CryptDeriveKey Replication in Coldfusion

Question

CryptDeriveKey Replication in Coldfusion

I am working on a project to decrypt an AES-128 encrypted string in ColdFusion, which is passed as a URL parameter.

The provider accepts the missing phrase and converts it into a valid AES-128 key "using an algorithm equivalent to Microsoft CryptDeriveKey using the SHA-1 hash function". I need to replicate this generated Key in ColdFusion so that I can use the value in my decrypt () call.

When using CryptDeriveKey, you pass the encryption type, Hash type, block length and array 0 iv and returns Hash. Source: Creating a key from a password

// generate an RC2 key
byte[] iv = new byte[] { 0, 0, 0, 0, 0, 0, 0, 0 };
byte[] key = cdk.CryptDeriveKey("RC2", "SHA1", 128, iv);

In a vendor testing tool, the phrase “test1234” hashes:

 A6455C7A24BC5E869B0DDF647238F5DA

genAESKeyFromPW() UDF, , , , , CryptDeriveKey . . , Hash() AES-128:

<cfset generatedKey = Hash('test1234', 'SHA-1')>
<cfset decrypted=decrypt(encryptedString, generatedKey, 'AES/CBC/PKCS7Padding', 'Base64', '0')>

CryptDeriveKey?

Update:

#:

public static byte[] AesDecryptBytes(byte[] cipherText, byte[] key)
{
    byte[] IV = new byte[16];

    AesManaged aes = new AesManaged();
    aes.Mode = CipherMode.CBC;
    aes.Padding = PaddingMode.PKCS7;
    ICryptoTransform decryptor = aes.CreateDecryptor(key, IV);

    byte[] plainBytes;

    using (MemoryStream memoryStream = new MemoryStream())
    {
        using (CryptoStream cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Write))
        {
            cryptoStream.Write(cipherText, 0, cipherText.Length);
        }

        plainBytes = memoryStream.ToArray();
    }

    return plainBytes;
}

+4

coldfusion encryption

Stephen Sharpe 15 . '17 15:20

1

Leigh · Accepted Answer · 2017-06-19T19:44:54+0000

, , , , XOR . 100%, , , , PBKDF1 PBKDF2.

n - . n - , - CryptDeriveKey. SHA-2 3DES AES, :
64- , 0x36 64 . k - -, hBaseData. k XOR k , hBaseData.
64- , 0x5C 64 . k XOR k -, hBaseData.
1, , -, hBaseData.
2, , -, hBaseData.
3 4.
n 5 .

CF

binaryDecode:

hBaseData = binaryDecode(hash("test1234", "SHA1"), "hex");

:

// 0x36 (i.e. 54 decimal)
buff1 = listToArray(repeatString("54,", 64)); 
// 0x5C (i.e. 92 decimal)
buff2 = listToArray(repeatString("92,", 64));

XOR, :

for (k = 1; k <= arrayLen(hBaseData); k++) {
    buff1[k] = BitXOR( buff1[k], hBaseData[k]);
    buff2[k] = BitXOR( buff2[k], hBaseData[k]);
}

() , :

hash1 = hash( javacast("byte[]", buff1), "SHA1");
hash2 = hash( javacast("byte[]", buff2), "SHA1");
combined = hash1 & hash2;

, n (16 == 128 /8) . CF hash() ( ), .

keySize = 128 / 8;
newKey = left(combined, keySize *2);

: A6455C7A24BC5E869B0DDF647238F5DA

CF

:

/ CF , base64. . :
"PKCS7Padding" CF/Java. PKCS5Padding.
"CBC" IV. IV - , ( AES = 16 ). "... [ ] ". API, IV . ( , ).

. ColdFusion

:

encrypted = "1lqcm0Jiy4Rs29tz2jpuoQ==";
newKeyHex = "A6455C7A24BC5E869B0DDF647238F5DA";
keyBase64 = binaryEncode(binaryDecode(newKeyHex, "hex"), "base64");
iv = javacast("byte[]", [0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]);
decrypted = decrypt(encrypted, keyBase64, "AES/CBC/PKCS5Padding", "Base64", iv);
writeOutput("<br>"& decrypted);

: recordID=000001

CryptDeriveKey Replication in Coldfusion

More articles: