AES Encryption in android and decryption in php and vice versa

I am trying to learn AES by testing my code against https://aesencryption.net. I previously had an error in Base64.encodeBase64String and also Base64.decodeBase64 // encode/decode Base64. So I manipulated Base64 somehow to resolve the error. Now in my app the text is encrypted and decrypted properly, I think. But when I try to encrypt or decrypt the same text server-side (at aesencryption.net), the site is not able to decrypt my encrypted string. Please help.

Following is my code :

public class MainActivity extends AppCompatActivity {

    static final String TAG = "SymmetricAlgorithmAES";
    private static SecretKeySpec secretKey ;
    private static byte[] key ;


    @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_main);
        // Original text
        // {"type":"Success","httpCode":"200","code":"200","message":{"pin":"11111"},"extra":""}
        String theTestText = "hi";
        TextView tvorig = (TextView)findViewById(R.id.tvorig);
        tvorig.setText("n[ORIGINAL]:n" + theTestText + "n");
        final String strPssword = "android";
        setKey(strPssword);

        // Encode the original data with AES
        byte[] encodedBytes = null;
        try {
            Cipher c = Cipher.getInstance("AES");
            c.init(Cipher.ENCRYPT_MODE,secretKey);
            encodedBytes = c.doFinal(theTestText.getBytes());
        } catch (Exception e) {
            Log.e(TAG, "AES encryption error");
        }

        TextView tvencoded = (TextView)findViewById(R.id.tvencoded);
        tvencoded.setText("[ENCODED]:n" +
                Base64.encodeToString(encodedBytes, Base64.DEFAULT) + "n");

        Log.d(TAG, Base64.encodeToString(encodedBytes, Base64.DEFAULT));


        // Decode the encoded data with AES
        byte[] decodedBytes = null;
        try {
            Cipher c = Cipher.getInstance("AES");
            c.init(Cipher.DECRYPT_MODE, secretKey);
            decodedBytes = c.doFinal(encodedBytes);
        } catch (Exception e) {
            Log.e(TAG, "AES decryption error");
        }
        TextView tvdecoded = (TextView)findViewById(R.id.tvdecoded);
        tvdecoded.setText("[DECODED]:n" + new String(decodedBytes) + "n");
    }



    public static void setKey(String myKey){
        MessageDigest sha = null;
        try {
            key = myKey.getBytes("UTF-8");
            System.out.println(key.length);
            sha = MessageDigest.getInstance("SHA-1");
            key = sha.digest(key);
            key = Arrays.copyOf(key, 16); // use only first 128 bit
            System.out.println(key.length);
            System.out.println(new String(key,"UTF-8"));
            secretKey = new SecretKeySpec(key, "AES");


        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        }

    }

}

JavaScript
​x
 
public class MainActivity extends AppCompatActivity {​    static final String TAG = "SymmetricAlgorithmAES";    private static SecretKeySpec secretKey ;    private static byte[] key ;​​    @Override    protected void onCreate(Bundle savedInstanceState) {        super.onCreate(savedInstanceState);        setContentView(R.layout.activity_main);        // Original text        // {"type":"Success","httpCode":"200","code":"200","message":{"pin":"11111"},"extra":""}        String theTestText = "hi";        TextView tvorig = (TextView)findViewById(R.id.tvorig);        tvorig.setText("n[ORIGINAL]:n" + theTestText + "n");        final String strPssword = "android";        setKey(strPssword);​        // Encode the original data with AES        byte[] encodedBytes = null;        try {            Cipher c = Cipher.getInstance("AES");            c.init(Cipher.ENCRYPT_MODE,secretKey);            encodedBytes = c.doFinal(theTestText.getBytes());        } catch (Exception e) {            Log.e(TAG, "AES encryption error");        }​        TextView tvencoded = (TextView)findViewById(R.id.tvencoded);        tvencoded.setText("[ENCODED]:n" +                Base64.encodeToString(encodedBytes, Base64.DEFAULT) + "n");​        Log.d(TAG, Base64.encodeToString(encodedBytes, Base64.DEFAULT));​​        // Decode the encoded data with AES        byte[] decodedBytes = null;        try {            Cipher c = Cipher.getInstance("AES");            c.init(Cipher.DECRYPT_MODE, secretKey);            decodedBytes = c.doFinal(encodedBytes);        } catch (Exception e) {            Log.e(TAG, "AES decryption error");        }        TextView tvdecoded = (TextView)findViewById(R.id.tvdecoded);        tvdecoded.setText("[DECODED]:n" + new String(decodedBytes) + "n");    }​​​    public static void setKey(String myKey){        MessageDigest sha = null;        try {            key = myKey.getBytes("UTF-8");            System.out.println(key.length);            sha = MessageDigest.getInstance("SHA-1");            key = sha.digest(key);            key = Arrays.copyOf(key, 16); // use only first 128 bit            System.out.println(key.length);            System.out.println(new String(key,"UTF-8"));            secretKey = new SecretKeySpec(key, "AES");​​        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();        } catch (UnsupportedEncodingException e) {            e.printStackTrace();        }​    }​}​

Thanks in advance.

