0

I have following two functions for encrypting and decrypting in JavaScript.
the keys in below functions are not identical because the server side is programmed accordingly.

function encryptData(data_to_encrypt){
    var key = CryptoJS.enc.Hex.parse('0123456789abcdef0123456789abcdef');
    var iv  = CryptoJS.enc.Hex.parse('abcdef9876543210abcdef9876543210');
    var encrypted = CryptoJS.AES.encrypt((data_to_encrypt), key, { iv: iv });
    var encrypted_data = encrypted.ciphertext.toString(CryptoJS.enc.Base64);
    return encrypted_data;
}

function decryptData(data_to_decrypt){
    var keyBase64 = CryptoJS.enc.Base64.parse("ITU2NjNhI0tOc2FmZExOTQ==");
    var iv1 = CryptoJS.enc.Base64.parse('AAAAAAAAAAAAAAAAAAAAAA==');
    var bytes = CryptoJS.AES.decrypt(data_to_decrypt, keyBase64, {iv: iv1}, {mode: CryptoJS.mode.CBC});
    var plaintext = bytes.toString(CryptoJS.enc.Utf8);
    return plaintext;
}

I want to do this in android API 19 and +.
 I tried to achieve it with solution given here
https://stackoverflow.com/a/41434590/2173890
but could not figure out how and where to pass "key" and "iv".

So, I tried with this code:

String strToEncrypt = "hello world. i am new bee.";
try {
    String strEncrypted = openssl_encrypt(strToEncrypt, "0123456789abcdef0123456789abcdef", "abcdef9876543210abcdef9876543210");
    String strDecrypted = openssl_decrypt(strEncrypted, "0123456789abcdef0123456789abcdef", "abcdef9876543210abcdef9876543210");
    System.out.println(strDecrypted);
} catch (Exception e) {
    e.printStackTrace();
}

private String openssl_encrypt(String data, String strKey, String strIv) throws Exception {
    Cipher ciper = Cipher.getInstance("AES/CBC/PKCS5Padding");
    SecretKeySpec key = new SecretKeySpec(strKey.getBytes(), "AES");
    IvParameterSpec iv = new IvParameterSpec(strIv.getBytes(), 0, ciper.getBlockSize());

    ciper.init(Cipher.ENCRYPT_MODE, key, iv);
    byte[] encryptedCiperBytes = ciper.doFinal(data.getBytes());

    String s = new String(encryptedCiperBytes);
    System.out.println("Ciper : " + s);
    return s;
}

private String openssl_decrypt(String input, String strKey, String strIv) {
    String s = null;
    try {
        Cipher ciper = Cipher.getInstance("AES/CBC/PKCS5Padding");

        SecretKeySpec key = new SecretKeySpec(strKey.getBytes(), "AES");
        IvParameterSpec iv = new IvParameterSpec(strIv.getBytes(), 0, ciper.getBlockSize());

        ciper.init(Cipher.DECRYPT_MODE, key, iv);
        byte[] encryptedCiperBytes = ciper.doFinal(input.getBytes());

        s = new String(encryptedCiperBytes);
        System.out.println("Ciper : " + s);
    } catch (Exception e) {
        e.printStackTrace();
    }
    return s;
}

but openssl_decrypt throws error:

javax.crypto.IllegalBlockSizeException: error:1e00007b:Cipher functions:OPENSSL_internal:WRONG_FINAL_BLOCK_LENGTH

I have tried the above with identical keys "strKey".

The javascript functions are working fine.
I want exact parallel function in java
that too compatible with old Java version so that I can implement it in android API 19.

sifr_dot_in
  • 3,153
  • 2
  • 33
  • 42
  • The linked solution does not fit your problem at all, since you pass key and IV *directly*, while in the linked solution the key material is passed as string, so key and IV are *inferred via a key derivation function*. – Topaco Jun 17 '23 at 15:26
  • On the Java side, try a simple encryption/decryption with `AES/CBC/PKCS5Padding` where key and IV are passed directly. Be sure to use an identical key for encryption and decryption (the same applies to the IV). This is not the case in the posted code. If you get stuck, post your code and describe the problem. – Topaco Jun 17 '23 at 15:27
  • @Topaco after your suggestion, I gave a try (with identical key [but later I will have to go with different]) and have post the code. Can u figure out now? – sifr_dot_in Jun 20 '23 at 12:39
  • Key and IV must be hex decoded (and not UTF8 encoded). In addition, no charset encoding may be used for the encoding/decoding of the ciphertext, but a binary-to-text encoding like Base64. AES is symmetric encryption and uses *by definition* the same key for encryption and decryption! I recommend you to familiarize yourself with symmetric and asymmetric encryption and encodings. – Topaco Jun 20 '23 at 13:31
  • @Topaco The server side is not in my hand so can't make any change on server. The javaScript works fine (with encryption / decryption). And I have to make code in Java (android) that will work same like javaScript. I have tried a lot, but keep on getting different errors. As I am as though new to encryption, I was expecting code answer. – sifr_dot_in Jun 20 '23 at 14:36
  • *...As I am as though new to encryption, I was expecting code answer...* The encryption/decryption you posted is correct. Only the encoding issues mentioned above need to be fixed. I assumed that you can do this yourself. If not, here is a fix for decryption as example: https://www.jdoodle.com/ia/JqB. – Topaco Jun 20 '23 at 18:36
  • @Topaco thank u very much for ur valuable time. Here is the https://jsfiddle.net/6atszm5d/ u had given and this is the one with server side received data https://jsfiddle.net/sifr_in/5u13m7sb/ (which works). The java example u have given jdoodle.com/ia/JqB is working fine (also after changing HexFormat.of()) But after edit key+iv+text according to server side, jdoodle.com/ia/Jsl i receive: IV buffer too short for given offset/length combination – sifr_dot_in Jun 21 '23 at 06:12
  • Here: https://www.jdoodle.com/ia/Jso you will find the Java code that decrypts your server data. Note that key and IV are byte sequences. To convert them to strings (e.g. for display), a binary-to-text encoding is applied, like Base64 or hex. You seem to use different encodings on both sides, so in my linked code you find two examples of key import, once hex encoded, once Base64 encoded (the key itself, i.e. the byte sequence after decoding, is of course the same). Additionally, [here](https://cryptii.com/pipes/base64-to-hex) is a website for converting the encodings. Maybe it's clearer now. – Topaco Jun 21 '23 at 07:05
  • @Topaco thank u so much for notifying the difference. It worked completely fine. may creator bless u. – sifr_dot_in Jun 21 '23 at 07:14

0 Answers0