialize("DESEDE/CBC/PKCS5Padding")   
   c.InitialisationVector = iv
   kg.Initialize("DESEDE")
  
   kg.KeyFromBytes(bconv.StringToBytes("8214774899292836","ASCII"))
   data = bconv.StringToBytes(dataToEncrypt, "ASCII")     
   data = c.Encrypt(data, kg.Key, True)           
  
   WrkStr = B64.EncodeBtoS(data, 0, data.Length)
   WrkStr = WrkStr.Replace("+","(")
   WrkStr = WrkStr.Replace("/",")")
   WrkStr = WrkStr.Replace("=","-")

   Return WrkStr
  
End Sub

Here is the all the ASP.net Code......
Note the Function that is called is: Decrypt


B4X:
Imports System
Imports System.IO
Imports System.Text
Imports System.Security.Cryptography
Imports Microsoft.VisualBasic

Public Class clsTripleDES
    Private Shared key() As Byte = {12, 12, 13, 14, 15, 16, 77, 15, 19, 30, 21, 22, 23, 24, 25, 62, 27, 28, 29, 20, 31, 32, 33, 34}
    Private Shared iv() As Byte = {110, 169, 26, 69, 178, 65, 200, 219}
    Private Shared encText As New System.Text.UTF8Encoding()


    Public Shared Function Encrypt(ByVal strData As String, Optional ByVal Std As Int16 = 0) As String
        ' Declare a UTF8Encoding object so we may use the GetByte
        ' method to transform the plainText into a Byte array.

        If strData Is Nothing Then
            Return Nothing
        End If

        Dim utf8encoder As UTF8Encoding = New UTF8Encoding()
        Dim inputInBytes() As Byte = utf8encoder.GetBytes(strData)

        ' Create a new TripleDES service provider
        Dim tdesProvider As TripleDESCryptoServiceProvider = New TripleDESCryptoServiceProvider()

        ' The ICryptTransform interface uses the TripleDES
        ' crypt provider along with encryption key and init vector
        ' information
        Dim cryptoTransform As ICryptoTransform = tdesProvider.CreateEncryptor(key, iv)

        ' All cryptographic functions need a stream to output the
        ' encrypted information. Here we declare a memory stream
        ' for this purpose.
        Dim encryptedStream As MemoryStream = New MemoryStream()
        Dim cryptStream As CryptoStream = New CryptoStream(encryptedStream, cryptoTransform, CryptoStreamMode.Write)

        ' Write the encrypted information to the stream. Flush the information
        ' when done to ensure everything is out of the buffer.
        cryptStream.Write(inputInBytes, 0, inputInBytes.Length)
        cryptStream.FlushFinalBlock()
        encryptedStream.Position = 0

        ' Read the stream back into a Byte array and return it to the calling
        ' method.
        Dim result(encryptedStream.Length - 1) As Byte
        encryptedStream.Read(result, 0, encryptedStream.Length)
        cryptStream.Close()
        Try
            Return Replace(Replace(Replace(Convert.ToBase64String(result), "+", "("), "/", ")"), "=", "-")
        Catch
            Return ("")
        End Try

    End Function

    Public Shared Function Decrypt(ByVal strData As String, Optional ByVal Std As Int16 = 0) As String

        Dim inputInBytes As Byte()

        If strData Is Nothing Then
            Return Nothing
        ElseIf strData.Length < 1 Then
            Return Nothing
        End If

        Try
            inputInBytes = Convert.FromBase64String(Replace(Replace(Replace(strData, "(", "+"), ")", "/"), "-", "="))
        Catch
            Decrypt = ""
            Exit Function
        End Try

        ' UTFEncoding is used to transform the decrypted Byte Array
        ' information back into a string.
        Dim utf8encoder As UTF8Encoding = New UTF8Encoding()
        Dim tdesProvider As TripleDESCryptoServiceProvider = New TripleDESCryptoServiceProvider()

        ' As before we must provide the encryption/decryption key along with
        ' the init vector.
        Dim cryptoTransform As ICryptoTransform = tdesProvider.CreateDecryptor(key, iv)

        ' Provide a memory stream to decrypt information into
        Dim decryptedStream As MemoryStream = New MemoryStream()
        Dim cryptStream As CryptoStream = New CryptoStream(decryptedStream, cryptoTransform, CryptoStreamMode.Write)
        cryptStream.Write(inputInBytes, 0, inputInBytes.Length)
        cryptStream.FlushFinalBlock()
        decryptedStream.Position = 0

        ' Read the memory stream and convert it back into a string
        Dim result(decryptedStream.Length - 1) As Byte
        decryptedStream.Read(result, 0, decryptedStream.Length)
        cryptStream.Close()
        Dim myutf As UTF8Encoding = New UTF8Encoding()
        Return myutf.GetString(result)
    End Function

    Public Shared Function GenerateHash(ByVal SourceText As String) As String
        'Create an encoding object to ensure the encoding standard for the source text
        Dim Ue As New UnicodeEncoding()
        'Retrieve a byte array based on the source text
        Dim ByteSourceText() As Byte = Ue.GetBytes(SourceText)
        'Instantiate an MD5 Provider object
        Dim Md5 As New MD5CryptoServiceProvider()
        'Compute the hash value from the source
        Dim ByteHash() As Byte = Md5.ComputeHash(ByteSourceText)
        'And convert it to String format for return
        Return Convert.ToBase64String(ByteHash)
    End Function
End Class

It's probably something stupid that I am not seeing.... If that is the case please accept my apology now.

Thanks
Jon
 

JonRubin

Member
Licensed User
Longtime User
Solved.... After some searching.. I Found the problem....

The line
des.Key = ASCIIEncoding.ASCII.GetBytes("xxxxxxxxxxxxxxxx")
must be turned into a 24 bytes
des.Key = ASCIIEncoding.ASCII.GetBytes("xxxxxxxxxxxxxxxxxxxxxxxx")


-Jon
 
Upvote 0
Top