Login/Register
Encryption and Decryption between Android, PHP & node.js
Asked Answered
Solved javaphpandroidnode.jsencryption-symmetric
K

3

10

I'm trying to encrypt a string in Java on Android, and then decrypt it using PHP and/or node.js

I've tried http://www.androidsnippets.com/encrypt-decrypt-between-android-and-php, but only the first half the returned hex string works.

I want the encryption type of be AES with a 128 bit key (higher if possible).

The encryption key will also need to be configurable, so my issue might be related to how I padded the strings.

Java

String.format("%1$-" + n + "s", s)

PHP

$key = str_pad($key,16);

Full Java Code:

    package com.giggsey.test;


    import java.security.NoSuchAlgorithmException;

    import javax.crypto.Cipher;
    import javax.crypto.NoSuchPaddingException;
    import javax.crypto.spec.IvParameterSpec;
    import javax.crypto.spec.SecretKeySpec;

    import android.util.Log;

    
    public class SimpleCrypto {

            private String iv = "fedcba9876543210";//Dummy iv (CHANGE IT!)
            private IvParameterSpec ivspec;
            private SecretKeySpec keyspec;
            private Cipher cipher;
            
            private String SecretKey = "0123456789abcdef";//Dummy secretKey (CHANGE IT!)
            
            public void doKey(String key)
            {
                    ivspec = new IvParameterSpec(iv.getBytes());

                    key = padRight(key,16);
                    
                    Log.d("hi",key);
                    
                    keyspec = new SecretKeySpec(key.getBytes(), "AES");
                    
                    try {
                            cipher = Cipher.getInstance("AES/CBC/NoPadding");
                    } catch (NoSuchAlgorithmException e) {
                            // TODO Auto-generated catch block
                            e.printStackTrace();
                    } catch (NoSuchPaddingException e) {
                            // TODO Auto-generated catch block
                            e.printStackTrace();
                    }
            }
            
            public byte[] encrypt(String text,String key) throws Exception
            {
                    if(text == null || text.length() == 0)
                            throw new Exception("Empty string");
                    
                    doKey(key);
                    
                    byte[] encrypted = null;

                    try {
                            cipher.init(Cipher.ENCRYPT_MODE, keyspec, ivspec);

                            encrypted = cipher.doFinal(padString(text).getBytes());
                    } catch (Exception e)
                    {                       
                            throw new Exception("[encrypt] " + e.getMessage());
                    }
                    
                    return encrypted;
            }
            
            public byte[] decrypt(String code,String key) throws Exception
            {
                    if(code == null || code.length() == 0)
                            throw new Exception("Empty string");
                    
                    byte[] decrypted = null;
                    
                    doKey(key);

                    try {
                            cipher.init(Cipher.DECRYPT_MODE, keyspec, ivspec);
                            
                            decrypted = cipher.doFinal(hexToBytes(code));
                    } catch (Exception e)
                    {
                            throw new Exception("[decrypt] " + e.getMessage());
                    }
                    return decrypted;
            }
            

            
            public static String bytesToHex(byte[] data)
            {
                    if (data==null)
                    {
                            return null;
                    }
                    
                    int len = data.length;
                    String str = "";
                    for (int i=0; i<len; i++) {
                            if ((data[i]&0xFF)<16)
                                    str = str + "0" + java.lang.Integer.toHexString(data[i]&0xFF);
                            else
                                    str = str + java.lang.Integer.toHexString(data[i]&0xFF);
                    }
                    return str;
            }
            
                    
            public static byte[] hexToBytes(String str) {
                    if (str==null) {
                            return null;
                    } else if (str.length() < 2) {
                            return null;
                    } else {
                            int len = str.length() / 2;
                            byte[] buffer = new byte[len];
                            for (int i=0; i<len; i++) {
                                    buffer[i] = (byte) Integer.parseInt(str.substring(i*2,i*2+2),16);
                            }
                            return buffer;
                    }
            }
            
            

            private static String padString(String source)
            {
              char paddingChar = ' ';
              int size = 16;
              int x = source.length() % size;
              int padLength = size - x;

              for (int i = 0; i < padLength; i++)
              {
                      source += paddingChar;
              }

              return source;
            }
            
            public static String padRight(String s, int n) {
                return String.format("%1$-" + n + "s", s);  
              }
    }

PHP

<?php
class MCrypt
    {
            private $iv = 'fedcba9876543210'; #Same as in JAVA
            private $key = '0123456789abcdef'; #Same as in JAVA

            function encrypt($str,$key) {
             $key = str_pad($key,16);
              //$key = $this->hex2bin($key);
              $iv = $this->iv;

              $td = mcrypt_module_open('rijndael-128', '', 'cbc', $iv);

              mcrypt_generic_init($td, $key, $iv);
              $encrypted = mcrypt_generic($td, $str);

              mcrypt_generic_deinit($td);
              mcrypt_module_close($td);

              return bin2hex($encrypted);
            }

            function decrypt($code,$key) {
              //$key = $this->hex2bin($key);
              $code = $this->hex2bin($code);
              $iv = $this->iv;

