We have a Windows Phone 8 app that needs to communicate with a web service that uses Chilkat to encrypt some data. As far as I know, Chilkat does not support the Windows Phone platform. I have the key and other info about how the data is encrypted (such as the encryption algorithm name, key-length etc.), but will I be able to encrypt/decrypt on Windows Phone without having this library? (We already have android/ios apps that use the same service and they use the chilkat library to crypt the data)
class Program
{
static readonly string keyString = "MyKey";
static readonly string iv = "MyIV";
static Encoding TheEncoding = Encoding.UTF8;
static void Main(string[] args)
{
//I got Chilkat and BouncyCastle via NuGet
//https://www.nuget.org/packages/WinRTBouncyCastle/0.1.1.1
//chilcat-win32
var original = "clear text";
var chilkatCrypt = GetChilkat3Des();
//this is equalent to an encrypted text I get from the service
var ckEncrypted = chilkatCrypt.EncryptStringENC(original);
var ckDecrypted = chilkatCrypt.DecryptStringENC(ckEncrypted);
if (!string.Equals(original, ckDecrypted)) throw new ArgumentException("chilkat encrypt/decrypt failure...");
//now comes the challenge, to decrypt the Chilkat encryption with BouncyCastle (or what ever crypto lib that runs on WP8)
//this is where i need help :)
byte[] chilkatEncBytes = System.Text.Encoding.UTF8.GetBytes(ckEncrypted);
var bouncyDecrypted = BouncyCastleDecrypt(chilkatEncBytes);
}
public static Chilkat.Crypt2 GetChilkat3Des()
{
var crypt = new Chilkat.Crypt2();
if (!crypt.UnlockComponent("Start my 30-day Trial"))
{
throw new Exception("Unlock Chilkat failed");
}
crypt.CryptAlgorithm = "3des";
crypt.CipherMode = "cbc";
crypt.KeyLength = 192;
crypt.PaddingScheme = 0;
// It may be "hex", "url", "base64", or "quoted-printable".
crypt.EncodingMode = "hex";
crypt.SetEncodedIV(iv, crypt.EncodingMode);
crypt.SetEncodedKey(keyString, crypt.EncodingMode);
return crypt;
}
//this code is more or less copied from here:
//http://nicksnettravels.builttoroam.com/post/2012/03/27/TripleDes-Encryption-with-Key-and-IV-for-Windows-Phone.aspx
public static byte[] RunBouncyCastleTripleDes(byte[] input, bool encrypt)
{
byte[] byteKey = new byte[24];
Buffer.BlockCopy(TheEncoding.GetBytes(keyString), 0, byteKey, 0, TheEncoding.GetBytes(keyString).Length);
var IV = new byte[8];
Buffer.BlockCopy(TheEncoding.GetBytes(iv), 0, IV, 0, TheEncoding.GetBytes(iv).Length);
var keyParam = new Org.BouncyCastle.Crypto.Parameters.DesEdeParameters(byteKey);
var ivParam = new Org.BouncyCastle.Crypto.Parameters.ParametersWithIV(keyParam, IV);
var engine = Org.BouncyCastle.Security.CipherUtilities.GetCipher("DESede/CBC/PKCS5Padding");
engine.Init(encrypt, ivParam);
var output = engine.DoFinal(input);
return output;
}
public static byte[] BouncyCastleEncrypt(byte[] input)
{
return RunBouncyCastleTripleDes(input, true);
}
public static byte[] BouncyCastleDecrypt(byte[] input)
{
return RunBouncyCastleTripleDes(input, false);
}
}
It depends, buts the answer is probably yes.
If they have a home-grown implementation of well known algorithms, then they might have a bug and the answer could be NO.
If they are using well-known algorithms form well vetted libraries and have fully specified the algorithms and parameters, the the answer is likely YES.