|
EncryptStandard Android / DecryptStandard Win |
Started by marcov, May, 17 2021 10:35 AM - 8 replies |
| |
| | | |
|
| |
Registered member 55 messages |
|
Posted on May, 17 2021 - 10:35 AM |
hi, i'm trying to encrypt data sent from an android terminal inside a json, but when it arrives at the windows webserver the data is not consistent.
ANDROID:
sUserE is Buffer = "PASSWORD" bufKeyU is Buffer = HashString(HA_MD5_128, "PASSWORD") bufEncryptU is Buffer = EncryptStandard(sUserE, bufKeyU, cryptAES128) sU is string sU =bufEncryptU sPwdE is Buffer = "PASSWORD" bufKeyP is Buffer = HashString(HA_MD5_128, "PASSWORD") bufEncryptP is Buffer = EncryptStandard(sPwdE, bufKeyP, cryptAES128) sP is string sP=bufEncryptP
vRequest is Variant vRequest.user = sU vRequest.pwd = sP
Trace(VariantToJSON(vRequest))
cMyRequest is a httpRequest cMyRequest..URL = "http://localhost:8025/Login" cMyRequest..ContentType = "application/json" cMyRequest..Content = VariantToJSON (vRequest) cMyRequest..Method = httpPost cMyResponse is a httpResponse = HTTPSend(cMyRequest)
SERVER WIN:
sFromCustomer is string vParameters is Variant sResultP is Buffer sResultU is Buffer // Retrieves the parameter value sFromCustomer = WebserviceParameter(paramBuffer)
IF sFromCustomer <>"" THEN vParameters = JSONToVariant(sFromCustomer) sPdvUser is Buffer =vParameters.user sPdvPwd is Buffer = vParameters.pwd bufKeyU is Buffer = HashString(HA_MD5_128, "PASSWORD") sResultU = DecryptStandard(sPdvUser, bufKeyU , cryptAES128) bufKeyP is Buffer = HashString(HA_MD5_128, "PASSWORD") sResultP = DecryptStandard(sPdvPwd, bufKeyP , cryptAES128) // Save the information found in // the trace window in the "C:\Trace\MyFile.txt" file TraceStart(trFile, "C:\Trace\MyFile.txt") ... Trace("User: " + sPdvUser + " Pwd: " +sPdvPwd) END
TRACE FILE: User: ê"gI?8‡!Áêø‚eâËBs¶É '¦;öÓ Pwd: „µˆ@zr‰$@-õøj@v,ïŠì 2FLšŽßŒÉW User: ê"gI?8‡!Áêø‚eâËBs¶É '¦;öÓ Pwd: „µˆ@zr‰$@-õøj@v,ïŠì 2FLšŽßŒÉW
what am I doing wrong? |
| |
| |
| | | |
|
| | |
| |
Registered member 55 messages |
|
Posted on May, 17 2021 - 10:58 AM |
sorry correct code is: ANDROID:
sUserE is Buffer = "PASSWORD" bufKeyU is Buffer = HashString(HA_MD5_128, "PASSWORD") bufEncryptU is Buffer = EncryptStandard(sUserE, bufKeyU, cryptAES128)
sPwdE is Buffer = "PASSWORD" bufKeyP is Buffer = HashString(HA_MD5_128, "PASSWORD") bufEncryptP is Buffer = EncryptStandard(sPwdE, bufKeyP, cryptAES128)
vRequest is Variant vRequest.user = bufEncryptU vRequest.pwd = bufEncryptP
Trace(VariantToJSON(vRequest))
cMyRequest is a httpRequest cMyRequest..URL = "http://localhost:8025/Login" cMyRequest..ContentType = "application/json" cMyRequest..Content = VariantToJSON (vRequest) cMyRequest..Method = httpPost cMyResponse is a httpResponse = HTTPSend(cMyRequest)
SERVER WIN:
sFromCustomer is string vParameters is Variant sResultP is Buffer sResultU is Buffer // Retrieves the parameter value sFromCustomer = WebserviceParameter(paramBuffer)
IF sFromCustomer <>"" THEN vParameters = JSONToVariant(sFromCustomer)
sPdvUser is Buffer =vParameters.user sPdvPwd is Buffer = vParameters.pwd bufKeyU is Buffer = HashString(HA_MD5_128, "PASSWORD") sResultU = DecryptStandard(sPdvUser, bufKeyU , cryptAES128) bufKeyP is Buffer = HashString(HA_MD5_128, "PASSWORD") sResultP = DecryptStandard(sPdvPwd, bufKeyP , cryptAES128) // Save the information found in // the trace window in the "C:\Trace\MyFile.txt" file TraceStart(trFile, "C:\Trace\MyFile.txt") ... Trace("User: " + sPdvUser + " Pwd: " +sPdvPwd)
END
TRACE FILE: User: ê"gI?8‡!Áêø‚eâËBs¶É '¦;öÓ Pwd: „µˆ@zr‰$@-õøj@v,ïŠì 2FLšŽßŒÉW User: ê"gI?8‡!Áêø‚eâËBs¶É '¦;öÓ Pwd: „µˆ@zr‰$@-õøj@v,ïŠì 2FLšŽßŒÉW |
| |
| |
| | | |
|
| | |
| |
