Click here to Skip to main content
15,885,757 members
Search within:


First 16 characters of decryption is garbage, the rest is decrypted correctly!
Please Sign up or sign in to vote.
1.00/5 (1 vote)
See more:
C++
Builder
Hello,

I'm performing an encryption/decryption functions within a client/server application.

the server sends an encrypted value to the client.
NOTE: The part where I copy the encrypted value into char * have solved the problem of sending the value to the client with the first character missing.


C#
const char * Enc_Message2 = AES_Encrypt(Message2, Shared_Session_Key_S, I_V);
	cout<<"\n\nENCRYPTED MESSAGE2 {S,nb,ns}:";
	cout<<"\n============================="<<"\r\n"<<Enc_Message2;
	//cout<<"\n\nSIZE OF ENCRYPTED MESSAGE2: "<<sizeof(Enc_Message2);
	//cout<<"\n\nSIZE OF ENCRYPTED MESSAGE2 {S,nb,ns}: "<<sizeof(Enc_Message2);

	int e = strlen(Enc_Message2);
	char * enc_msg2 = new char[e+1];
	strcpy(enc_msg2, Enc_Message2);

	s5 =clientSock->SendString(enc_msg2);
	 if (s5 != true) {
		std::cout << clientSock->lastErrorText() << "\r\n";
		return;	}



Next, the client receives the value correctly and starts decrypting it, but the first 16 characters are garbage, and the rest of the decrypted value is correct.

C++
const char * Recieved_Enc_Msg2 = 0;
	 Recieved_Enc_Msg2 = socket.receiveString();
		if (Recieved_Enc_Msg2 == 0 ) {
		std::cout << socket.lastErrorText();
		return;
	}
	std::cout<<"\n\nRECIEVED MESSAGE2: "<<"\r\n"<<Recieved_Enc_Msg2;

	 const char * Dec_Msg2 = AES_Decrypt(Recieved_Enc_Msg2, s_sessionKey, iv);
	 cout<<"\n\nDECRYPTED MESSAGE2: "<<"\r\n"<<Dec_Msg2;


the following is the AES Decryption process:

C#
nst char * Client_Side::AES_Decrypt(const char * Enc_Msg2, const char * Client_sessionKey, const char * i_v)
  {
	CkCrypt2 decrypt;

	 bool success = decrypt.UnlockComponent("****************");
	if (success != true) {
		std::cout << decrypt.lastErrorText() << "\r\n";
		//return;
	}

	//  Decrypt something...
	decrypt.put_CryptAlgorithm("aes");
	decrypt.put_KeyLength(128);
	decrypt.put_CipherMode("cbc");
	decrypt.SetEncodedKey(Client_sessionKey,"base64");
	decrypt.SetEncodedIV(i_v,"base64");
	decrypt.put_EncodingMode("base64");

	//  Use an IV that is the MD5 hash of the session key...
/*	const char *iv = 0;
	iv = decrypt.hashStringENC(shared_secret_key_S);

	//  AES uses a 16-byte IV:
	cout << "Initialization Vector:" << "\r\n";
	cout << iv << "\r\n";   */


	const char * Decrypted_Message2 ;
	//Decrypted_Message1 = decrypt.decryptEncoded(rec_enc_msg1);
	Decrypted_Message2 = decrypt.decryptStringENC(Enc_Msg2);

	cout <<"\n\nLength"<< strlen(Decrypted_Message2);
	return Decrypted_Message2;
 }


What I have tried:

1- tried copying the const char * into a new char *, didn't work.
Posted
Updated 15-Dec-16 21:42pm
Add a Solution

1 solution

You are returning a pointer to the decrypted message which is no longer valid:
const char * Client_Side::AES_Decrypt(/*...*/)
{
    CkCrypt2 decrypt;
    // ...
    const char * Decrypted_Message2 ;
    //Decrypted_Message1 = decrypt.decryptEncoded(rec_enc_msg1);
    Decrypted_Message2 = decrypt.decryptStringENC(Enc_Msg2);
    // ...
    return Decrypted_Message2;
}

CkCrypt2 will allocate an internal buffer for the decrypted string which is returned by the decrypt function. When returning from your function, the CkCrypt2 instance decrypt goes out of scope, the destructur is called, and the buffer is released. So the value returned by your function is still pointing to the buffer address but the memory content is undefined.


Also your network transfer is at least suspicious:

How does socket.receiveString() detects the end of a received string?
Is clientSock->SendString() sending a NULL terminated string or is there some kind of protocol used that contains the string length?
 
Share this answer
 
Posted
Comments
raniam 16-Dec-16 19:51pm    
Hi,
I've already add the following lines at the end of the AES_Decrypt function, and still didn't work

int g = strlen(Decrypted_Message2);
char * DEC_msg2 = new char[g+1];
strcpy(DEC_msg2,Decrypted_Message2);

return DEC_msg2;
Jochen Arndt 17-Dec-16 3:25am    
Then you have other errors too.

As far as I remember you have been already told to check the encryption/standalone without network transfer. Do so, and test your network transfer with a normal string.

Alternatively check if the encrypted string received by the client is identical to those send by just printing both of them.

To check the encryption / decryption use known reference strings. These are usually available for different methods. That will show you if encryption, decryption, or both are failing.

This will narrow down where to search for the failure.

Detecting errors by reading code here is much harder than sitting in front of an IDE which provides debugging features and where some tests can be implemented quickly.

The error solved in my solution was obvious. But others just require debugging or using test methods like using known reference data. But this must be done by you. Or you find someone that is doing that for you after giving him the complete code. But CP is not the right place for that because we are unpaid volunteers here.
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
Decrypting in javascript
Global on transit decryption using WCF
Decryption function returns garbage ! ! !
Decrypting with blowfish.
Encryption and decryption without special character
Length of the data to decrypt is invalid
Encrpted and Decrypted password
Problem implementing bouncy castle encryption/decryption
How do I decrypt encoded string using CBC-AES-256 decryption in c#
Encrypt and decrypt input data to create a 16 to 24 digit alphanumeric string

Advertise
Privacy
Cookies
Terms of Use
Last Updated 16 Dec 2016
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web01 2.8:2024-04-02:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900