Click here to Skip to main content
15,867,308 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
Hi,

I'm performing an AES encryption/decryption process (using the Chilkat AES encryption functions).
The encryption result is performed smoothly and being sent from the client to the server.

The problem is with the decryption function, every time the function tries to decrypt the received encrypted-result, it returns garbage!!!!
Although I've made sure that the required parameters (used within the encryption function) are correct, such as the initialization vector, shared secret key, and even the properties are the same.

NOTE: the initialization vector is being appended (in clear text) to the encrypted message and sent to the server. Once it reaches the server-side,it is split from the encrypted message before the following decryption function executes. Thus, it is identical to the one used in encryption.

the following is the encryption function, which is working properly:

C++
const char * Client_Side::AES_Encrypt(const char * msg1, const char * C_sessionKey, const char * ivector)
{
   CkCrypt2 crypt;

	bool success = crypt.UnlockComponent("****************");
	if (success != true) {
		std::cout << crypt.lastErrorText() << "\r\n";
		//return;
	}


	//  Encrypt something...
	crypt.put_CryptAlgorithm("aes");
	crypt.put_KeyLength(128);
	crypt.put_CipherMode("cbc");
	crypt.SetEncodedKey(C_sessionKey,"base64");
	crypt.SetEncodedIV(ivector,"base64");
	crypt.put_EncodingMode("base64");


	//  Encrypt some text:
	const char *cipherText64 = 0;
	cipherText64 = crypt.encryptStringENC(msg1);
	std::cout <<"\n\nENCRYPTED MESSAGE1: "<< cipherText64 << "\r\n";
        return cipherText64;}



the following is the Decryption code, which returns garbage:

C++
const char * Server_Side::AES_Decrypt(const char * Enc_Msg1, const char * SrvSessionKey
																  ,const char * iv)
  {
	CkCrypt2 decrypt;

	 bool success = decrypt.UnlockComponent("******************");
	if (success != true) {
		std::cout << decrypt.lastErrorText() << "\r\n"; }


	//  Decrypt something...
	decrypt.put_CryptAlgorithm("aes");
	decrypt.put_KeyLength(128);
	decrypt.put_CipherMode("cbc");
	decrypt.SetEncodedKey(SrvSessionKey,"base64");
	decrypt.SetEncodedIV(iv,"base64");
	decrypt.put_EncodingMode("base64");


	std::cout<<"\nKEY: "<<SrvSessionKey;
	std::cout<<"\nIV: "<< iv;
	std::cout<<"\nMESSAGE TO BE DECRYPTED:"<<"\r\n"<<Enc_Msg1;


	const char * Decrypted_Message1 = 0;
	Decrypted_Message1 = decrypt.decryptStringENC(Enc_Msg1);
	std::cout <<"\n\nDecrypted_Message1:"<<"\r\n"<<Decrypted_Message1;
	std::cout <<"\n\nLength"<< strlen(Decrypted_Message1);
	return Decrypted_Message1;
 }


Please, I need help with this.

What I have tried:

1- I've tried putting the decrypt function in the main, still didn't work.
2- made sure that the initialization vector, and the shared secret key are identical.
3- changed the encoding mode in both functions, did not work.
4- triedd generating the shared secret key within the same decrypt function, did not work.
Posted
Updated 15-Dec-16 4:44am

Quote:
The problem is with the decryption function, every time the function tries to decrypt the received encrypted-result, it returns garbage!!!!

How do you know that the problem is in decryption function ?
The fact that encryption function return encrypted string do not imply that the encrypted string is correct.

You have a lot of thinks to do:
- make a single program that encrypt and decrypt, forget about the server as long as the single program don't work as expected.
- Find a testcase that include all settings, message to encrypt, key and encrypted message. You will use it to know which function works.
- Use the debugger to ensure that every thing is as expected.

-----
You should learn to use the debugger as soon as possible. Rather than guessing what your code is doing, It is time to see your code executing and ensuring that it does what you expect.

Debugger - Wikipedia, the free encyclopedia[^]
Mastering Debugging in Visual Studio 2010 - A Beginner's Guide[^]

The debugger is here to show you what your code is doing and your task is to compare with what it should do.
There is no magic in the debugger, it don't find bugs, it just help you to. When the code don't do what is expected, you are close to a bug.
 
Share this answer
 
Comments
raniam 14-Dec-16 23:21pm    
is it possible to run the debugger on two different projects at the same time?, as the client and the server needs to operate together.
Patrice T 14-Dec-16 23:33pm    
Yes, run 1 debugger on client and 1 on server.
Philippe Mori 15-Dec-16 9:51am    
As suggested, it might make sense to create a combined project. When you debug a client/server, usually you have some time out (on the client) if it take more than a few minutes to debug the code on the server.

For testing purpose, you might use hard-coded values so you don't need the whole client code.

In reality, in a properly designed application that kind of code would be testable and you would instead debug your unit test to see where the function fails.
raniam 15-Dec-16 20:32pm    
I've tried running both debuggers at the same time on C++ Builder XE3, but it didn't work.
You were right, the problem was on the client-side, in which the encryption occurs.
I fixed the problem by generating the session key and the IV within the same Client-socket function, instead of having their own functions. next, I performed the encryption process.
The problem is most in such cases, that input data format isnt the proper format and gets casted to some data which gets encrypted. Another common issue is that, the cypher process isnt correct initialized.

Take a look at this example code from Chilkat to find your bugs.

Tip: use some test data to verify your implementation.
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900