You are not logged in.
Pages: 1
Hi,
im trying to modify the android-receiver application i found on pbrisbin's github account so it can decrypt packages sent by the android-notifier app. I've set up the Key-Generation method to be the same as in the android-application yet the decryption does not work properly. In the android application the key is generated from a string entered by the user and then converted to a byte-key using a MD5-Hashing algorithm. My Implementation in C looks like this:
static int key_init(unsigned char *key_data, int key_data_len, EVP_CIPHER_CTX *ctx) {
int i, nrounds = 10;
unsigned char key[32], iv[32];
i = EVP_BytesToKey(EVP_aes_256_cbc(), EVP_md5(), NULL, key_data, key_data_len, nrounds, key, iv);
if(i != 32)
printf("The Decryption key has the wrong size\n");
EVP_CIPHER_CTX_init(ctx);
EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv);
return 0;
}
static char *decrypt(EVP_CIPHER_CTX *ctx, unsigned char *ciphertext, int *len){
int p_len = *len, f_len = 0;
unsigned char *plaintext = malloc(p_len + AES_BLOCK_SIZE);
EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL);
EVP_DecryptUpdate(ctx, plaintext, &p_len, ciphertext, *len);
EVP_DecryptFinal_ex(ctx, plaintext+p_len, &f_len);
*len = p_len + f_len;
return plaintext;
}
Does anyone have an idea where the error lies? One possibility i could image is that java uses a different version of the PCKS algorithm, resulting in a different key while using the same input data.
Thanks in advance.
Edit: Here is the Function from the official Android-Notifier desktop application for comparison.
public static byte[] passPhraseToKey(String passphrase) {
byte[] passPhraseBytes;
try {
passPhraseBytes = passphrase.getBytes("UTF8");
} catch (UnsupportedEncodingException e) {
throw new IllegalArgumentException(e);
}
// Hash it multiple times to keep the paranoid people happy :)
byte[] keyBytes = passPhraseBytes;
for (int i = 0; i < NUM_HASHES; i++) {
keyBytes = doDigest(keyBytes, HASH_ALGORITHM);
}
return keyBytes;
}
public Encryption(byte[] keyBytes) {
// Use an MD5 to generate an arbitrary initialization vector
iv = doDigest(keyBytes, "MD5");
keySpec = new SecretKeySpec(keyBytes, ENCRYPTION_KEY_TYPE);
}
Last edited by sunaj (2012-11-05 14:26:30)
Offline
I found the soultion. Apparently i used the wrong bit sizes for the AES_BLOCK_SIZE, padding and the encryption algorithm. (Java is using only 128 bit encryption)
Last edited by sunaj (2012-11-05 14:27:58)
Offline
Pages: 1