Languages

English

E_System error in decryption

Hi all,

i am trying to implement security related functoinality in my application 
my code consists of encryption & decryption of data, my code is working fine for encyprion but while decrypting application is getting crashed
due to E_SYSTEM unknown system error

please help me here is my code 

 

#include "encryptSampleMainForm.h"
#include "AppResourceId.h"
#include <FIo.h>
#include <FSecurity.h>
using namespace Tizen::Base;
using namespace Tizen::App;
using namespace Tizen::Ui;
using namespace Tizen::Ui::Controls;
using namespace Tizen::Ui::Scenes;
using namespace Tizen::Security;
using namespace Tizen::Security::Crypto;
using namespace Tizen::Base::Utility;

String str; //global var holds the output of encryption function ,later the same value is sent for decrytpion

encryptSampleMainForm::encryptSampleMainForm(void)
{
}

encryptSampleMainForm::~encryptSampleMainForm(void)
{
}

bool
encryptSampleMainForm::Initialize(void)
{
    Construct(IDF_FORM);

    return true;
}

result
encryptSampleMainForm::OnInitializing(void)
{
    result r = E_SUCCESS;

    // TODO:
    // Add your initialization code here

    // Setup back event listener
    SetFormBackEventListener(this);

    // Get a button via resource ID
    Tizen::Ui::Controls::Button *pButtonOk = static_cast<Button*>(GetControl(IDC_BUTTON_OK));
    if (pButtonOk != null)
    {
        pButtonOk->SetActionId(ID_BUTTON_OK);
        pButtonOk->AddActionEventListener(*this);
    }

    Button* pButton1 = static_cast<Button*>(GetControl(IDC_BUTTON1));  
    if(pButton1)
    {
        pButton1->SetActionId(1029);
        pButton1->AddActionEventListener(*this);
    }
    return r;
}

result
encryptSampleMainForm::OnTerminating(void)
{
    result r = E_SUCCESS;

    // TODO:
    // Add your termination code here
    return r;
}

void
encryptSampleMainForm::OnActionPerformed(const Tizen::Ui::Control& source, int actionId)
{
 if(actionId==ID_BUTTON_OK)        //action related to encryption
 {
     ByteBuffer *p=StringUtil::StringToUtf8N("e");
     p->SetLimit(p->GetCapacity()-1);
      str=encyrptKey(*p);

 }
 else if(actionId==1029)                   //action related to decryption
 {
     ByteBuffer *p=StringUtil::StringToUtf8N("e");
          p->SetLimit(p->GetCapacity()-1);
          decryptKey(str,*p);
 }
}

void
encryptSampleMainForm::OnFormBackRequested(Tizen::Ui::Controls::Form& source)
{
    UiApp* pApp = UiApp::GetInstance();
    AppAssert(pApp);
    pApp->Terminate();
}

void
encryptSampleMainForm::OnSceneActivatedN(const Tizen::Ui::Scenes::SceneId& previousSceneId,
                                          const Tizen::Ui::Scenes::SceneId& currentSceneId, Tizen::Base::Collection::IList* pArgs)
{
    // TODO:
    // Add your scene activate code here
    AppLog("OnSceneActivatedN");
}

void
encryptSampleMainForm::OnSceneDeactivated(const Tizen::Ui::Scenes::SceneId& currentSceneId,
                                           const Tizen::Ui::Scenes::SceneId& nextSceneId)
{
    // TODO:
    // Add your scene deactivate code here
    AppLog("OnSceneDeactivated");
}

 

String encryptSampleMainForm::encyrptKey(ByteBuffer &pwd)
{
    ByteBuffer* inp=StringUtil::StringToUtf8N("e");
                    inp->SetLimit(inp->GetCapacity()-1);
            Md5Hash mhash;
                    ByteBuffer *pOutput=mhash.GetHashN(*inp);
                    AppLog("ouptut is %s",pOutput->GetPointer());
                     String sHash;

                        {
                            int byteCount = pOutput->GetLimit();

                            for (int i = 0; i < byteCount; i++) {
                                byte b;  pOutput -> GetByte(i, b);
                                unsigned int ui = b;
                                String sHex;
                                sHex.Format(25, L"%02x", ui);
                                sHash.Append(sHex);
                            }
                            AppLog("Shex is %ls",sHash.GetPointer());
                        }
                        ByteBuffer* o2=StringUtil::StringToUtf8N(sHash);
                        o2->SetLimit(o2->GetCapacity()-1);
            AppLog("encrypt Button is clicked!");
            ISecureRandom *prandom=new AesSecureRandom();
            SecretKeyGenerator *keygen=new SecretKeyGenerator();
            ByteBuffer *prn=prandom->GenerateRandomBytesN(32);
            AppLog("rnd no is %s",prn->GetPointer());
            AesCipher *asc=new AesCipher();
            asc->Construct("ECB/256/PKCS7PADDING",CIPHER_ENCRYPT);
            keygen->Construct(*o2);
            ISecretKey *skey2=keygen->GenerateKeyN();
            asc->SetKey(*skey2);
            out=asc->EncryptN(*prn);
            AppLog("encrypted data is %s",out->GetPointer());
            String str2=reinterpret_cast< char* >(const_cast< byte* >(out->GetPointer()));
            return str2;
}

