How to Decrypt data that uses Chilkat for Encryption without using Chilcat library

2.5k views Asked by At

We have a Windows Phone 8 app that needs to communicate with a web service that uses Chilkat to encrypt some data. As far as I know, Chilkat does not support the Windows Phone platform. I have the key and other info about how the data is encrypted (such as the encryption algorithm name, key-length etc.), but will I be able to encrypt/decrypt on Windows Phone without having this library? (We already have android/ios apps that use the same service and they use the chilkat library to crypt the data)

class Program
{
    static readonly string keyString = "MyKey";
    static readonly string iv = "MyIV";
    static Encoding TheEncoding = Encoding.UTF8;

    static void Main(string[] args)
    {
        //I got Chilkat and BouncyCastle via NuGet
        //https://www.nuget.org/packages/WinRTBouncyCastle/0.1.1.1
        //chilcat-win32

        var original = "clear text";

        var chilkatCrypt = GetChilkat3Des();

        //this is equalent to an encrypted text I get from the service
        var ckEncrypted = chilkatCrypt.EncryptStringENC(original);

        var ckDecrypted = chilkatCrypt.DecryptStringENC(ckEncrypted);

        if (!string.Equals(original, ckDecrypted)) throw new ArgumentException("chilkat encrypt/decrypt failure...");

        //now comes the challenge, to decrypt the Chilkat encryption with BouncyCastle (or what ever crypto lib that runs on WP8) 
        //this is where i need help :)
        byte[] chilkatEncBytes = System.Text.Encoding.UTF8.GetBytes(ckEncrypted);
        var bouncyDecrypted = BouncyCastleDecrypt(chilkatEncBytes);
    }

    public static Chilkat.Crypt2 GetChilkat3Des()
    {
        var crypt = new Chilkat.Crypt2();

        if (!crypt.UnlockComponent("Start my 30-day Trial"))
        {
            throw new Exception("Unlock Chilkat failed");
        }

        crypt.CryptAlgorithm = "3des";
        crypt.CipherMode = "cbc";
        crypt.KeyLength = 192;
        crypt.PaddingScheme = 0;
        //  It may be "hex", "url", "base64", or "quoted-printable".
        crypt.EncodingMode = "hex";
        crypt.SetEncodedIV(iv, crypt.EncodingMode);
        crypt.SetEncodedKey(keyString, crypt.EncodingMode);
        return crypt;
    }

    //this code is more or less copied from here:
    //http://nicksnettravels.builttoroam.com/post/2012/03/27/TripleDes-Encryption-with-Key-and-IV-for-Windows-Phone.aspx
    public static byte[] RunBouncyCastleTripleDes(byte[] input, bool encrypt)
    {
        byte[] byteKey = new byte[24];

        Buffer.BlockCopy(TheEncoding.GetBytes(keyString), 0, byteKey, 0, TheEncoding.GetBytes(keyString).Length);

        var IV = new byte[8];

        Buffer.BlockCopy(TheEncoding.GetBytes(iv), 0, IV, 0, TheEncoding.GetBytes(iv).Length);

        var keyParam = new Org.BouncyCastle.Crypto.Parameters.DesEdeParameters(byteKey);

        var ivParam = new Org.BouncyCastle.Crypto.Parameters.ParametersWithIV(keyParam, IV);
        var engine = Org.BouncyCastle.Security.CipherUtilities.GetCipher("DESede/CBC/PKCS5Padding");

        engine.Init(encrypt, ivParam);
        var output = engine.DoFinal(input);

        return output;
    }

    public static byte[] BouncyCastleEncrypt(byte[] input)
    {
        return RunBouncyCastleTripleDes(input, true);
    }

    public static byte[] BouncyCastleDecrypt(byte[] input)
    {
        return RunBouncyCastleTripleDes(input, false);
    }
}
1

There are 1 answers

2
jww On BEST ANSWER

I have the key and other info about how the data is encrypted (such as the encryption algorithm name, key-length etc.), but will I be able to encrypt/decrypt on Windows Phone without having this library?

It depends, buts the answer is probably yes.

If they have a home-grown implementation of well known algorithms, then they might have a bug and the answer could be NO.

If they are using well-known algorithms form well vetted libraries and have fully specified the algorithms and parameters, the the answer is likely YES.