Expand my Community achievements bar.

SOLVED

Unable to decrypt string encrypted by the cryptString function

Avatar

Level 2

I am trying to decrypt using Java a string encrypted by the cryptString function in Adobe Campaign Classic.

 

 

 

var encryptedString = cryptString (“helloworld”, “{secretKey}”, false);

 

 

I have observed the encrypted string always starts with an @ and is 1 character longer than if I encrypt the same string using Java.

 

The test Java decrypt function looks like:

 

 

 

    public static void main( String[] args ) throws Exception
    {
      String decryptedString = decrypt("{encryptedString}", "{secretKey}");
      System.out.println(decryptedString);  
    }    
public static String decrypt(String encrypted, String secretKey) throws Exception {
      try {
          SecretKeySpec skeySpec = new SecretKeySpec(secretKey.getBytes("UTF-8"), "AES");

          Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
          cipher.init(Cipher.DECRYPT_MODE, skeySpec, new IvParameterSpec(new byte[16]));
          byte[] original = cipher.doFinal(Base64.decodeBase64(encrypted));
   
          System.out.println(new String(original));
      } catch (Exception ex) {
          ex.printStackTrace();
      }
      return null;
  }
   

 

 

 

 

When I run this I get the error:

javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.

1 Accepted Solution

Avatar

Correct answer by
Level 2

Hi Milan. This didn't work using DESede/CBC/NoPadding. The documentation says the encryption used by Adobe Campaign is AES / CBC with a null IV.

 

https://docs.adobe.com/content/help/en/campaign-classic/technicalresources/api/f-cryptString.html

Remarks

Encryption takes place according to the following method:
  • The unicode character string is transformed into a UTF-8 string.
  • A check character is added at the end.
  • This string is encrypted using the AES algorythm in Cipher Block Chaining (CBC) mode with a null initialization vector. If no key is provided as a parameter, the instance key is used.
  • The encrypted block is then converted into base 64.
Decryption is carried out using the decryptString function.

View solution in original post

3 Replies

Avatar

Community Advisor

Hi @danc13675873

You may use "DESede/ECB/NoPadding" or  "DESede/CBC/NoPadding" instead.

Regards,

Milan

Avatar

Correct answer by
Level 2

Hi Milan. This didn't work using DESede/CBC/NoPadding. The documentation says the encryption used by Adobe Campaign is AES / CBC with a null IV.

 

https://docs.adobe.com/content/help/en/campaign-classic/technicalresources/api/f-cryptString.html

Remarks

Encryption takes place according to the following method:
  • The unicode character string is transformed into a UTF-8 string.
  • A check character is added at the end.
  • This string is encrypted using the AES algorythm in Cipher Block Chaining (CBC) mode with a null initialization vector. If no key is provided as a parameter, the instance key is used.
  • The encrypted block is then converted into base 64.
Decryption is carried out using the decryptString function.

@danc13675873 

@Milan_Vucetic 

 

Is there a way to use a valid IV here or some other OOTB method to use?