Encryption and Decryption between Android, PHP & node.js

Question

I'm trying to encrypt a string in Java on Android, and then decrypt it using PHP and/or node.js

I've tried http://www.androidsnippets.com/encrypt-decrypt-between-android-and-php, but only the first half the returned hex string works.

I want the encryption type of be AES with a 128 bit key (higher if possible).

The encryption key will also need to be configurable, so my issue might be related to how I padded the strings.

Java

String.format("%1$-" + n + "s", s)

PHP

$key = str_pad($key,16);

Full Java Code:

    package com.giggsey.test;


    import java.security.NoSuchAlgorithmException;

    import javax.crypto.Cipher;
    import javax.crypto.NoSuchPaddingException;
    import javax.crypto.spec.IvParameterSpec;
    import javax.crypto.spec.SecretKeySpec;

    import android.util.Log;

    
    public class SimpleCrypto {

            private String iv = "fedcba9876543210";//Dummy iv (CHANGE IT!)
            private IvParameterSpec ivspec;
            private SecretKeySpec keyspec;
            private Cipher cipher;
            
            private String SecretKey = "0123456789abcdef";//Dummy secretKey (CHANGE IT!)
            
            public void doKey(String key)
            {
                    ivspec = new IvParameterSpec(iv.getBytes());

                    key = padRight(key,16);
                    
                    Log.d("hi",key);
                    
                    keyspec = new SecretKeySpec(key.getBytes(), "AES");
                    
                    try {
                            cipher = Cipher.getInstance("AES/CBC/NoPadding");
                    } catch (NoSuchAlgorithmException e) {
                            // TODO Auto-generated catch block
                            e.printStackTrace();
                    } catch (NoSuchPaddingException e) {
                            // TODO Auto-generated catch block
                            e.printStackTrace();
                    }
            }
            
            public byte[] encrypt(String text,String key) throws Exception
            {
                    if(text == null || text.length() == 0)
                            throw new Exception("Empty string");
                    
                    doKey(key);
                    
                    byte[] encrypted = null;

                    try {
                            cipher.init(Cipher.ENCRYPT_MODE, keyspec, ivspec);

                            encrypted = cipher.doFinal(padString(text).getBytes());
                    } catch (Exception e)
                    {                       
                            throw new Exception("[encrypt] " + e.getMessage());
                    }
                    
                    return encrypted;
            }
            
            public byte[] decrypt(String code,String key) throws Exception
            {
                    if(code == null || code.length() == 0)
                            throw new Exception("Empty string");
                    
                    byte[] decrypted = null;
                    
                    doKey(key);

                    try {
                            cipher.init(Cipher.DECRYPT_MODE, keyspec, ivspec);
                            
                            decrypted = cipher.doFinal(hexToBytes(code));
                    } catch (Exception e)
                    {
                            throw new Exception("[decrypt] " + e.getMessage());
                    }
                    return decrypted;
            }
            

            
            public static String bytesToHex(byte[] data)
            {
                    if (data==null)
                    {
                            return null;
                    }
                    
                    int len = data.length;
                    String str = "";
                    for (int i=0; i<len; i++) {
                            if ((data[i]&0xFF)<16)
                                    str = str + "0" + java.lang.Integer.toHexString(data[i]&0xFF);
                            else
                                    str = str + java.lang.Integer.toHexString(data[i]&0xFF);
                    }
                    return str;
            }
            
                    
            public static byte[] hexToBytes(String str) {
                    if (str==null) {
                            return null;
                    } else if (str.length() < 2) {
                            return null;
                    } else {
                            int len = str.length() / 2;
                            byte[] buffer = new byte[len];
                            for (int i=0; i<len; i++) {
                                    buffer[i] = (byte) Integer.parseInt(str.substring(i*2,i*2+2),16);
                            }
                            return buffer;
                    }
            }
            
            

            private static String padString(String source)
            {
              char paddingChar = ' ';
              int size = 16;
              int x = source.length() % size;
              int padLength = size - x;

              for (int i = 0; i < padLength; i++)
              {
                      source += paddingChar;
              }

              return source;
            }
            
            public static String padRight(String s, int n) {
                return String.format("%1$-" + n + "s", s);  
              }
    }

