I am trying to replicate this C# function into a NodeJS function.
Here is the C# function first.
private byte[] Decrypt(byte[] plainText)
{
using (var aes = new AesManaged())
{
aes.Mode = CipherMode.ECB;
aes.Padding = PaddingMode.Zeros;
var decryptor = aes.CreateDecryptor(Key, Key);
var decrypted = decryptor.TransformFinalBlock(plainText, 0, plainText.Length);
return decrypted;
}
}
And here is the NodeJS function that I am trying to convert it to.
var crypto = require("crypto")
require('./config');
function decrypt(key, data) {
var decipher = crypto.createDecipher('aes-256-ecb', key);
var decrypted = decipher.update(data, "utf8", "utf8");
decipher.setAutoPadding(true);
decrypted += decipher.final('utf8');
return decrypted;
}
decryptedText = decrypt(process.env.password, process.env.encryptedMessage);
console.log("Decrypted Text: ", decryptedText);
The NodeJS function is wrong can someone convert the C# function into a NodeJS function as I have limited experience with this as I am a frontend developer.
Currently the output that I am getting is:
Error: error:0606506D:digital envelope routines:EVP_DecryptFinal_ex:wrong final block length
at Error (native)
at Decipher.Cipher.final (crypto.js:158:26)
at decrypt (/Users/dave/Tests/sqs-consumer/app3.js:8:31)
Related
I'm creating an C# MVC application by calling Api, Its token encryption method is in PHP i want to convert it to C# code.Can any one help in conversion on below php code to c#?
PHP Code
<?php
//ini_set("display_errors", 1);
//ini_set("display_startup_errors", 1);
function encryptToken($token)
{
$cipher_method = 'aes-128-ctr';
$enc_key = openssl_digest
('*****************************', 'SHA256', TRUE);
$enc_iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length($cipher_method));
$crypted_token = openssl_encrypt($token, $cipher_method, $enc_key, 0, $enc_iv) . "::" . bin2hex($enc_iv);
unset($token, $cipher_method, $enc_key, $enc_iv);
return $crypted_token;
}
function createAccessToken(){
//$date = new DateTime("now", new DateTimeZone('Asia/Kolkata') );
//$now = $date('YmdHis');
$now = date("YmdHis");
$secret ='********************************';
$plainText = $now."::".$secret;
$encrypted = encryptToken($plainText);
return $encrypted;
}
$value="";
if($_POST){
if(isset($_POST['test'])){
$value= createAccessToken();
}
}
?>
So far i tried this much. But the token generated using this C# code will not validate in Api by using the same secret and password.
C# Code
public string GenerateToken()
{
var Date = DateTime.Now.ToString("yyyyMMddHHmmss");
var secret = "#############################";
string plainText = Date + "::" + secret;
var accessToken = EncryptString(plainText);
return accessToken;
}
public string EncryptString(string plainText)
{
try
{
string password = "************************";
// Create sha256 hash
SHA256 mySHA256 = SHA256Managed.Create();
byte[] key = mySHA256.ComputeHash(Encoding.ASCII.GetBytes(password));
// Instantiate a new Aes object to perform string symmetric encryption
Aes encryptor = Aes.Create();
encryptor.Mode = CipherMode.ECB;
encryptor.Padding = PaddingMode.None;
encryptor.BlockSize = 128;
// Create secret IV
var iv = generateIV();
// Set key and IV
byte[] aesKey = new byte[32];
Array.Copy(key, 0, aesKey, 0, 32);
encryptor.Key = aesKey;
encryptor.IV = iv;
// Instantiate a new MemoryStream object to contain the encrypted bytes
MemoryStream memoryStream = new MemoryStream();
// Instantiate a new encryptor from our Aes object
ICryptoTransform aesEncryptor = encryptor.CreateEncryptor();
// Instantiate a new CryptoStream object to process the data and write it to the
// memory stream
CryptoStream cryptoStream = new CryptoStream(memoryStream, aesEncryptor, CryptoStreamMode.Write);
// Convert the plainText string into a byte array
byte[] plainBytes = Encoding.ASCII.GetBytes(plainText);
// Encrypt the input plaintext string
cryptoStream.Write(plainBytes, 0, plainBytes.Length);
// Complete the encryption process
cryptoStream.FlushFinalBlock();
// Convert the encrypted data from a MemoryStream to a byte array
byte[] cipherBytes = memoryStream.ToArray();
// Close both the MemoryStream and the CryptoStream
memoryStream.Close();
cryptoStream.Close();
// Convert the encrypted byte array to a base64 encoded string
string cipherText = Convert.ToBase64String(cipherBytes, 0, cipherBytes.Length) + "::" + ByteArrayToString(iv);
// Return the encrypted data as a string
return cipherText;
}
catch (Exception)
{
throw;
}
}
private static byte[] generateIV()
{
using (RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider())
{
byte[] nonce = new byte[IV_LENGTH];
rng.GetBytes(nonce);
return nonce;
}
}
I have two applications, one writen in C#, the other in PHP.
