login about faq

I am being passed an already encrypted string -

pEuFIDs1DH35MicCvtahDc75gMPduLAgqfBXyCLPfAkhDQdhkDT2BL1RewsAbmwa7AsOHa0TkaShCe6CJde1G QpgqPePDv6jcat0SLSlRjylgJujE7RMS2MRCvdTvh/9c88zGqO0d4HAL7cA2nGIZ7gHWB8BjWJW6akqcaLDlQ ALo/vzwJyngVSP9RZO+koaGnOPC1M3oMKOAcV/Gk4u2a6VkYFCf7lBj6ileeKjGGY=

The encryption type is AES 128, the Mode is CBC, the Padding is PKCS5, the password is hello. I only want to decrypt what I am being passed so I can read it. Is that even possible?

Here is my code -

<%@ Language=VBScript %> <% OPTION EXPLICIT %>

<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> </head> <body>

<% Dim crypt, success, encStr, decStr

set crypt = Server.CreateObject("Chilkat_9_5_0.Crypt2")

success = crypt.UnlockComponent("teststuff") If success <> 1 Then Response.write "

" & Server.HTMLEncode( crypt.LastErrorText) & "
" End if

crypt.CryptAlgorithm = "aes" crypt.CipherMode = "cbc" crypt.KeyLength = 128

crypt.EncodingMode = "base64"

encStr = "pEuFIDs1DH35MicCvtahDc75gMPduLAgqfBXyCLPfAkhDQdhkDT2BL1RewsAbmwa7AsOHa0TkaShCe6CJde1G QpgqPePDv6jcat0SLSlRjylgJujE7RMS2MRCvdTvh/9c88zGqO0d4HAL7cA2nGIZ7gHWB8BjWJW6akqcaLDlQ ALo/vzwJyngVSP9RZO+koaGnOPC1M3oMKOAcV/Gk4u2a6VkYFCf7lBj6ileeKjGGY=" decStr = crypt.DecryptStringENC(encStr) Response.Write "

" & Server.HTMLEncode( decStr) & "
"

%>

</body> </html>

Nothing is being returned at all. decStr is blank. What am I doing wrong? Where do I tell the code that the password is "hello" do I even need to do that?

Any help would be extremely appreciated!!

asked Feb 19 at 12:51

gpfeifer's gravatar image

gpfeifer
111


Turn on VerboseLogging like this:

crypt.VerboseLogging = 1

Then look at the crypt.LastErrorText after calling DecryptStringENC.

Also, CBC mode requires an IV. The IV is by-default all 0 bytes (16 bytes in length).

And MOST IMPORTANTLY -- you need to set the secret key..

link

answered Feb 19 at 13:00

chilkat's gravatar image

chilkat ♦♦
11.8k316358421

OK I think some progress has been made, thanks for your quick response. Updated Code- crypt.CryptAlgorithm = "aes" crypt.CipherMode = "cbc" crypt.KeyLength = 128 crypt.VerboseLogging = 1 crypt.SetEncodedIV "0000000000000000", "hex" crypt.SetEncodedKey "hello", "hex" crypt.EncodingMode = "base64" encStr = "pEuFIDs1DH35MicCvtahDc75gMPduLAgqfBXyCLPfAkhDQdhkDT2BL1RewsAbmwa7AsOHa0TkaShCe6CJde1G QpgqPePDv6jcat0SLSlRjylgJujE7RMS2MRCvdTvh/9c88zGqO0d4HAL7cA2nGIZ7gHWB8BjWJW6akqcaLDlQ ALo/vzwJyngVSP9RZO+koaGnOPC1M3oMKOAcV/Gk4u2a6VkYFCf7lBj6ileeKjGGY="

decStr = crypt.DecryptStringENC(encStr) Response.write "

" & Server.HTMLEncode( crypt.LastErrorText) & "
" Response.Write "
 YO = " & Server.HTMLEncode( decStr) & "
"

