Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Custom key for aes/rijndael on vbscript

I'm working on a JAVA program which makes requests to an asp file and it's working fine.

Now I want to encrypt POST requests, but I need to use the same key for encryption on JAVA and ASP for decrypting correctly (or that's what I think).

How can I generate a key from a String on vbscript? And do I need to custom the IV? I don't know what is that :(

(I never encrypted anything, I'm new to this)

set obj = server.CreateObject("System.Security.Cryptography.RijndaelManaged")
set utf = CreateObject("System.Text.UTF8Encoding")
s="This is a private message"
bytes=utf.GetBytes_4(s)
obj.GenerateKey()   'need to custom this
obj.GenerateIV()    'need to custom this?
set enc=obj.CreateEncryptor()
set dec=obj.CreateDecryptor()

bytec=enc.TransformFinalBlock((bytes),0,lenb(bytes))
sc=utf.GetString((bytec))
response.write sc

byted=dec.TransformFinalBlock((bytec),0,lenb(bytec))
sd=utf.GetString((byted))
response.write sd
like image 873
IXTR Unai Avatar asked Nov 08 '22 18:11

IXTR Unai


1 Answers

After a few days investigating, I'll post what I finally did. I know that isn't a good practice and I'll change it soon, but It's okay for now.

ASP CODE (decrypts java request)

response.write desencriptar(encryptedStringHere)

Function desencriptar(str)
  set obj= CreateObject("System.Security.Cryptography.RijndaelManaged")
  set utf8 = CreateObject("System.Text.UTF8Encoding")
  ekey = "16byteskeyhere" 'you'll need to change this 
  eiv = "16bytesIVhere"   'you'll need to change this 
  obj.BlockSize = 128
  obj.Key = utf8.GetBytes_4(ekey)
  obj.IV = utf8.GetBytes_4(eiv)
  obj.Padding = 5
  set decryptor=obj.CreateDecryptor()
  desencriptado = Base64ToByte(str)
  byted=decryptor.TransformFinalBlock((desencriptado),0,lenb(desencriptado))
  desencriptado = utf8.getString((byted))
  desencriptar = desencriptado
end function

Function Base64ToByte(ByVal vCode)
  Dim oXML, oNode
  Set oXML = CreateObject("Msxml2.DOMDocument.3.0")
  Set oNode = oXML.CreateElement("base64")
  oNode.dataType = "bin.base64"
  oNode.text = vCode
  Base64ToByte = oNode.nodeTypedValue
  Set oNode = Nothing
  Set oXML = Nothing
End Function 

JAVA CODE (encryption function)

public static String aesEncrypt(String value, String key, String initVector) {
    try {
        IvParameterSpec iv = new IvParameterSpec(initVector.getBytes("UTF-8"));
        SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "Rijndael");
        Cipher cipher = Cipher.getInstance("Rijndael/CBC/PKCS5PADDING");
        cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv);
        byte[] encrypted = cipher.doFinal(value.getBytes());
        return Base64.getEncoder().encodeToString(encrypted);
    } catch (Exception ex) {
        ex.printStackTrace();
    }
    return null;
}

Docs: RijndaelManaged | PaddingMode | CipherMode

like image 98
IXTR Unai Avatar answered Nov 14 '22 23:11

IXTR Unai