Archived Forum Post
Question:
Need to decrypt an AS 128 string
Feb 22 '16 at 08:40
I am being passed an already encrypted string -
pEuFIDs1DH35MicCvtahDc75gMPduLAgqfBXyCLPfAkhDQdhkDT2BL1RewsAbmwa7AsOHa0TkaShCe6CJde1G QpgqPePDv6jcat0SLSlRjylgJujE7RMS2MRCvdTvh/9c88zGqO0d4HAL7cA2nGIZ7gHWB8BjWJW6akqcaLDlQ ALo/vzwJyngVSP9RZO+koaGnOPC1M3oMKOAcV/Gk4u2a6VkYFCf7lBj6ileeKjGGY=
The encryption type is AES 128, the Mode is CBC, the Padding is PKCS5, the password is hello. I only want to decrypt what I am being passed so I can read it. Is that even possible?
Here is my code -
<%@ Language=VBScript %>
<% OPTION EXPLICIT %>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<%
Dim crypt, success, encStr, decStr
set crypt = Server.CreateObject("Chilkat_9_5_0.Crypt2")
success = crypt.UnlockComponent("teststuff")
If success <> 1 Then
Response.write "
" & Server.HTMLEncode( crypt.LastErrorText) & "
"
End if
crypt.CryptAlgorithm = "aes"
crypt.CipherMode = "cbc"
crypt.KeyLength = 128
crypt.EncodingMode = "base64"
encStr = "pEuFIDs1DH35MicCvtahDc75gMPduLAgqfBXyCLPfAkhDQdhkDT2BL1RewsAbmwa7AsOHa0TkaShCe6CJde1G QpgqPePDv6jcat0SLSlRjylgJujE7RMS2MRCvdTvh/9c88zGqO0d4HAL7cA2nGIZ7gHWB8BjWJW6akqcaLDlQ ALo/vzwJyngVSP9RZO+koaGnOPC1M3oMKOAcV/Gk4u2a6VkYFCf7lBj6ileeKjGGY="
decStr = crypt.DecryptStringENC(encStr)
Response.Write "
" & Server.HTMLEncode( decStr) & "
"
%>
</body>
</html>
Nothing is being returned at all. decStr is blank. What am I doing wrong? Where do I tell the code that the password is "hello" do I even need to do that?
Any help would be extremely appreciated!!
Answer
Turn on VerboseLogging like this:
crypt.VerboseLogging = 1
Then look at the crypt.LastErrorText after calling DecryptStringENC.
Also, CBC mode requires an IV. The IV is by-default all 0 bytes (16 bytes in length).
And MOST IMPORTANTLY -- you need to set the secret key..
Answer
OK I think some progress has been made, thanks for your quick response.
Updated Code-
crypt.CryptAlgorithm = "aes"
crypt.CipherMode = "cbc"
crypt.KeyLength = 128
crypt.VerboseLogging = 1
crypt.SetEncodedIV "0000000000000000", "hex"
crypt.SetEncodedKey "hello", "hex"
crypt.EncodingMode = "base64"
encStr = "pEuFIDs1DH35MicCvtahDc75gMPduLAgqfBXyCLPfAkhDQdhkDT2BL1RewsAbmwa7AsOHa0TkaShCe6CJde1G QpgqPePDv6jcat0SLSlRjylgJujE7RMS2MRCvdTvh/9c88zGqO0d4HAL7cA2nGIZ7gHWB8BjWJW6akqcaLDlQ ALo/vzwJyngVSP9RZO+koaGnOPC1M3oMKOAcV/Gk4u2a6VkYFCf7lBj6ileeKjGGY="
decStr = crypt.DecryptStringENC(encStr)
Response.write "
" & Server.HTMLEncode( crypt.LastErrorText) & "
"
Response.Write "
YO = " & Server.HTMLEncode( decStr) & "
"
This is what I am getting back -
VerboseLogging: 1
encodedEncryptedData: pEuFIDs1DH35MicCvtahDc75gMPduLAgqfBXyCLPfAkhDQdhkDT2BL1RewsAbmwa7AsOHa0TkaShCe6CJde1G QpgqPePDv6jcat0SLSlRjylgJujE7RMS2MRCvdTvh/9c88zGqO0d4HAL7cA2nGIZ7gHWB8BjWJW6akqcaLDlQ ALo/vzwJyngVSP9RZO+koaGnOPC1M3oMKOAcV/Gk4u2a6VkYFCf7lBj6ileeKjGGY=
sizeAfterDecoding: 176
decryptBytesNew:
keyLength: 24
--decryptBytesNew
decryptedSizeInBytes: 174
codePage: 1252
cryptDetails:
algorithm: aes
keyLength: 128
paddingScheme: 0
cipherMode: cbc
encodingMode: base64
charset: windows-1252
secretKeyLen: 3
iv: 0000 0000 0000 0000 0000 0000 0000 0000
dataNumBytes: 174
dataHex: 5DFE 084C F6FA 0B0B 47F9 CD2C 9515 4126
BA83 2710 D69D 97BE 1D15 1463 5D9B 43CE
690D 0F43 55F8 2338 D09B 9109 5C96 4D16
6C3E 3171 7191 7C8D 2BD7 6721 47CB 8C67
8F9C 0C5A AA56 E624 0DC3 060A 3528 709B
A211 2314 E421 16A1 7403 D819 454D 97A1
61CE 3B28 0BEE 21CC 7F83 19E6 0C16 FD00
BF9F 4A28 B593 5D42 63B7 E0FC 0898 F9B3
9C25 77C0 91C5 3504 45BA 14F3 1F46 A7F1
40FF 136D 8B8D CBF5 8D17 4DFC A8D0 F149
4352 A541 6138 D2D0 A6D1 6D69 332C
--cryptDetails
Success.