C# application encrypt messages using AES 256 CBC. Key used for encrypt is located in a byte[] property hardcoded in the class. The Initialization vector is also hardcoded and is the same through the time.
C# Application
byte[] key = {142, 237, ....};
byte[] InitilizationVector = {132, ...};
var mensajeSinEncriptar = "";
SymmetricAlgorithm algoritmo = SymmetricAlgorithm.Create("Rijndael");
algoritmo.BlockSize = 128;
algoritmo.Mode = CipherMode.CBC;
algoritmo.Padding = PaddingMode.Zeros;
algoritmo.KeySize = 256;
algoritmo.Key = key;
algoritmo.IV = InitilizationVector;
ICryptoTransform encriptador = algoritmo.CreateEncryptor();
byte[] textoPlano = Encoding.Default.GetBytes(mensajeSinEncriptar);
MemoryStream memoryStream = new MemoryStream();
CryptoStream cryptoStream = new CryptoStream(memoryStream, encriptador, CryptoStreamMode.Write);
cryptoStream.Write(textoPlano, 0, textoPlano.Length);
cryptoStream.FlushFinalBlock();
memoryStream.Close();
cryptoStream.Close();
return Convert.ToBase64String(memoryStream.ToArray());
Then, in my PHP application I want to decrypt the messages generated by c # using OpenSSL.
I use the same key and iv used in C#. I convert them to characters because the function does not accept anything other than string.
PHP
private function decrypt(string $message)
{
$stringOf = function ($bytes) {
return implode('', array_map('chr', $bytes));
};
$key = [142, 237, ...];
$iv = [132, ... ];
$result = openssl_decrypt(
base64_decode($message),
'aes-256-cbc',
$stringOf($key),
1,
$stringOf($iv)
);
if (is_bool($result) && !$result) {
return new Error('Error: ' . openssl_error_string());
}
return $result;
}
When I try to decrypt I get this error
Error: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt
I guess it's a mistake of mine when trying to convert the key to a string. Since I also have a function to encrypt which gives me different results using the same key and iv used in C#.
I'm currently trying to call a web service with basic authorization and I've spent 3 days on it. But, still stuck on the way to encrypt by swift code.
I already have had the encrypt function working fine by C# but I'm looking for a swift one. Any help, please!
This is my swift code to encrypt a string with Key and Initialization Vector (IV) generated from UUID. Project included CryptoSwift
func getCredential() -> String {
let secretKey = "RlBUX09SVF9Nb2JpbGVfXw=="
let sessionClaim = "this is the secret session claim"
// Create IV
let uuid = SwiftyUUID.Version4UUID()
let plainData = NSData(bytes: uuid as [UInt8], length: uuid.count)//uuidString.data(using: String.Encoding(rawValue: String.Encoding.utf8.rawValue))
// Get IV String
let base64String = plainData.base64EncodedString(options: NSData.Base64EncodingOptions(rawValue: 0))
var encryptedClaimString: String = try! sessionClaim.encrypt(cipher: AES(key: Array(secretKey.utf8), iv: uuid, blockMode: .CBC, padding: PKCS7()))
//var encryptedClaimString = try! sessionClaim.aesEncrypt( key: secretKey, iv: uuidString)
encryptedClaimString += ":"
encryptedClaimString += base64String
let utf8String = encryptedClaimString.data(using: String.Encoding.utf8)
let credentials = utf8String?.base64EncodedString(options: NSData.Base64EncodingOptions(rawValue: 0))
return credentials!;
}
After do some dissect, I got exactly key and iv but the function cannot decrypt to get the sessionClaim as original input. this is the C# decrypt function
public static string Decrypt(byte[] encrypted, byte[] key, byte[] iv)
{
string value = null;
// Create an Rijndael object
// with the specified key and IV.
using (Rijndael rijAlg = Rijndael.Create())
{
rijAlg.Key = key;
rijAlg.IV = iv;
// Create a decrytor to perform the stream transform.