              $td = mcrypt_module_open('rijndael-128', '', 'cbc', $iv);

              mcrypt_generic_init($td, $key, $iv);
              $decrypted = mdecrypt_generic($td, $code);

              mcrypt_generic_deinit($td);
              mcrypt_module_close($td);

              return utf8_encode(trim($decrypted));
            }

            protected function hex2bin($hexdata) {
              $bindata = '';

              for ($i = 0; $i < strlen($hexdata); $i += 2) {
                    $bindata .= chr(hexdec(substr($hexdata, $i, 2)));
              }

              return $bindata;
            }

    }

$e = new MCrypt();
$p =  $e->encrypt("This is a sample text message","password");

echo "Encrypted: {$p}" . PHP_EOL;

echo "Decrypted: ";
echo $e->decrypt($p,"password") . PHP_EOL;

echo "Java Decryption: ";

echo $e->decrypt("9cf46d007aeff7c0c3cf880c76762037278269ac508aecd55010ce68e9fd980f","password");

echo PHP_EOL;

Java Calling Script:

    String key = "password";
    String message = "This is a sample text message";
    
    String encrypted;
    try {
        SimpleCrypto s = new SimpleCrypto();
        encrypted = SimpleCrypto.bytesToHex(s.encrypt(message, key));
        Log.d("giggsey-test",encrypted);
        
    } catch (Exception e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    }

Output of encrypted strings:

Java: 9cf46d007aeff7c0c3cf880c76762037278269ac508aecd55010ce68e9fd980f

PHP: 9cf46d007aeff7c0c3cf880c76762037a1778e93dd596e4ce745e1f3b0ba9062

Full PHP Output:

Encrypted: 9cf46d007aeff7c0c3cf880c76762037a1778e93dd596e4ce745e1f3b0ba9062

Decrypted: 'ýA==)nÿ|ä¨

xÃæÃ,ÃÃÂasV8gE

Java Decryption: 'ýA==)nÿ|ä¨

xÃ1)òÃîÃÃA½Ã

rÂy

Kissel answered 25/6, 2012 at 13:15 Comment(4)
Couple of questions for clarification: In the java sample, what does "n" hold, what does "s" hold, and how long (bytes) is the message you are trying to encrypt? When you say the first half of the returned hex string works, do you mean that only the first half of the message decrypted properly or something else? How many bytes was the first half of this message. What AES mode are you using (ECB, CBC, etc.)?Lemaster
@OlenGarn I've added the Java source. The PHP is the same as the link in my post, apart from passing the key to the encrypt function instead of the class constructor. I haven't tried decryption yet.Kissel
ahhh... this problem... are you using openssl in node? if no, you should try it, might help out, specially if you attempt a java(encrypt) -> node(decrypt/re-encrypt) -> php (decrypt) connection. what you seem to be having however is a problem of encoding on the encrypted text, try setting it to UTF-8 on both ends like "Nik...." said in his answer.Masoretic
@GoncaloVieira I haven't even got around to adding node into the equation yet. What I'm looking for is some method of encrypting via AES that will work and give the same results in Java, PHP & node.Kissel
K
5

Padding was the problem with PHP.

<?php

function hex2bin($hexdata) {
   $bindata = '';

   for ($i = 0; $i < strlen($hexdata); $i += 2) {
    $bindata .= chr(hexdec(substr($hexdata, $i, 2)));
   }

   return $bindata;
} 

$key = "password";
$data = "This is a sample text message";

$key = str_pad($key,16);

$blockSize = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
$padding   = $blockSize - (strlen($data) % $blockSize);
$data      .= str_repeat(chr($padding), $padding);

$c = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $data, MCRYPT_MODE_CBC, 'fedcba9876543210');

$c = bin2hex($c);

echo $c;


echo PHP_EOL;


$c = hex2bin($c);
$td = mcrypt_module_open(MCRYPT_RIJNDAEL_128,'',MCRYPT_MODE_CBC, '');
mcrypt_generic_init($td, $key, 'fedcba9876543210');
$decrypted = mdecrypt_generic($td, $c);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);

echo $decrypted;

It now returns the same as Java when encrypting, and I can decrypt the message fine.

Kissel answered 1/7, 2012 at 15:3 Comment(1)
You seem to have used PKCS padding above whereas your Java code says No padding. And I don't see how you can decrypt in java with no padding either if you pad in PHP encrypt?Jarrod
G
2

Hi Please Check this link.

Here Check Last Comment Said That "This doesn’t work with UNICODE characters"

This is work on UTF-8 characters

This is what I do with my string before encryption:

myUtf8String = new String(myString.getBytes("UTF-8"));
Graveclothes answered 28/6, 2012 at 4:39 Comment(1)
I get the same output when I do text.getBytes("UTF-8") when encrypting in Java.Kissel
J
0

// PHP

echo base64_encode('something...')

// java

import java.io.IOException;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.Cipher;
import sun.misc.BASE64Decoder;

public class Decrypt_test {

    public static void main(String[] args) {
        BASE64Decoder decode = new BASE64Decoder();
        try {
            // sample of string to decode: NTI2cWV5d3RkJV4mKg==
            String result = new String(decode.decodeBuffer("string-to-decode"));
            System.out.println(result);
        } catch (IOException ex) {
            Logger.getLogger(Decrypt_test.class.getName()).log(Level.SEVERE, null, ex);
        }
    }

}

it is easy but not good

Jecho answered 13/10, 2014 at 10:11 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.