--DecryptStringENC
--ChilkatLog
Now here is the decrypted string albeit unreadable -
]þ�Löú��GùÍ,•�A&ºƒ'�Ö—¾���c]›CÎi
�CUø#8Л‘ –M�l>1qq‘|+×g!GËŒgœ�ZªVæ$
�
5(p›¢�#�ä!�¡tØ�EM—¡aÎ;(�î!̃�æ��ý
Is "hello" not the secret key?
Answer
- "hello" is NOT a hexadecimal string.
- For 128-bit encryption, the secret key must be 16 bytes. You need a 16-byte hex secret key... ("hello" is not 16 bytes -- it is 5 bytes if chars are represented as us-ascii)..
Answer
Thanks again for your quick response and I am sorry If I am not being very intelligent here. But the word hello is the password that was provided to me from the person that encrypted the data. Did they provide me with an invalid passord?
Answer
In any symmetric encryption algorithm (AES, TwoFish, Blowfish, or whatever the encryption algorithm), the meaning of "128-bit" encryption, or "256-bit" encryption is to indicate the size in bits of the secret key. "symmetric" means the same secret key is used for both encrypting and decrypting.
Therefore, when doing 128-bit encryption, your secret key MUST be 16 bytes.
"test" is obviously not 16 bytes. Therefore, the person who provided you with the "password" gave you incomplete information. He must tell you how an arbitrary-length password is transformed to obtain the exact 16-byte secret key. Maybe it's done by taking the MD5 hash of it? Maybe it's done by just adding 0 bytes to the us-ascii byte representation? He needs to give you that information.
Answer
I am not getting much help from the people that are providing the encrypted string.

Encrypon type AES 128
Mode CBC
Padding PKCS5 (.net uses PKCS7)
Password hello
Encrypon reference http://zenu.wordpress.com/2011/09/21/aes- 128bit-cross-plaorm-java-and-c-encrypon- compability/
Start Encryption
pEuFIDs1DH35MicCvtahDc75gMPduLAgqfBXyCLPfAkhDQdhkDT2BL1RewsAbmwa7AsOHa0TkaShCe6CJde1G QpgqPePDv6jcat0SLSlRjylgJujE7RMS2MRCvdTvh/9c88zGqO0d4HAL7cA2nGIZ7gHWB8BjWJW6akqcaLDlQ ALo/vzwJyngVSP9RZO+koaGnOPC1M3oMKOAcV/Gk4u2a6VkYFCf7lBj6ileeKjGGY=
End Encryption
Answer
Made great progress!! So I converted the password from "hello" to 68656C6C6F and I am getting 95% of the decrypted sting which is great.
This is what I am getting back now -
YW_XZ6^John^Doe^Placeholder Name^ATS^217 General Patton Ave.^Suite 208^Mandeville^LA^70471^United States^985-809-0600^985-809-0700^postmaster@atsleads.com^SessionString
This is what I should be getting back -
123456^John^Doe^Placeholder Name^ATS^217 General Patton Ave.^Suite 208^Mandeville^LA^70471^United States^985-809-0600^985-809- 0700^postmaster@atsleads.com^SessionString
The only difference is the first 5 characters are not coming back correctly.
Here is my code -
Dim crypt, success, encStr, decStr, iV, keyHex
set crypt = Server.CreateObject("Chilkat_9_5_0.Crypt2")
success = crypt.UnlockComponent("teststuff")
If success <> 1 Then
Response.write "
" & Server.HTMLEncode( crypt.LastErrorText) & "
"
End if
crypt.CryptAlgorithm = "aes"
crypt.CipherMode = "cbc"
crypt.KeyLength = 128
crypt.VerboseLogging = 1
iV = "0000000000000000"
crypt.SetEncodedIV iV, "hex"
crypt.PaddingScheme = 0
crypt.SetEncodedKey "68656C6C6F", "hex"
crypt.EncodingMode = "base64"
encStr = "pEuFIDs1DH35MicCvtahDc75gMPduLAgqfBXyCLPfAkhDQdhkDT2BL1RewsAbmwa7AsOHa0TkaShCe6CJde1G QpgqPePDv6jcat0SLSlRjylgJujE7RMS2MRCvdTvh/9c88zGqO0d4HAL7cA2nGIZ7gHWB8BjWJW6akqcaLDlQ ALo/vzwJyngVSP9RZO+koaGnOPC1M3oMKOAcV/Gk4u2a6VkYFCf7lBj6ileeKjGGY="
decStr = crypt.DecryptStringENC(encStr)
Response.write "
" & Server.HTMLEncode( crypt.LastErrorText) & "
"
Response.Write "
" & Server.HTMLEncode( decStr) & "
"
Am I missing something to get those first five characters converted correctly.
Answer
The IV is wrong.
You probably need an IV of all zero bytes (not the character '0', but bytes having the value 0x00). The us-ascii character '0' is 0x30 (see http://www.asciitable.com/ )
Leave the IV unset to get the default.