ICryptoTransform decryptor = rijAlg.CreateDecryptor(rijAlg.Key, rijAlg.IV);
// Create the streams used for decryption.
using (MemoryStream msDecrypt = new MemoryStream(encrypted))
{
using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
{
using (StreamReader srDecrypt = new StreamReader(csDecrypt))
{
// Read the decrypted bytes from the decrypting stream
// and place them in a string.
value = srDecrypt.ReadToEnd();
}
}
}
}
return value;
}
I have been given a set of codes from a third party that need encrypting/decrypting however the sample encryption code they gave me was in C# and I am primarily a front-end PHP developer.
I have set-up a slimmed down working example of the code I was provided
here using the sample key of A818163DD5E0DE87.
public static byte[] HexStringToByteArray(String hex)
{
int NumberChars = hex.Length;
byte[] bytes = new byte[NumberChars / 2];
for (int i = 0; i < NumberChars; i += 2) {
bytes[i / 2] = Convert.ToByte(hex.Substring(i, 2), 16);
}
return bytes;
}
// Convers a byte array to a HEX string
public static string ByteArrayToHexString(byte[] bytes)
{
StringBuilder hexString = new StringBuilder(bytes.Length * 2);
for (int i = 0; i < bytes.Length; i++)
{
hexString.Append(bytes[i].ToString("X2"));
}
return hexString.ToString();
}
public static byte[] Encrypt()
{
string plainText = "GROW06BP";
DESCryptoServiceProvider desCrypto = new DESCryptoServiceProvider();
desCrypto.Key = HexStringToByteArray("A818163DD5E0DE87");
desCrypto.IV = HexStringToByteArray("A818163DD5E0DE87");
desCrypto.Mode = CipherMode.CBC;
desCrypto.Padding = PaddingMode.Zeros;
// Create a buffer for the Plain Text using ASCIIEncoding
byte[] plaintextBytes = (new ASCIIEncoding()).GetBytes(plainText);
// Create a memory stream for the encrypted bytes
MemoryStream msEncrypt = new MemoryStream();
// Create a CryptoStream using the memory stream and the passed Algorithm
CryptoStream csEncrypt = new CryptoStream(msEncrypt, desCrypto.CreateEncryptor(), CryptoStreamMode.Write);
// Write the plaintext to the CryptoStream
csEncrypt.Write(plaintextBytes, 0, plaintextBytes.Length);
// Close the CryptoStream
csEncrypt.Close();
// Read the Encrypted bytes into our buffer
byte[] encryptedTextBytes = msEncrypt.ToArray();
// Close the Memory Stream
msEncrypt.Close();
// And return the encrypted buffer
return encryptedTextBytes;
}
I have scoured stack overflow and other sites in an attempt to replicate this in PHP but nothing comes close to the correct output. I'm also confused by which cipher I am meant to be using and how to convert the key and iv to match the C# example. Below is what I have attempted so far.
$key = unpack('H*', "A818163DD5E0DE87");
$key = "A818163DD5E0DE87";
$iv = $key;
$plaintext = "GROW06BP";
$ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $plaintext,MCRYPT_MODE_CBC, $iv);
echo base64_encode($ciphertext);
Any help would be appreciated.
Things you need to consider:
DESCryptoServiceProvider -> mcrypt_module_open('des'
desCrypto.Mode = CipherMode.CBC; -> mcrypt_module_open(...,..., 'cbc',
key,iv and the cipher output are "treated" with HexStringToByteArray(), pack('H*) can undo that
So, given the output of the .net fiddle (7860D97E56DA6A40) that leads to
<?php
$msgHex = '7860D97E56DA6A40';
$keyHex = 'A818163DD5E0DE87';
$ivHex = 'A818163DD5E0DE87'; // really? invalidates the use-case of an iv :-/
// this reverts the effect of HexStringToByteArray()
$msg = pack('H*', $msgHex);
$key = pack('H*', $keyHex);
$iv = pack('H*', $ivHex);
// add error handing !
$module = mcrypt_module_open('des', '', 'cbc', '');
mcrypt_generic_init($module, $key, $iv);
$plaintext = mdecrypt_generic($module, $msg);
mcrypt_generic_deinit($module);
echo $plaintext;
output: GROW06BP
As I've already mentioned in my comment, you're using the wrong algorithm in your PHP code since it's Rijndael. What you should use is MCRYPT_DES.
$key = "A818163DD5E0DE87";
// Here you need pack instead of unpack
$packKey = pack("H*",$key);
// you should use the key as the initialization vector
// use something like mcrypt_create_iv to generate an IV
$iv = $packKey;
$plaintext = "GROW06BP";
// replaced MCRYPT_RIJNDAEL_128 with MCRYPT_DES
$ciphertext = mcrypt_encrypt(MCRYPT_DES, $packKey, $plaintext,MCRYPT_MODE_CBC, $iv);
echo base64_encode($ciphertext);
This will produce the same output as the C# code
UPDATED
I have made the changes to the C# code so it uses a block size of 256. but now the hello world looks like this http://pastebin.com/5sXhMV11 and I cant figure out what I should use with rtrim() to get ride of the mess at the end.