ByteBuffer* encryptSampleMainForm::decryptKey(String pwdkey,ByteBuffer &p)
{
    Md5Hash mhash;
            ByteBuffer* inp=StringUtil::StringToUtf8N("e");
                    inp->SetLimit(inp->GetCapacity()-1);
            SecretKeyGenerator *keygen=new SecretKeyGenerator();
                            ByteBuffer *pOutput=mhash.GetHashN(*inp);
                            AppLog("ouptut is %s",pOutput->GetPointer());
                             String sHash;

                                {
                                    int byteCount = pOutput->GetLimit();

                                    for (int i = 0; i < byteCount; i++) {
                                        byte b;  pOutput -> GetByte(i, b);
                                        unsigned int ui = b;
                                        String sHex;
                                        sHex.Format(25, L"%02x", ui);
                                        sHash.Append(sHex);
                                    }
                                    AppLog("Shex is %ls",sHash.GetPointer());
                                }
                                ByteBuffer* o2=StringUtil::StringToUtf8N(sHash);
                                o2->SetLimit(o2->GetCapacity()-1);
            AppLog("decrypt button clicked!");
            AesCipher *asc=new AesCipher();
            asc->Construct("ECB/256/PKCS7PADDING",CIPHER_DECRYPT);
            keygen->Construct(*o2);
            ISecretKey *skey1=keygen->GenerateKeyN();
            asc->SetKey(*skey1);
            ByteBuffer* out1=StringUtil::StringToUtf8N(pwdkey);
            out1->SetLimit(out1->GetCapacity()-1);
            ByteBuffer *output=asc->DecryptN(*out1);
            AppLog("decrypted data is %s",output->GetPointer());
            return out1;
}

Edited by: Brock Boland on 17 Mar, 2014 Reason: Paragraph tags added automatically from tizen_format_fix module.

Responses

7 Replies
Pushpa G

Hi,

yes i could reproduce the same issue when i tried the above code in an app . I am checking the cause, iwill update you once i get it

Pushpa G

Also check CipherMessage sample app (CryptoHandler.cpp) available in IDE, i checked in output, it dint crash

Pushpa G

Hi,

Following are two errors in code:
1. Crash is due to missing NULL check in function encryptionSampleMainForm::decryptKey at line 173. As decrypt is failed there is no output. So, one must check NULL/error before accessing output variable.
2. Conversion of String to ByteBuffer do not work the way it is used for encryption and decryption.
It is better if ByteBuffer is returned after encryption and passed the same to decrypt method.
Last two line of function encryptKey bit messed.
String str2=reinterpret_cast< char* >(const_cast< byte* >(out->GetPointer())); (ERR: DATA LOST)
return str2;

Signature of ecryptKey must be ByteBuffer& encryptSamspleMainForm::encryptKey(ByteBuffer &pwd) //This pwd is anyhow not used in code.
main thing is to return encrypted ByteBuffer as it is.

and signature of DecryptKey must be ByteBuffer& encryptSampleMainForm::decryptKey(ByteByffer& encryptedKey) //This encryptedkey is same which we just encrypted. decrypted key is returns as ByteBuffer.
In case String Data type need to be involved then one must use proper conversion function before encryption and after decryption to convert password String to ByteBuffer.

harish kumar kavali

hi 
thanks for precious reply 
my problem solved by Converting String to bytebuffer using base64 encoding /decoding .
now the app is running fine when the key is correct
but it crashes if the key is invalid 
even i handled the null pointer exception (as the DecryptN() returns if it fails )
but i am unable to stop crashing
i am handling the exception in the following way

                                try{
                                       buff=decryptKey(Encdata,pwd);

                                   }
                              catch(...)
                              {
                                    AppLog("invalid key");
                              }

Chintan Gandhi

Hi Harish,

Please note Native API do not throw C++ exceptions. You need to check return values or perform NULL check for APIs.

Request you to kindly attach your full sample app for code review.

Thanks.

 

Chintan Gandhi

 Hi Harish,

I actually found the reason its getting crashed.

Actually you need to
use NULL check in decryptKey(Encdata,pwd) API which is missing here

***********************************************************
you have to handle the exception inside the below API,

decryptKey(Encdata,pwd)

    ByteBuffer *output=asc->DecryptN(*out1);

Here "output" is coming null for invalid key.  

So crash is due to missing NULL check in function encryptionSampleMainForm: ecryptKey. You must check NULL/error before accessing output variable.

use as follows:
if (output == NULL)
  AppLog("decryption is failed");
else
  AppLog("decrypted data is %s",output->GetPointer());

 

Hope this helps.

Thanks.

harish kumar kavali

Thanks for ur reply