0

I have implemented the following AES Encryption in C# code. Which I can't change even if I want to.

    public string Encrypt(string InputForEncryption, string Password, string IV)
    {
        IBuffer buffInputForEncryption = CryptographicBuffer.ConvertStringToBinary(InputForEncryption, BinaryStringEncoding.Utf8);

        IBuffer buffPassword = CryptographicBuffer.ConvertStringToBinary(Password, BinaryStringEncoding.Utf8);

        IBuffer buffIV = CryptographicBuffer.ConvertStringToBinary(IV, BinaryStringEncoding.Utf8);

        KeyDerivationAlgorithmProvider DerAlgo = KeyDerivationAlgorithmProvider.OpenAlgorithm("PBKDF2_SHA1");
        KeyDerivationParameters KeyPara = KeyDerivationParameters.BuildForPbkdf2(buffIV, 1024);

        CryptographicKey KeyPassword = DerAlgo.CreateKey(buffPassword);
        IBuffer buffMatPassword = CryptographicEngine.DeriveKeyMaterial(KeyPassword, KeyPara, 32);

        CryptographicKey KeyIV = DerAlgo.CreateKey(buffPassword);
        IBuffer buffMatIV = CryptographicEngine.DeriveKeyMaterial(KeyIV, KeyPara, 16);

        SymmetricKeyAlgorithmProvider SymAlgo = SymmetricKeyAlgorithmProvider.OpenAlgorithm("AES_CBC_PKCS7");
        CryptographicKey KeySym = SymAlgo.CreateSymmetricKey(buffMatPassword);

        IBuffer buffRESULT = CryptographicEngine.Encrypt(KeySym, buffInputForEncryption, buffMatIV);

        string Result = CryptographicBuffer.EncodeToBase64String(buffRESULT);
        return Result;
    }

Following code is for Java in Android

private Cipher cipher;
private SecretKey secretKey;
private IvParameterSpec ivParameterSpec;

int iterationCount = 1024;
int keyStrength = 128;

private String sampleInputForPassSaltIV = "Abcd1234Abcd1234";

private String encryptInput = "helloAES";
private String encryptedOutput = "";
private String decryptedOutput = "";

public Boolean initializeEncryption() throws Exception {
    String secretKeyAlgorithm = "PBKDF2WithHmacSHA1";

    SecretKeyFactory secretKeyFactory;
    KeySpec keySpec;
    SecretKey secretKeyTemp;

    String passPhrase = sampleInputForPassSaltIV;
    String keySalt = sampleInputForPassSaltIV;

    secretKeyFactory = SecretKeyFactory.getInstance(secretKeyAlgorithm);
    keySpec = new PBEKeySpec(passPhrase.toCharArray(), keySalt.getBytes(), iterationCount, keyStrength);
    secretKeyTemp = secretKeyFactory.generateSecret(keySpec);
    secretKey = new SecretKeySpec(secretKeyTemp.getEncoded(), "AES");

    byte[] IV = sampleInputForPassSaltIV.getBytes();
    ivParameterSpec = new IvParameterSpec(IV);

    cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");

    return true;
}

private void encrypt(String dataToEncrypt) throws Exception {
    if (dataToEncrypt.length() > 0) {
        byte[] UTF8Data;
        cipher.init(Cipher.ENCRYPT_MODE, secretKey, ivParameterSpec);
        UTF8Data = cipher.doFinal(dataToEncrypt.getBytes());
        encryptedOutput = Base64.encodeToString(UTF8Data, 0);

        Toast toast = Toast.makeText(context, "Encrypted Text : " + encryptedOutput, Toast.LENGTH_LONG);
        toast.show();
    }
}

I have tried everything I could to get same output from both code but I couldn't find the solution. I have tried changing KeyLength, BlockSize, check for encoding and decoding of strings but NO... I can't change C# code since its already been used a lot so please somebody help me for this java code what should I do to get both outputs same.

I have already tried many solutions from threads on StackOverflow.

I think it must be padding issue or key size.

For testing only I am using same pass and same salt.

Please Help...

xsheru
  • 467
  • 4
  • 25
  • 1
    Have you dumped all the encryption/decryption parameters and data just prior to and after the calls and compared them between implementations? If so add them to the question, data needs to be provided in hex format. "If you can't see the problem, you can't fix the problem" (Credit to Willie Jack) – zaph Aug 31 '16 at 22:29
  • 1
    I'm not familiar with android, but have you seen this: [AES-256 and PKCS7Padding fails in Java](http://stackoverflow.com/questions/25942165/aes-256-and-pkcs7padding-fails-in-java)? – Grace Feng Sep 01 '16 at 07:53
  • Is this Android specific? Have you tried your code on a desktop Java VM? – apophis Sep 02 '16 at 08:14
  • What's the expected output? – Stefan Zobel Sep 02 '16 at 10:43
  • Sorry for not replying sooner. I am expecting same output from java code like c# – xsheru Sep 02 '16 at 15:30
  • 1
    Ah, the same output -- how revealing. Seriously, if you want to get help I'd do what zaph suggested: give us as much input and output as you can. Not everyone here is running on Windows 8.1 or higher. Did you try on stock Java VM (not Android)? – Stefan Zobel Sep 02 '16 at 19:05
  • @zaph you are great... "If I can't see the problem, I can't fix the problem" – xsheru Sep 02 '16 at 20:54
  • in c# I was performing operations on IV and in java I was not doing that..... – xsheru Sep 02 '16 at 20:57
  • Hi @GraceFeng-MSFT Thanks for your help. I have added Unlimited Strength Jurisdiction policy files. – xsheru Sep 02 '16 at 21:02

0 Answers0