Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

Native Development

Reply
New Contributor
Posts: 6
Registered: ‎06-10-2013
My Device: Torch
My Carrier: Vodafone

Problem with ARC2 CBC Encryption / Decryption

Unfortunately I have a problem in using encryption and decryption functions of the "huarc2.h" package.

The documentation is really poor. Thus it would be kind if you could help me.

 

I am currently working on encryption / decryption of private keys  of email signature certificates based on Arc2 CBC.

 

I get a byte stream that is an encrypted private key and I want to decrypt it and then encrypt it with another password.

 

For encryption / decryption I used the following code.

I noticed that a sequence of encryption / decryption with the same password does not lead to a result that is equal to the plain text I first encrypted.

 

Do you find an error in my code? Or do you have an optional way to do the encryption / decryption?

 

void CertificateService::decryptPrivateKey(QString encodedKey,
		QString password) {
	sb_GlobalCtx globalCtx;
	hu_GlobalCtxCreateDefault(&globalCtx);
	int result = hu_RegisterSbg56(globalCtx);
	int initResult = hu_InitSbg56(globalCtx);
	sb_Params arc2Params;
	int arc2ParamsResult = hu_ARC2ParamsCreate(SB_ARC2_CBC, 64, NULL, NULL,
			&arc2Params, globalCtx);
	sb_Key arcKey;
	int arcKeyResult = hu_ARC2KeySet(arc2Params, password.toStdString().size(),
			(unsigned char*) qstrdup(password.toStdString().c_str()), &arcKey,
			globalCtx);
	sb_Context arcContext;
	unsigned char iv[16] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
	int arcBeginResult = hu_ARC2Begin(arc2Params, arcKey, SB_ARC2_IV_SIZE, iv,
			&arcContext, globalCtx);
	QByteArray input_bytes = encodedKey.toUtf8();
	unsigned char* hash_input =
			reinterpret_cast<unsigned char*>(input_bytes.data());
	unsigned char *plaintextResult = (unsigned char*) qstrdup(
			encodedKey.toStdString().c_str());
	int acsDecryptResult = hu_ARC2Decrypt(arcContext,
			(size_t) input_bytes.length(), hash_input, plaintextResult,
			globalCtx);
	hu_ARC2End(&arcContext, globalCtx);
	m_c1_key_string = getStringFromUnsignedChar(plaintextResult);
}

void CertificateService::encryptPrivateKey(QString decodedKey,
		QString password) {
	sb_GlobalCtx globalCtx;
	hu_GlobalCtxCreateDefault(&globalCtx);
	int result = hu_RegisterSbg56(globalCtx);
	int initResult = hu_InitSbg56(globalCtx);
	sb_Params arc2Params;
	int arc2ParamsResult = hu_ARC2ParamsCreate(SB_ARC2_CBC, 64, NULL, NULL,
			&arc2Params, globalCtx);
	sb_Key arcKey;
	int arcKeyResult = hu_ARC2KeySet(arc2Params, password.toStdString().size(),
			(unsigned char*) qstrdup(password.toStdString().c_str()), &arcKey,
			globalCtx);
	sb_Context arcContext;
	unsigned char iv[16] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
	int arcBeginResult = hu_ARC2Begin(arc2Params, arcKey, SB_ARC2_IV_SIZE, iv,
			&arcContext, globalCtx);
	QByteArray input_bytes = decodedKey.toUtf8();
	unsigned char* hash_input =
			reinterpret_cast<unsigned char*>(input_bytes.data());
	unsigned char *encodedTextResult = (unsigned char*) qstrdup(
			decodedKey.toStdString().c_str());
	int acsEncryptResult = hu_ARC2Encrypt(arcContext,
			(size_t) input_bytes.length(), hash_input, encodedTextResult,
			globalCtx);
	m_c1_key_string_encoded = getStringFromUnsignedChar(encodedTextResult);
}

 

 

Thanks in advance !!!

Highlighted
Retired
Posts: 418
Registered: ‎07-18-2012
My Device: Q10
My Carrier: Bell Canada

Re: Problem with ARC2 CBC Encryption / Decryption

Hi,

 

  • You're ignoring every single return code from the library. Probably a good start to see if the library is telling you there's a problem.
  • Looks like you'll be leaking memory - you're calling qstrdup but there are no matching delete[]s
  • There's no padding logic - ARC2 is a block cipher - is your encoded key an exact multiple of the block size long?

I've made a sample for doing this sort of thing - it might be worthwhile reviewing: https://github.com/blackberry/Cascades-Community-Samples/tree/master/AESCryptoDemo

 

Hope this helps!

--
Rob is no longer associated with BlackBerry.