This is what I am getting back - VerboseLogging: 1 encodedEncryptedData: pEuFIDs1DH35MicCvtahDc75gMPduLAgqfBXyCLPfAkhDQdhkDT2BL1RewsAbmwa7AsOHa0TkaShCe6CJde1G QpgqPePDv6jcat0SLSlRjylgJujE7RMS2MRCvdTvh/9c88zGqO0d4HAL7cA2nGIZ7gHWB8BjWJW6akqcaLDlQ ALo/vzwJyngVSP9RZO+koaGnOPC1M3oMKOAcV/Gk4u2a6VkYFCf7lBj6ileeKjGGY= sizeAfterDecoding: 176 decryptBytesNew: keyLength: 24 --decryptBytesNew decryptedSizeInBytes: 174 codePage: 1252 cryptDetails: algorithm: aes keyLength: 128 paddingScheme: 0 cipherMode: cbc encodingMode: base64 charset: windows-1252 secretKeyLen: 3 iv: 0000 0000 0000 0000 0000 0000 0000 0000 dataNumBytes: 174 dataHex: 5DFE 084C F6FA 0B0B 47F9 CD2C 9515 4126 BA83 2710 D69D 97BE 1D15 1463 5D9B 43CE 690D 0F43 55F8 2338 D09B 9109 5C96 4D16 6C3E 3171 7191 7C8D 2BD7 6721 47CB 8C67 8F9C 0C5A AA56 E624 0DC3 060A 3528 709B A211 2314 E421 16A1 7403 D819 454D 97A1 61CE 3B28 0BEE 21CC 7F83 19E6 0C16 FD00 BF9F 4A28 B593 5D42 63B7 E0FC 0898 F9B3 9C25 77C0 91C5 3504 45BA 14F3 1F46 A7F1 40FF 136D 8B8D CBF5 8D17 4DFC A8D0 F149 4352 A541 6138 D2D0 A6D1 6D69 332C --cryptDetails Success. --DecryptStringENC --ChilkatLog Now here is the decrypted string albeit unreadable - ]þLöú GùÍ,•A&ºƒ'Ö—¾c]›CÎi CUø#8Л‘ –Ml>1qq‘|+×g!GËŒgœ ZªVæ$ à 5(p›¢#ä!¡tØEM—¡aÎ;( î!̃æ ý

Is "hello" not the secret key?

link

answered Feb 19 at 13:37

gpfeifer's gravatar image

gpfeifer
111

  1. "hello" is NOT a hexadecimal string.
  2. For 128-bit encryption, the secret key must be 16 bytes. You need a 16-byte hex secret key... ("hello" is not 16 bytes -- it is 5 bytes if chars are represented as us-ascii)..
link

answered Feb 19 at 13:42

chilkat's gravatar image

chilkat ♦♦
11.8k316358421

Thanks again for your quick response and I am sorry If I am not being very intelligent here. But the word hello is the password that was provided to me from the person that encrypted the data. Did they provide me with an invalid passord?

link

answered Feb 19 at 13:48

gpfeifer's gravatar image

gpfeifer
111

In any symmetric encryption algorithm (AES, TwoFish, Blowfish, or whatever the encryption algorithm), the meaning of "128-bit" encryption, or "256-bit" encryption is to indicate the size in bits of the secret key. "symmetric" means the same secret key is used for both encrypting and decrypting.

Therefore, when doing 128-bit encryption, your secret key MUST be 16 bytes.