Posted on May, 17 2021 - 1:06 PM |
the first problem (maybe the only one) is that you are NOT typing your strings correctly. On the windows side, Mystring is string or "Password" declares and ANSI string, but on the android side, it declares a UNICODE string (twice as long), hence giving a completely different encrypted result
So on both sides, you should delcare things the exact same TYPED way by example
sUserE is Buffer = "PASSWORD"
should be asString is ansi string= "PASSWORD" bBuffer is buffer = asString
bufKeyU is Buffer = HashString(HA_MD5_128, "PASSWORD") should be bufKeyU is Buffer = HashString(HA_MD5_128, bBuffer)
so: never use directly a string "password" and always type them |
| |
| |
| | | |
|
| | |
| |
Registered member 55 messages |
|
Posted on May, 17 2021 - 2:12 PM |
thanks, and for EncryptStandard(sUserE, bufKeyU, cryptAES128)? |
| |
| |
| | | |
|
| | |
| |
Registered member 55 messages |
|
Posted on May, 17 2021 - 2:41 PM |
sorry Andorid side I think I am there but WIN side I get this error: the message decryption faild. the finalization step encryption/decryption algorithm faild.
code:
Trace("Ricevuto:" +sPdvUser) asString is ANSI string = sPdvUser bBuffer is Buffer = asString bKeyU is Buffer = HashString(HA_MD5_128, bBuffer) bEncryptU is Buffer = DecryptStandard(bBuffer, bKeyU, cryptAES128)
Trace("Decodificato:" +bEncryptU) |
| |
| |
| | | |
|
| | |
| |
Posted on May, 17 2021 - 3:05 PM |
another problem I see in your code is this: sP=bufEncryptP
The encryption result is BINARY, and it WILL contain binary zero somewhere In a string, binary zero is the END OF STRING, so you WILL LOOSE DATA if you do that
Try encoding the buffer in hexa or base64 for the transport... |
| |
| |
| | | |
|
| | |
| |
Registered member 55 messages |
|
Posted on May, 17 2021 - 4:27 PM |
SORRY , the code is the second post sP is a old code |
| |
| |
| | | |
|
| | |
| |
Registered member 55 messages |
|
Posted on May, 17 2021 - 5:08 PM |
Correct code: ANDROID: it seems to work sUser is string = EDT_user asString is ANSI string = EDT_user bufBBuffer is Buffer = asString bufKeyU is Buffer = HashString(HA_MD5_128, bufBBuffer) bufEncryptU is Buffer = EncryptStandard(bufBBuffer, bufKeyU, cryptAES128)
vRequest is Variant vRequest.user = bufEncryptU vRequest.pwd = sPwd
Trace(VariantToJSON(vRequest)) ### TRACE : { "user":"sVLDQExGdSH6FbBU8vKrmjD\/zkXB66Sf7CDrO1g7\/Js=", "pwd":"........" }
cMyRequest is a httpRequest cMyRequest..URL = "http://localhost:8025/Login" cMyRequest..ContentType = "application/json" cMyRequest..Content = VariantToJSON (vRequest) cMyRequest..Method = httpPost cMyResponse is a httpResponse = HTTPSend(cMyRequest)
WIN: sFromCustomer is string vParameters is Variant xRisp is a JSON
sPdvUser is string sPdvPwd is string // Retrieves the parameter value according to syntax sFromCustomer = WebserviceParameter(paramBuffer)
vParameters = JSONToVariant(sFromCustomer) sPdvUser =vParameters.user sPdvPwd = vParameters.pwd asString is string = sPdvUser bufBBuffer is Buffer = asString bufKeyU is Buffer = HashString(HA_MD5_128,"PROXIMA061") bufEncryptU is Buffer = DecryptStandard(bufBBuffer, bufKeyU, cryptAES128) // #### the message decryption faild. the finalization step encryption/decryption algorithm faild. Trace("Decodificato:" +bufEncryptU) // TRACE: Ricevuto:sVLDQExGdSH6FbBU8vKrmjD/zkXB66Sf7CDrO1g7/Js= |
| |
| |
| | | |
|
| | |
| |
Registered member 55 messages |
|
Posted on May, 18 2021 - 11:27 AM |
hi,
has anyone ever done something like this? basically I would like to encrypt the data inside the JSON produced by ANDROID and decrypt them in the WIN server. help... |
| |
| |
| | | |
|
| | | | |
| | |
|