Answer

I do something like this which actually works 😉

public class AESCrypter {
    private final Cipher cipher;
    private final SecretKeySpec key;
    private AlgorithmParameterSpec spec;


    public AESCrypter(String password) throws Exception
    {
        // hash password with SHA-256 and crop the output to 128-bit for key
        MessageDigest digest = MessageDigest.getInstance("SHA-256");
        digest.update(password.getBytes("UTF-8"));
        byte[] keyBytes = new byte[32];
        System.arraycopy(digest.digest(), 0, keyBytes, 0, keyBytes.length);

        cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
        key = new SecretKeySpec(keyBytes, "AES");
        spec = getIV();
    }

    public AlgorithmParameterSpec getIV()
    {
        byte[] iv = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, };
        IvParameterSpec ivParameterSpec;
        ivParameterSpec = new IvParameterSpec(iv);

        return ivParameterSpec;
    }

    public String encrypt(String plainText) throws Exception
    {
        cipher.init(Cipher.ENCRYPT_MODE, key, spec);
        byte[] encrypted = cipher.doFinal(plainText.getBytes("UTF-8"));
        String encryptedText = new String(Base64.encode(encrypted, Base64.DEFAULT), "UTF-8");

        return encryptedText;
    }

    public String decrypt(String cryptedText) throws Exception
    {
        cipher.init(Cipher.DECRYPT_MODE, key, spec);
        byte[] bytes = Base64.decode(cryptedText, Base64.DEFAULT);
        byte[] decrypted = cipher.doFinal(bytes);
        String decryptedText = new String(decrypted, "UTF-8");

        return decryptedText;
    }
}

JavaScript
 
public class AESCrypter {    private final Cipher cipher;    private final SecretKeySpec key;    private AlgorithmParameterSpec spec;​​    public AESCrypter(String password) throws Exception    {        // hash password with SHA-256 and crop the output to 128-bit for key        MessageDigest digest = MessageDigest.getInstance("SHA-256");        digest.update(password.getBytes("UTF-8"));        byte[] keyBytes = new byte[32];        System.arraycopy(digest.digest(), 0, keyBytes, 0, keyBytes.length);​        cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");        key = new SecretKeySpec(keyBytes, "AES");        spec = getIV();    }​    public AlgorithmParameterSpec getIV()    {        byte[] iv = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, };        IvParameterSpec ivParameterSpec;        ivParameterSpec = new IvParameterSpec(iv);​        return ivParameterSpec;    }​    public String encrypt(String plainText) throws Exception    {        cipher.init(Cipher.ENCRYPT_MODE, key, spec);        byte[] encrypted = cipher.doFinal(plainText.getBytes("UTF-8"));        String encryptedText = new String(Base64.encode(encrypted, Base64.DEFAULT), "UTF-8");​        return encryptedText;    }​    public String decrypt(String cryptedText) throws Exception    {        cipher.init(Cipher.DECRYPT_MODE, key, spec);        byte[] bytes = Base64.decode(cryptedText, Base64.DEFAULT);        byte[] decrypted = cipher.doFinal(bytes);        String decryptedText = new String(decrypted, "UTF-8");​        return decryptedText;    }}​

Call this class like this :

 try {
            AESCrypter _crypt = new AESCrypter("password");
            String output = "";
            String plainText = "top secret message";
            output = _crypt.encrypt(plainText); //encrypt
            System.out.println("encrypted text=" + output);
            output = _crypt.decrypt(output); //decrypt
            System.out.println("decrypted text=" + output);
        } catch (Exception e) {
            e.printStackTrace();
        }

JavaScript
 
 try {            AESCrypter _crypt = new AESCrypter("password");            String output = "";            String plainText = "top secret message";            output = _crypt.encrypt(plainText); //encrypt            System.out.println("encrypted text=" + output);            output = _crypt.decrypt(output); //decrypt            System.out.println("decrypted text=" + output);        } catch (Exception e) {            e.printStackTrace();        }​

And for iPhone (Code is here) : https://github.com/Gurpartap/AESCrypt-ObjC

Hope this code works for you too 🙂

Advertisement

Answer