PHP

<?php
class MCrypt
    {
            private $iv = 'fedcba9876543210'; #Same as in JAVA
            private $key = '0123456789abcdef'; #Same as in JAVA

            function encrypt($str,$key) {
             $key = str_pad($key,16);
              //$key = $this->hex2bin($key);
              $iv = $this->iv;

              $td = mcrypt_module_open('rijndael-128', '', 'cbc', $iv);

              mcrypt_generic_init($td, $key, $iv);
              $encrypted = mcrypt_generic($td, $str);

              mcrypt_generic_deinit($td);
              mcrypt_module_close($td);

              return bin2hex($encrypted);
            }

            function decrypt($code,$key) {
              //$key = $this->hex2bin($key);
              $code = $this->hex2bin($code);
              $iv = $this->iv;

              $td = mcrypt_module_open('rijndael-128', '', 'cbc', $iv);

              mcrypt_generic_init($td, $key, $iv);
              $decrypted = mdecrypt_generic($td, $code);

              mcrypt_generic_deinit($td);
              mcrypt_module_close($td);

              return utf8_encode(trim($decrypted));
            }

            protected function hex2bin($hexdata) {
              $bindata = '';

              for ($i = 0; $i < strlen($hexdata); $i += 2) {
                    $bindata .= chr(hexdec(substr($hexdata, $i, 2)));
              }

              return $bindata;
            }

    }

$e = new MCrypt();
$p =  $e->encrypt("This is a sample text message","password");

echo "Encrypted: {$p}" . PHP_EOL;

echo "Decrypted: ";
echo $e->decrypt($p,"password") . PHP_EOL;

echo "Java Decryption: ";

echo $e->decrypt("9cf46d007aeff7c0c3cf880c76762037278269ac508aecd55010ce68e9fd980f","password");

echo PHP_EOL;

Java Calling Script:

    String key = "password";
    String message = "This is a sample text message";
    
    String encrypted;
    try {
        SimpleCrypto s = new SimpleCrypto();
        encrypted = SimpleCrypto.bytesToHex(s.encrypt(message, key));
        Log.d("giggsey-test",encrypted);
        
    } catch (Exception e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    }
    

Output of encrypted strings:

Java: 9cf46d007aeff7c0c3cf880c76762037278269ac508aecd55010ce68e9fd980f

PHP: 9cf46d007aeff7c0c3cf880c76762037a1778e93dd596e4ce745e1f3b0ba9062

Full PHP Output:

Encrypted: 9cf46d007aeff7c0c3cf880c76762037a1778e93dd596e4ce745e1f3b0ba9062

Decrypted: 'ýA==)nÿ|ä¨

xÃæÃ,ÃÃÂasV8gE

Java Decryption: 'ýA==)nÿ|ä¨

xÃ1)òÃîÃÃA½Ã

rÂy

Answer 1

Padding was the problem with PHP.

<?php

function hex2bin($hexdata) {
   $bindata = '';

   for ($i = 0; $i < strlen($hexdata); $i += 2) {
    $bindata .= chr(hexdec(substr($hexdata, $i, 2)));
   }

   return $bindata;
} 

$key = "password";
$data = "This is a sample text message";

$key = str_pad($key,16);

$blockSize = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
$padding   = $blockSize - (strlen($data) % $blockSize);
$data      .= str_repeat(chr($padding), $padding);

$c = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $data, MCRYPT_MODE_CBC, 'fedcba9876543210');

$c = bin2hex($c);

echo $c;


echo PHP_EOL;


$c = hex2bin($c);
$td = mcrypt_module_open(MCRYPT_RIJNDAEL_128,'',MCRYPT_MODE_CBC, '');
mcrypt_generic_init($td, $key, 'fedcba9876543210');
$decrypted = mdecrypt_generic($td, $c);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);

echo $decrypted;

It now returns the same as Java when encrypting, and I can decrypt the message fine.

Answer 2

Hi Please Check this link.

Here Check Last Comment Said That "This doesn’t work with UNICODE characters"

This is work on UTF-8 characters

This is what I do with my string before encryption:

myUtf8String = new String(myString.getBytes("UTF-8"));