|
| EncryptStandard Android / DecryptStandard Win |
| Started by marcov, May, 17 2021 10:35 AM - 8 replies |
| |
| | | |
|
| |
Registered member
55 messages |
|
Posted on May, 17 2021 - 10:35 AM |
hi,
i'm trying to encrypt data sent from an android terminal inside a json, but when it arrives at the windows webserver the data is not consistent.
ANDROID:
sUserE is Buffer = "PASSWORD"
bufKeyU is Buffer = HashString(HA_MD5_128, "PASSWORD")
bufEncryptU is Buffer = EncryptStandard(sUserE, bufKeyU, cryptAES128)
sU is string
sU =bufEncryptU
sPwdE is Buffer = "PASSWORD"
bufKeyP is Buffer = HashString(HA_MD5_128, "PASSWORD")
bufEncryptP is Buffer = EncryptStandard(sPwdE, bufKeyP, cryptAES128)
sP is string
sP=bufEncryptP
vRequest is Variant
vRequest.user = sU
vRequest.pwd = sP
Trace(VariantToJSON(vRequest))
cMyRequest is a httpRequest
cMyRequest..URL = "http://localhost:8025/Login"
cMyRequest..ContentType = "application/json"
cMyRequest..Content = VariantToJSON (vRequest)
cMyRequest..Method = httpPost
cMyResponse is a httpResponse = HTTPSend(cMyRequest)
SERVER WIN:
sFromCustomer is string
vParameters is Variant
sResultP is Buffer
sResultU is Buffer
// Retrieves the parameter value
sFromCustomer = WebserviceParameter(paramBuffer)
IF sFromCustomer <>"" THEN
vParameters = JSONToVariant(sFromCustomer)
sPdvUser is Buffer =vParameters.user
sPdvPwd is Buffer = vParameters.pwd
bufKeyU is Buffer = HashString(HA_MD5_128, "PASSWORD")
sResultU = DecryptStandard(sPdvUser, bufKeyU , cryptAES128)
bufKeyP is Buffer = HashString(HA_MD5_128, "PASSWORD")
sResultP = DecryptStandard(sPdvPwd, bufKeyP , cryptAES128)
// Save the information found in
// the trace window in the "C:\Trace\MyFile.txt" file
TraceStart(trFile, "C:\Trace\MyFile.txt")
...
Trace("User: " + sPdvUser + " Pwd: " +sPdvPwd)
END
TRACE FILE:
User: ê"gI�?8‡�!Áêø�‚�eâËBs¶�É '¦;ö�Ó Pwd: „µˆ@zr‰�$@-õøj@v,ïŠ�ì 2FLšŽßŒÉW
User: ê"gI�?8‡�!Áêø�‚�eâËBs¶�É '¦;ö�Ó Pwd: „µˆ@zr‰�$@-õøj@v,ïŠ�ì 2FLšŽßŒÉW
what am I doing wrong? |
| |
| |
| | | |
|
| | |
| |
Registered member
55 messages |
|
Posted on May, 17 2021 - 10:58 AM |
sorry correct code is:
ANDROID:
sUserE is Buffer = "PASSWORD"
bufKeyU is Buffer = HashString(HA_MD5_128, "PASSWORD")
bufEncryptU is Buffer = EncryptStandard(sUserE, bufKeyU, cryptAES128)
sPwdE is Buffer = "PASSWORD"
bufKeyP is Buffer = HashString(HA_MD5_128, "PASSWORD")
bufEncryptP is Buffer = EncryptStandard(sPwdE, bufKeyP, cryptAES128)
vRequest is Variant
vRequest.user = bufEncryptU
vRequest.pwd = bufEncryptP
Trace(VariantToJSON(vRequest))
cMyRequest is a httpRequest
cMyRequest..URL = "http://localhost:8025/Login"
cMyRequest..ContentType = "application/json"
cMyRequest..Content = VariantToJSON (vRequest)
cMyRequest..Method = httpPost
cMyResponse is a httpResponse = HTTPSend(cMyRequest)
SERVER WIN:
sFromCustomer is string
vParameters is Variant
sResultP is Buffer
sResultU is Buffer
// Retrieves the parameter value
sFromCustomer = WebserviceParameter(paramBuffer)
IF sFromCustomer <>"" THEN
vParameters = JSONToVariant(sFromCustomer)
sPdvUser is Buffer =vParameters.user
sPdvPwd is Buffer = vParameters.pwd
bufKeyU is Buffer = HashString(HA_MD5_128, "PASSWORD")
sResultU = DecryptStandard(sPdvUser, bufKeyU , cryptAES128)
bufKeyP is Buffer = HashString(HA_MD5_128, "PASSWORD")
sResultP = DecryptStandard(sPdvPwd, bufKeyP , cryptAES128)
// Save the information found in
// the trace window in the "C:\Trace\MyFile.txt" file
TraceStart(trFile, "C:\Trace\MyFile.txt")
...
