Archived Forum Post

Index of archived forum posts


Crypt2 3DES Decrypt Issue - Only getting 1st Character of Decrypted

Jan 29 '13 at 09:07

Clients sends 3DES encrypted BASE 64 ENCODED string via url to me like


When I decrypt I get this:

Query String: Oi4RKA5/yE2sXclksSlYzgrJ+3bFzn7h6oragazGC12yx0HOSfXsf4MAwzK9JfLy62NKAdfJhJyUGmcraX2wtw7833U12qy+qNgGB/Ph2WLokKuslE2Fby0NF1d9Reya8ywUwz+R+zWGmxzbqUkbsl9CaOUUgef54tkoD92aR4kpSd3m0W2jrkviNl0bATmedi6jSxgaujTO6pQ8LzDd/aTQ2ZKDpD2sOSu5B4jllsBF8Uu77Jar3x52LLuCOqDE6BP4UdyBQOz4Un9VtCjBMRptGgHEPAy/3JCywt8mJS2xuZm1wRrBbM5Hw+LWEiE4Ik7NFFTNFsLuab/Q7ye8HQ8JEjl3aq3BwPWBsE1hD6jlStIzgcoWHNyYCth0HcVF+HyNdjMLfmvmlz/+Y+aLw5izaNa+2OS/mZ161jRxQUcTX6Co7T7PaSREzzWwiEG4FOF0aOwrv+YOhgSdkPqR+b9oUVduxX6zstfB7BJySoNzRwfMhwfjWzHPl2C9X/Lh5m3liOfKiWmjI7ZuWFNdBA==

Decrypted Query String: U

U is the correct first letter of the Query String

I use asp page like this: <%@ LANGUAGE="VBSCRIPT" %>

<% dim QS,QS1 QS=Request("Token")

'Dim crypt As Object Set crypt = Server.CreateObject("Chilkat.Crypt2") success = crypt.UnlockComponent("My key") If (success <> 1) Then ' Unlock failed. Response.Write crypt.LastErrorText & "
" End If

' To get 3DES, set the algorithm = "des", and the ' key length to 168 bits: crypt.CryptAlgorithm = "des" crypt.KeyLength = 168 crypt.Charset = "utf-8"

' The encrypted output will be a hex-encoded string. ' It is also possible to use "base64", "url" (for url-encoding), and other modes. crypt.EncodingMode = "base64"

' Both ECB and CBC modes are available. ' Use "ecb" for Electronic Cookbook Mode. ' "ECB" is for Cipher-Block-Chaining. crypt.CipherMode = "CBC"

' Initialization vectors should equal the block-size of the algorithm. ' for 3DES (and DES) the block-size is 8 bytes. ' The IV may be set from an encoded string: crypt.SetEncodedIV "mczdExh/ntw=","base64"

' (it is also possible to set the IV directly from a byte array...)

' The secret key should have a length equal to the bit-strength of ' the algorithm. In this case, we have 168-bit 3DES. However, ' with DES (and 3DES) the most significant bit of each key byte is ' a parity bit, and therefore 168-bits really refers to a 192-bit key ' where the 24 msb's are parity bits. Our 3DES key should be 24 bytes in size. crypt.SetEncodedKey "czP33zRr2ys2Qt6RsBYw9pGuuzUBC9yr","base64"

' (it is also possible to set the key directly from a byte array, or generate ' a key from a arbitrary-length string password.)

' 3DES is a block encryption algorithm. This means that output is always ' a multiple of the algorithm's block size. For 3DES, the block size is 8 bytes. ' Therefore, if your input is not a multiple of 8 bytes, it will be padded. ' There are several choices for padding (consult the Chilkat Crypt reference). ' We'll pad with SPACE (0x20) characters: crypt.PaddingScheme = 0

' Note: If trying to match the results produced by two different 3DES implementations, ' make sure to test with data that is longer than a single block (8 bytes for 3DES). ' If all params match (IV, secret key, cipher mode, etc.) except for the padding, then ' the results will be identical except for the last block of output. If you test data is only ' a single block, you cannot recognize the situation where all is correct except ' for a padding mismatch.

' Functions to provide encoding/decoding of strings with Base64. ' ' Encoding: myEncodedString = base64_encode( inputString ) ' Decoding: myDecodedString = base64_decode( encodedInputString ) '

Response.Write("Query String:

plainText = crypt.DecryptStringEnc(QS) Response.Write("
Decrypted Query String:


' Note: Because we used SPACE character padding, the output string will contain trailing SPACE ' chars, which can easily be trimmed.

' (Other padding schemes embed the original input length in the padding so that the Decrypt* methods always ' return the exact original data).

%> </body> </html>


Figured it out. Charset was wrong, should have been unicode! Thanks....