"test" is obviously not 16 bytes. Therefore, the person who provided you with the "password" gave you incomplete information. He must tell you how an arbitrary-length password is transformed to obtain the exact 16-byte secret key. Maybe it's done by taking the MD5 hash of it? Maybe it's done by just adding 0 bytes to the us-ascii byte representation? He needs to give you that information.

link

answered Feb 19 at 15:23

chilkat's gravatar image

chilkat ♦♦
11.8k316358421

I am not getting much help from the people that are providing the encrypted string.  Encryp􏰁on type AES 128 Mode CBC Padding PKCS5 (.net uses PKCS7) Password hello Encryp􏰁on reference htt􏰂p://zenu.wordpress.com/2011/09/21/aes- 128bit-cross-pla􏰃orm-java-and-c-encryp􏰁on- compa􏰁bility/

Start Encryption pEuFIDs1DH35MicCvtahDc75gMPduLAgqfBXyCLPfAkhDQdhkDT2BL1RewsAbmwa7AsOHa0TkaShCe6CJde1G QpgqPePDv6jcat0SLSlRjylgJujE7RMS2MRCvdTvh/9c88zGqO0d4HAL7cA2nGIZ7gHWB8BjWJW6akqcaLDlQ ALo/vzwJyngVSP9RZO+koaGnOPC1M3oMKOAcV/Gk4u2a6VkYFCf7lBj6ileeKjGGY= End Encryption

link

answered Feb 22 at 07:51

gpfeifer's gravatar image

gpfeifer
111

Made great progress!! So I converted the password from "hello" to 68656C6C6F and I am getting 95% of the decrypted sting which is great.

This is what I am getting back now - YW_XZ6^John^Doe^Placeholder Name^ATS^217 General Patton Ave.^Suite 208^Mandeville^LA^70471^United States^985-809-0600^985-809-0700^postmaster@atsleads.com^SessionString

This is what I should be getting back - 123456^John^Doe^Placeholder Name^ATS^217 General Patton Ave.^Suite 208^Mandeville^LA^70471^United States^985-809-0600^985-809- 0700^postmaster@atsleads.com^SessionString

The only difference is the first 5 characters are not coming back correctly.

Here is my code -

Dim crypt, success, encStr, decStr, iV, keyHex

set crypt = Server.CreateObject("Chilkat_9_5_0.Crypt2")

success = crypt.UnlockComponent("teststuff") If success <> 1 Then Response.write "

" & Server.HTMLEncode( crypt.LastErrorText) & "
" End if

crypt.CryptAlgorithm = "aes" crypt.CipherMode = "cbc" crypt.KeyLength = 128 crypt.VerboseLogging = 1 iV = "0000000000000000" crypt.SetEncodedIV iV, "hex" crypt.PaddingScheme = 0

crypt.SetEncodedKey "68656C6C6F", "hex"

crypt.EncodingMode = "base64"

encStr = "pEuFIDs1DH35MicCvtahDc75gMPduLAgqfBXyCLPfAkhDQdhkDT2BL1RewsAbmwa7AsOHa0TkaShCe6CJde1G QpgqPePDv6jcat0SLSlRjylgJujE7RMS2MRCvdTvh/9c88zGqO0d4HAL7cA2nGIZ7gHWB8BjWJW6akqcaLDlQ ALo/vzwJyngVSP9RZO+koaGnOPC1M3oMKOAcV/Gk4u2a6VkYFCf7lBj6ileeKjGGY=" decStr = crypt.DecryptStringENC(encStr)

Response.write "

" & Server.HTMLEncode( crypt.LastErrorText) & "
" Response.Write "
" & Server.HTMLEncode( decStr) & "
"

Am I missing something to get those first five characters converted correctly.

link

answered Feb 22 at 08:36

gpfeifer's gravatar image

gpfeifer
111

The IV is wrong.

You probably need an IV of all zero bytes (not the character '0', but bytes having the value 0x00). The us-ascii character '0' is 0x30 (see http://www.asciitable.com/ )

Leave the IV unset to get the default.

link

answered Feb 22 at 08:40

chilkat's gravatar image

chilkat ♦♦
11.8k316358421

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×13
×7

Asked: Feb 19 at 12:51

Seen: 527 times

Last updated: Feb 22 at 08:40

powered by OSQA