Search code examples
.netcryptographyaessha1

.NET to Progress 4GL Cryptography

I have a VB.NET application I am trying to send encrypted information to a Progress 4GL 10.2B application. I have matched the Iteration Count, Salt, Private Key, and Initialization Vector. I cannot understand why we are generating different keys. I am using silverlight in .NET and the rfc2898derivebytes class uses a HMACSHA-1 hashing algorithm were as progress uses a SHA-1 hashing algorithm. I am trying to see how can I map the two systems to transfer simple strings.

Below is the VB.NET Code

enter codePublic Class OASISCryptography

Const _privateKey As String = "MEXMUELLER"

Public Shared Function GetSalt() As Byte()
    Dim salt() As Byte = New Byte(7) {}
    Dim s As New RNGCryptoServiceProvider
    s.GetBytes(salt)
    Return salt
End Function

Public Shared Function EncryptValue(ByVal data As String, ByVal salt() As Byte) As Byte()
    Using myAes As New AesManaged()
        Dim salt2() As Byte = System.Text.Encoding.UTF8.GetBytes("JosephsT")
        Dim Key As System.Security.Cryptography.Rfc2898DeriveBytes = New Rfc2898DeriveBytes(_privateKey, salt, 2000)
        myAes.Key = Key.GetBytes(128 / 8)
        myAes.IV = System.Text.Encoding.UTF8.GetBytes("HR$2pIjHR$2pIj12")
        Dim encrypted As Byte() = EncryptStringFunction(data, myAes.Key, myAes.IV)
        Return encrypted
    End Using
End Function

Public Shared Function DecryptValue(ByVal data() As Byte, ByVal salt() As Byte) As String
    Using myAes As New AesManaged()
        Dim salt2() As Byte = System.Text.Encoding.UTF8.GetBytes("JosephsT")
        Dim Key As System.Security.Cryptography.Rfc2898DeriveBytes = New Rfc2898DeriveBytes(_privateKey, salt2, 2000)
        myAes.Key = Key.GetBytes(128 / 8)
        Dim genKey As String = Nothing
        For Each g In myAes.Key
            genKey = genKey & g
        Next
        myAes.IV = System.Text.Encoding.UTF8.GetBytes("HR$2pIjHR$2pIj12")
        Dim decrypted As String = DecryptStringFunction(data, myAes.Key, myAes.IV)
        Return decrypted
    End Using
End Function

Public Shared Function EncryptStringFunction(ByVal data As String, ByVal Key() As Byte, ByVal IV() As Byte) As Byte()
    'check arguments
    If data Is Nothing OrElse data.Length <= 0 Then
        Throw New ArgumentNullException("data")
    End If
    If Key Is Nothing Or Key.Length <= 0 Then
        Throw New ArgumentNullException("Key")
    End If
    If IV Is Nothing Or IV.Length <= 0 Then
        Throw New ArgumentNullException("IV")
    End If
    Dim encrypted() As Byte
    Using aesALG As New AesManaged()
        aesALG.Key = Key
        aesALG.IV = IV
        ' Create a encryptor to perform the stream transform. 
        Dim encryptor As ICryptoTransform = aesALG.CreateEncryptor(aesALG.Key, aesALG.IV)
        ' Create the streams used for encryption. 
        Using msEncrypt As New MemoryStream
            Using csEncrypt As New CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write)
                Using swEncrypt As New StreamWriter(csEncrypt)
                    'Write all data to the stream.
                    swEncrypt.Write(data)
                End Using
            End Using
            encrypted = msEncrypt.ToArray
        End Using
    End Using
    Return encrypted
End Function

