Android Question encryption problems

[uniplan]

I have written a B4A application that sends data in XML format to a webservice written in vb.net.
For safety data sent is encrypted and decrypted upon receipt by the webservice.

To encrypt the data I use the following B4A sub:

Sub Encrypt(dataToEncrypt As String ) As String
   Dim kg As KeyGenerator
   Dim c As Cipher
   Dim B64 As Base64
   Dim bconv As ByteConverter

   Dim data(0) As Byte
   Dim iv(0) As Byte
   iv = Array As Byte(8, 8, 2, 10, 12, 12, 28, 5) ' 16 bytes for AES
     
   c.Initialize("DESEDE/CBC/PKCS5Padding")   
   c.InitialisationVector = iv
   kg.Initialize("DESEDE")
  
   kg.KeyFromBytes(bconv.StringToBytes("XXXX000011Ix2010","ASCII"))
   data = bconv.StringToBytes(dataToEncrypt, "ASCII")     
   data = c.Encrypt(data, kg.Key, True)           

   Return B64.EncodeBtoS(data, 0, data.Length)
  
End Sub

To decrypt the data I use the following vb.net code:

Private Function Decrypt(encryptedData As String) As String
        Dim buffer As Byte() = System.Convert.FromBase64String(encryptedData)
        Dim des As TripleDESCryptoServiceProvider = New TripleDESCryptoServiceProvider()
        des.IV = New Byte() {8, 8, 2, 10, 12, 12, 28, 5}
        des.Key = ASCIIEncoding.ASCII.GetBytes("XXXX000011Ix2010")
        Dim result As String = Encoding.ASCII.GetString(des.CreateDecryptor().TransformFinalBlock(buffer, 0, buffer.Length))
        des.Clear()
        Return result
    End Function

Until now everything worked properly.

Today I tried the app on a device Android 6.0.1 and I can no decrypt data.

I have noticed that the encrypted string with an Android 5.0.2 device is different from that encrypted with a device 6.0.1.

The first is successfully decrypted the second is not.

What might be this anomaly?

 

[M. Giray Ozkan]

Google changed default provider in marshmallow.

Check this out: http://stackoverflow.com/questions/...rking-differently-since-android-6-marshmallow

 

[KMatle]

Assuming that you use the encryption lib... @agraham : Can you confirm this and evtl. update your lib?

 

[Erel]

Try this:

   Dim c As Cipher
   InitializeCipher(c, "DESEDE/CBC/PKCS5Padding")


Sub InitializeCipher(c As Cipher, transformation As String)
   Dim r As Reflector
   Dim o As Object = r.RunStaticMethod("javax.crypto.Cipher", "getInstance", Array(transformation, "BC"), _
     Array As String("java.lang.String", "java.lang.String"))
   r.Target = c
   r.SetField2("cipher", o)
End Sub

 

[uniplan]

Try this:

   Dim c As Cipher
   InitializeCipher(c, "DESEDE/CBC/PKCS5Padding")


Sub InitializeCipher(c As Cipher, transformation As String)
   Dim r As Reflector
   Dim o As Object = r.RunStaticMethod("javax.crypto.Cipher", "getInstance", Array(transformation, "BC"), _
     Array As String("java.lang.String", "java.lang.String"))
   r.Target = c
   r.SetField2("cipher", o)
End Sub

I did not understand well.
If I use the code you've shown I solve my problem of compatibility with newer versions of Android?

 

[informatica_iberteam]

Genial Erel !!!!!, que grande eres, funciona perfecto con API 23.

Thank you.

 

[Erel]

If I use the code you've shown I solve my problem of compatibility with newer versions of Android?

Yes.

 

[uniplan]

Yes.

OK.
Thanks

 

[Jeffrey Cameron]

Just came across this problem on a new app, thank you for your work-around in post #4.

This solution was proposed back in April, has the Encryption library's initialize method been updated since then to allow us to specify the "BC" parameter via an additional Initialize method or parameter?

 

[Erel]

It wasn't updated. You need to use the code I posted.

 

[Rusty]

Thanks for the update on the Android side, works great!
I have a server that is running in Windows that has always generated the "Pre-Marshmallow" encryption flawlessly.
Now, with the Android decrypting with the new initialize, the Windows generated encryption doesn't decrypt on the Android.
Is there a change I need to make to the Windows side that will allow the encryption there to match that of the Android?

Alternatively, is there a way to do AES from both Windows and Android?
Thanks,
Rusty

 

[Erel]

You can use B4XEncryption. It is compatible with B4A, B4i and B4J.

https://www.b4x.com/android/forum/threads/b4xencryption.48177/

 

[Rusty]

    Private lblSource As Label
    Private lblDestination As Label
    Private lblRecrypt As Label
    Private Pswd As String = "password"
    Private btnSuperQuestion As Button
End Sub

Sub Activity_Create(FirstTime As Boolean)
    Activity.LoadLayout("1")
  
    lblSource.Text = "this is a test"
    Dim encrypted() As Byte = EncryptText(lblSource.Text, Pswd)
    Dim decrypted As String = DecryptText(encrypted, Pswd)
  
    lblDestination.Text = BytesToString(encrypted, 0, encrypted.Length, "utf8")
    lblRecrypt.Text = decrypted
  
End Sub

Sub EncryptText(text As String, Password As String) As Byte()
   Dim c As B4XCipher
   Return c.Encrypt(text.GetBytes("utf8"), Password)
End Sub

Sub DecryptText(EncryptedData() As Byte, Password As String) As String
   Dim c As B4XCipher
   Dim b() As Byte = c.Decrypt(EncryptedData, Password)
   Return BytesToString(b, 0, b.Length, "utf8")
End Sub

Thanks Erel,
Is there a VB.net or C#.net version on the PC side?

UPDATE: I wrote a Visual Studio AES encryption/decryption routine that seems to work well, but the encrypted results don't match that of the b4xencryption.
(Same passwords).
VS: text = "this is a test" password= "password" result="EJFilZfWRz1Tumxeh05q7A=="
B4x text= "this is a test" password= "password result="�|���[�_Y~��?i~��I�/Ь�:�E���<,�̹"
(I used Erel's b4xencrypt example to generate the b4x result)
Any ideas?

 

[KMatle]

Base64 vs. Bytes

As encryption is pure math, the result is always "numeric" (= Bytes). Just decode the Base64 string and compare (or vice versa)

 

[Rusty]

thanks KMatle.
Can you explain?

 

[KMatle]

="�|���[�_Y~��?i~��I�/�:�E���<,�

Encode this (Byte Array) to Base64 (StringUtils) and you will get "EJFilZfWRz1Tumxeh05q7A=="

As you see, all the data is converted to Bytes to en-/decrypt first because numeric values are needed (= Byte values). To Exchange the data it is common to encode that Bytes to a "usable" Format: String (exactly: Base64 string). Transfering Bytes is too complicated. So everyone encodes it to Base64.

EJFilZfWRz1Tumxeh05q7A== is a typical Base64 string. Just encode ""]="�|���[�_Y~��?i~��I�/�:�E���<,�[/" to Base64 and you have EJFilZfWRz1Tumxeh05q7A==

 

[Erel]

Is there a VB.net or C#.net version on the PC side?

No.

 

[Rusty]

Erel,
I can get the new code (in post #4) to work on the Marshmallow, but when I run it on something else, it doesn't encrypt/decrypt correctly.
Any suggestions?
I'm using your code verbatim.

OOPS...never mind. I had used NoPadding and failed to update your code to this method...
Thanks for all your continued support ... even for bad over-sights...
Rusty