Trace("User: " + sPdvUser + " Pwd: " +sPdvPwd)
END
TRACE FILE:
User: ê"gI�?8‡�!Áêø�‚�eâËBs¶�É '¦;ö�Ó Pwd: „µˆ@zr‰�$@-õøj@v,ïŠ�ì 2FLšŽßŒÉW
User: ê"gI�?8‡�!Áêø�‚�eâËBs¶�É '¦;ö�Ó Pwd: „µˆ@zr‰�$@-õøj@v,ïŠ�ì 2FLšŽßŒÉW |
| |
| |
| | | |
|
| | |
| |
Posted on May, 17 2021 - 1:06 PM |
the first problem (maybe the only one) is that you are NOT typing your strings correctly.
On the windows side, Mystring is string or "Password" declares and ANSI string, but on the android side, it declares a UNICODE string (twice as long), hence giving a completely different encrypted result
So on both sides, you should delcare things the exact same TYPED way
by example
sUserE is Buffer = "PASSWORD"
should be
asString is ansi string= "PASSWORD"
bBuffer is buffer = asString
bufKeyU is Buffer = HashString(HA_MD5_128, "PASSWORD")
should be
bufKeyU is Buffer = HashString(HA_MD5_128, bBuffer)
so: never use directly a string "password" and always type them |
| |
| |
| | | |
|
| | |
| |
Registered member
55 messages |
|
Posted on May, 17 2021 - 2:12 PM |
thanks, and for EncryptStandard(sUserE, bufKeyU, cryptAES128)? |
| |
| |
| | | |
|
| | |
| |
Registered member
55 messages |
|
Posted on May, 17 2021 - 2:41 PM |
sorry Andorid side I think I am there but WIN side I get this error: the message decryption faild. the finalization step encryption/decryption algorithm faild.
code:
Trace("Ricevuto:" +sPdvUser)
asString is ANSI string = sPdvUser
bBuffer is Buffer = asString
bKeyU is Buffer = HashString(HA_MD5_128, bBuffer)
bEncryptU is Buffer = DecryptStandard(bBuffer, bKeyU, cryptAES128)
Trace("Decodificato:" +bEncryptU) |
| |
| |
| | | |
|
| | |
| |
Posted on May, 17 2021 - 3:05 PM |
another problem I see in your code is this:
sP=bufEncryptP
The encryption result is BINARY, and it WILL contain binary zero somewhere
In a string, binary zero is the END OF STRING, so you WILL LOOSE DATA if you do that
Try encoding the buffer in hexa or base64 for the transport... |
| |
| |
| | | |
|
| | |
| |
Registered member
55 messages |
|
Posted on May, 17 2021 - 4:27 PM |
SORRY , the code is the second post sP is a old code |
| |
| |
| | | |
|
| | |
| |
Registered member
55 messages |
|
Posted on May, 17 2021 - 5:08 PM |
Correct code:
ANDROID: it seems to work
sUser is string = EDT_user
asString is ANSI string = EDT_user
bufBBuffer is Buffer = asString
bufKeyU is Buffer = HashString(HA_MD5_128, bufBBuffer)
bufEncryptU is Buffer = EncryptStandard(bufBBuffer, bufKeyU, cryptAES128)
vRequest is Variant
vRequest.user = bufEncryptU
vRequest.pwd = sPwd
Trace(VariantToJSON(vRequest))
### TRACE : { "user":"sVLDQExGdSH6FbBU8vKrmjD\/zkXB66Sf7CDrO1g7\/Js=", "pwd":"........" }
cMyRequest is a httpRequest
cMyRequest..URL = "http://localhost:8025/Login"
cMyRequest..ContentType = "application/json"
cMyRequest..Content = VariantToJSON (vRequest)
cMyRequest..Method = httpPost
cMyResponse is a httpResponse = HTTPSend(cMyRequest)
WIN:
sFromCustomer is string
vParameters is Variant
xRisp is a JSON
sPdvUser is string
sPdvPwd is string
// Retrieves the parameter value according to syntax
sFromCustomer = WebserviceParameter(paramBuffer)
vParameters = JSONToVariant(sFromCustomer)
sPdvUser =vParameters.user
sPdvPwd = vParameters.pwd
asString is string = sPdvUser
bufBBuffer is Buffer = asString
bufKeyU is Buffer = HashString(HA_MD5_128,"PROXIMA061")
bufEncryptU is Buffer = DecryptStandard(bufBBuffer, bufKeyU, cryptAES128) // #### the message decryption faild. the finalization step encryption/decryption algorithm faild.
Trace("Decodificato:" +bufEncryptU)
// TRACE: Ricevuto:sVLDQExGdSH6FbBU8vKrmjD/zkXB66Sf7CDrO1g7/Js= |
| |
| |
| | | |
|
| | |
| |
Registered member
55 messages |
|
Posted on May, 18 2021 - 11:27 AM |
hi,
has anyone ever done something like this?
basically I would like to encrypt the data inside the JSON produced by ANDROID and decrypt them in the WIN server.
help... |
| |
| |
| | | |
|
| | | | |
| | |
|