Public Shared Function DecryptStringFunction(ByVal encrytedData() As Byte, ByVal Key() As Byte, ByVal IV() As Byte) As String
    If encrytedData Is Nothing Or encrytedData.Length <= 0 Then
        Throw New ArgumentNullException("EncryptedData")
    End If
    If Key Is Nothing Or Key.Length <= 0 Then
        Throw New ArgumentNullException("Key")
    End If
    If IV Is Nothing Or IV.Length <= 0 Then
        Throw New ArgumentNullException("IV")
    End If
    Dim plainText As String = Nothing
    Using aesALG As New AesManaged()
        aesALG.Key = Key
        aesALG.IV = IV
        Dim decryptor As ICryptoTransform = aesALG.CreateDecryptor(aesALG.Key, aesALG.IV)
        Using msDecrypt As New MemoryStream(encrytedData)
            Using csDecrypt As New CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read)
                Using srDecrypt As New StreamReader(csDecrypt, True)                     
                    plainText = srDecrypt.ReadToEnd
                End Using
            End Using
        End Using
    End Using
    Return plainText
End Function
End Class

and here is the progress implementation

SECURITY-POLICY:SYMMETRIC-ENCRYPTION-ALGORITHM = "AES_CBC_128".
SECURITY-POLICY:PBE-KEY-ROUNDS = 2000.
SECURITY-POLICY:PBE-HASH-ALGORITHM = "SHA-1".   
 /*SECURITY-POLICY:SYMMETRIC-ENCRYPTION-IV = ? /*mymemptr*/ /*IV*/. */

/* first, decrypt username */
SECURITY-POLICY:ENCRYPTION-SALT = ip-value3.
SECURITY-POLICY:SYMMETRIC-ENCRYPTION-KEY = GENERATE-PBE-KEY (password,ip-value3).
qadusername = get-string(DECRYPT (ip-value1),1).
qadpasswd = get-string(DECRYPT (ip-value2),1).
output to /tmp/decrypt.tst append.
put unformatted qadusername "-" qadpasswd skip .
output close.

qadusername = replace(qadusername,"SPD/","").
for first usr_mstr no-lock where
usr_mstr.usr_active and
usr_userid = qadusername and
usr_passwd = encode(qadpasswd) :
op-value1= true.
END.

/* second, encrypt a value and send back*/
/*
SECURITY-POLICY:ENCRYPTION-SALT = GENERATE-PBE-SALT.*/
salt-value = SECURITY-POLICY:ENCRYPTION-SALT.
/*
SECURITY-POLICY:SYMMETRIC-ENCRYPTION-KEY = GENERATE-PBE-KEY (password,ip-value3).
 */
op-value2 = ENCRYPT ("joe wears a tootoo and a dress!").
op-value3 = salt-value.
op-value4 = IV.
op-value5 = GENERATE-PBE-KEY (password).
Solution

  • I know I am answering my own question but if anybody has a better way to do this let me know... For anybody that is trying to accomplish this you will need this code. I have IV static at the moment but for good measure you would usually not do this. You will generate that dynamically and pass it

     Public Shared Function EncryptValue(ByVal data As String, ByVal salt() As Byte) As Byte()
    Using myAes As New AesManaged
        Dim key2 As PasswordDeriveBytes = New PasswordDeriveBytes(_privateKey, salt)
        key2.IterationCount = 2000
        key2.HashName = "SHA1"
        myAes.Padding = PaddingMode.PKCS7
        myAes.Mode = CipherMode.CBC
        myAes.KeySize = myAes.LegalKeySizes(0).MinSize
        myAes.BlockSize = myAes.LegalBlockSizes(0).MinSize
        myAes.IV = System.Text.Encoding.UTF8.GetBytes("HR$2pIjHR$2pIj12")
        myAes.Key = key2.GetBytes(16)
        Dim encrypted As Byte() = EncryptStringFunction(data, myAes.Key, myAes.IV)
        Return encrypted
    End Using
End Function

Public Shared Function DecryptValue(ByVal data() As Byte, ByVal salt() As Byte) As String
    Using myAes As New AesManaged
        Dim key2 As PasswordDeriveBytes = New PasswordDeriveBytes(_privateKey, salt)
        key2.IterationCount = 2000
        key2.HashName = "SHA1"            
        myAes.Padding = PaddingMode.PKCS7
        myAes.Mode = CipherMode.CBC
        myAes.KeySize = myAes.LegalKeySizes(0).MinSize
        myAes.BlockSize = myAes.LegalBlockSizes(0).MinSize
        myAes.IV = System.Text.Encoding.UTF8.GetBytes("HR$2pIjHR$2pIj12")
        myAes.Key = key2.GetBytes(16)
        Dim decrypted As String = DecryptStringFunction(data, myAes.Key, myAes.IV)
        Return decrypted
    End Using
End Function