Also when you say the IV should be random, by this do you mean don't use the same IV more then once or is the way I have coded it wrong?
Thanks again!
Hi,
I'm trying to decrypt a string with PHP that was encrypted in C#. I can't seem to get PHP to decrypt it using mcrypt and could do with some help please. I get the following error with php so I am guessing I'm not setting the IV correctly.
Error: The IV parameter must be as long as the blocksize
Both functions use the same cipher, key, IV and set to CBC mode:
encrypted text from c# = UmzUCnAzThH0nMkIuMisqg==
key 32 long = qwertyuiopasdfghjklzxcvbnmqwerty
iv 16 long = 1234567890123456
C#
public static string EncryptString(string message, string KeyString, string IVString)
{
byte[] Key = ASCIIEncoding.UTF8.GetBytes(KeyString);
byte[] IV = ASCIIEncoding.UTF8.GetBytes(IVString);
string encrypted = null;
RijndaelManaged rj = new RijndaelManaged();
rj.Key = Key;
rj.IV = IV;
rj.Mode = CipherMode.CBC;
try
{
MemoryStream ms = new MemoryStream();
using (CryptoStream cs = new CryptoStream(ms, rj.CreateEncryptor(Key, IV), CryptoStreamMode.Write))
{
using (StreamWriter sw = new StreamWriter(cs))
{
sw.Write(message);
sw.Close();
}
cs.Close();
}
byte[] encoded = ms.ToArray();
encrypted = Convert.ToBase64String(encoded);
ms.Close();
}
catch (CryptographicException e)
{
Console.WriteLine("A Cryptographic error occurred: {0}", e.Message);
return null;
}
catch (UnauthorizedAccessException e)
{
Console.WriteLine("A file error occurred: {0}", e.Message);
return null;
}
catch (Exception e)
{
Console.WriteLine("An error occurred: {0}", e.Message);
}
finally
{
rj.Clear();
}
return encrypted;
}
PHP
var $mcrypt_cipher = MCRYPT_RIJNDAEL_256;
var $mcrypt_mode = MCRYPT_MODE_CBC;
function decrypt($key, $iv, $encrypted)
{
$encrypted = base64_decode($encrypted);
$decrypted = rtrim(mcrypt_decrypt($this->mcrypt_cipher, $key, $encrypted, $this->mcrypt_mode, $iv), "\0");;
return $decrypted;
}
Thanks
If you want to use Rijndael256 in your C# application you have to set the BlockSize to 256.
RijndaelManaged rj = new RijndaelManaged();
rj.BlockSize = 256;
And then your iv has to be 256 bits long as well.
see SymmetricAlgorithm.BlockSize Property
Or the other way round: Currently your C# application uses Rijndael128 and so must your php script.
<?php
class Foo {
protected $mcrypt_cipher = MCRYPT_RIJNDAEL_128;
protected $mcrypt_mode = MCRYPT_MODE_CBC;
public function decrypt($key, $iv, $encrypted)
{
$iv_utf = mb_convert_encoding($iv, 'UTF-8');
return mcrypt_decrypt($this->mcrypt_cipher, $key, base64_decode($encrypted), $this->mcrypt_mode, $iv_utf);
}
}
$encrypted = "UmzUCnAzThH0nMkIuMisqg==";
$key = "qwertyuiopasdfghjklzxcvbnmqwerty";
$iv = "1234567890123456";
$foo = new Foo;
echo $foo->decrypt($key, $iv, $encrypted);
prints hello world
Encrypt using PHP;
/Generate public key for encrytion
$path = "keys/";
$crt = openssl_x509_read(file_get_contents($path."cert.crt"));
$publickey = openssl_get_publickey($crt);
//Encrypt using public key
openssl_public_encrypt($source, $crypted, $publickey);
//openssl_private_encrypt($source, $crypted, $privkey);
echo base64_encode($crypted);
Decrypt using C#
X509Certificate2 x509cert = new X509Certificate2(pKeyFilename);
RSACryptoServiceProvider.UseMachineKeyStore = false;
RSACryptoServiceProvider crypt = (RSACryptoServiceProvider)x509cert.PrivateKey;
byte[] decrypted = crypt.Decrypt(Convert.FromBase64String(data), false);
return ASCIIEncoding.UTF8.GetString(decrypted);
where pKeyFilename is a Personal Information Exchange File created with the certificate file cert.crt. This examples uses a AES-256 encryption.