Written on April 4th 2008, 13:04 by sYnie
My last post about AESCryptLz got real good feedback. As I’m trying out a lot of different encryption algorithms, there is the next one. But this is only a pre-version of the upcoming pack of AESCryptLz. It doesn’t include an example for Java and it’s not really commented. But you can use it anyway, because it’s doing its job.
To be done:
- Java backend example
- Better documentation
- Implementation of MD5 checksums to provide encoding via password
- Bug fixes (?)
The new Version of AESCryptLz is based on the set of JavaScript functions developed by Chris Veness and it’s released under the LGPL. Thanks a lot to him, for his great work.
In detail, it uses the AES/CTR algorithm without padding. The class generates encrypted byte-arrays and also needs byte-arrays to decrypt them. I’m not using HEX-Strings anymore, because it’s much faster, when I’m doing this calculations without any converting. As I’m using Red5 for the backend, it’s really easy to send and get byte-arrays. But I’ll explain how, next week.
Also I’ve implemented a way to encrypt using LzIdle. So you can use it to en-/decrypt things in backgrund. The used vector is stored in the first 8 bytes of the generated byte-array. The following bytes are the encrypted text. So it also needs the used vector in the first 8 byte, if you want to decrypt a byte-array, generated by other algorythms.
Here are the files:
I think I am on a good way with this class. It’s faster and much smaller than the last one.
So stay tuned for any updates.
Written on March 19th 2008, 19:03 by sYnie
Some days ago, I started to search for a usefull code-snipet to de- and encrypt files or strings in OpenLaszlo. Everything I found were some posts about hash creation. So I started to search for JavaScript solutions to port them to OpenLaszlo. Mixing this with some hash creation algorithms and an own class to handle all those functions is compiled together to “AESCryptLz”. It can be used to de- and encrypt everything you want.
The used algorithm de-/encrypts via AES/ECB without Padding. You can de-/encrypt with a 128 bit key only. To do so, you can either use a 128 bit hex string or an ASCII string as “password”. If you use the ASCII key, then AESCryptLz will generate a MD5 hash out of it, to use it as a 128 bit hex key. All the encrypted data will be returned as a hex string. Also the data you, want to encrypt, needs to be a hex string.
Sounds a bit confusing, but it’s explained at the top of the source code.
To create this little set of classes, I ported a JavaScript library created by Eugene Styer. He allowed me to use his source code under the GPL. Thanks a lot!
I also used an OpenLaszlo class, ported by Userfriendly and former developed by Paul Johnston, released under the BSD licence. Thanks a lot, you too.
I created an own class, modified the mentioned classes and linked them all together. So you can use it under the GPL. Here you can find a little example that makes use of AESCryptLz.
The Sourcecode:
The first one is the AESCryptLz source code. The second one is the code of the shown example. And the third one is a little, quick and dirty Java source code, that shows, how to handle AESCryptLz-encrypted data. This may be usefull for a Java backend.
I’m looking forward to your feedback.
Kind regards,
Mario
Ps.: To see if it works, try to decode the following message, using the example application with the ASCII key “synie”:
1e af f3 90 83 02 50 90 a4 9c bc bc 7e 05 d3 78 50 79 ac aa 0f 0d ad 28 98 a7 46 13 b1 49 d7 e2 b9 d1 d9 c7 7a f0 01 0e 88 0d 95 a3 7f b2 52 92 2f 9e 5b 61 e7 67 8a 93 19 d0 5c c0 0c 78 64 e3 e0 f2 4c 4f b5 64 e9 d8 43 89 9d 8e fb 07 d8 e7 b8 ea 07 49 69 fd a7 b3 8d c3 8b 04 19 92 7a be
