ideas2it / cordova-aes256 Goto Github PK

I think for performance it would be better to generate the random bytes on the native side and pass them through cordova once it's finished.

This issue is a feature request to add a method "randomBytes(bytes: number)" to generate random bytes for the secureKey & secureIV string

Storing the SecureKey and SecureIV on "frontend" is not a good idea.

I'm requesting the ability to define these in native code (AppDelegate, MainActivity) or in plugin configuration

I am currently trying to decrypt a string of data that has been encrypted using RSA-OAEP using my public key. The code that does this is written in C# and I have confirmed that the byte array in C# and the byte array after private key decryption is correct. I compared them byte for byte - they are the same.

I presume the error is happening when I convert the UInt8Array to a string to be used in the decrypt method. Here is a snippet of the code I am using

let keyBuffer = this.base64ToArrayBuffer(response.Key);
    //Decrypt the key
    let keyBytes = await window.crypto.subtle.decrypt(
      {
        name: "RSA-OAEP"
      },
      importedPrivateKey,
      keyBuffer
    );
    //Take the key to text
    let key = this.Utf8ArrayToStr(new Uint8Array(keyBytes));
    
    //Take from B64 to bytes then decrypt
    let responseData = atob(response.Data);
    //Decrypt the actual data
    let decryptedData = await this.aes.decrypt(key, IV, responseData);

And the method I am using to take the UInt8Array to string is as follows:

private Utf8ArrayToStr(array) {
    var out, i, len, c;
    var char2, char3;
  
    out = "";
    len = array.length;
    i = 0;
    while (i < len) {
      c = array[i++];
      switch (c >> 4)
      { 
        case 0: case 1: case 2: case 3: case 4: case 5: case 6: case 7:
          // 0xxxxxxx
          out += String.fromCharCode(c);
          break;
        case 12: case 13:
          // 110x xxxx   10xx xxxx
          char2 = array[i++];
          out += String.fromCharCode(((c & 0x1F) << 6) | (char2 & 0x3F));
          break;
        case 14:
          // 1110 xxxx  10xx xxxx  10xx xxxx
          char2 = array[i++];
          char3 = array[i++];
          out += String.fromCharCode(((c & 0x0F) << 12) |
                                     ((char2 & 0x3F) << 6) |
                                     ((char3 & 0x3F) << 0));
          break;
      }
    }    
    return out;
  }

Do you possibly know why it is happening? I can only assume it has to do with the way I am converting the UInt8Array to a string?

I got this error when I encrypted the string from c# Webservice and sent it to Android to decrypt it~
please help~!

this is C# code
private static string EncryptAES256(string source)
{
byte[] sourceBytes = Encoding.UTF8.GetBytes(source);
var aes = new RijndaelManaged();
aes.Key = Encoding.UTF8.GetBytes("12345");
aes.IV = Encoding.UTF8.GetBytes("12345");
aes.Mode = CipherMode.CBC;
aes.Padding = PaddingMode.PKCS7;
ICryptoTransform transform = aes.CreateEncryptor();
return Convert.ToBase64String(transform.TransformFinalBlock(sourceBytes, 0, sourceBytes.Length));
}

thx~!

I get the following error when configuring Xcode to use Swift 4:

2019-02-25 14:08:01.366572+0100 Komed Health[474:31294] ERROR: Method 'generateSecureKey:' not defined in Plugin 'AES256'

Other plugins seem to be working fine.

Since Swift v3 is already deprecated and will be removed in the next xCode version 10.2 this plugin should also support Swift v4

Taking a very quick look into the bridging header https://github.com/Ideas2IT/cordova-aes256/blob/master/src/ios/AES256-Plugin-Bridging-Header.h it seems like some methods are missing. I just compared it with this plugin https://github.com/akofman/cordova-plugin-permissionScope since it was recommended by the plugin I use to specify the swift version: https://github.com/akofman/cordova-plugin-add-swift-support

But I'm no iOS developer. So I don't know if that's the root of the problem.

Hello,

On the Ionic website the install information returns this error:

ionic cordova plugin add cordova-plugin-aes256-encryption
> cordova plugin add cordova-plugin-aes256-encryption --save
Installing "cordova-plugin-aes256-encryption" for ios
Installing "cordova-plugin-add-swift-support" for ios
Adding cordova-plugin-aes256-encryption to package.json
Using "requireCordovaModule" to load non-cordova module "glob" is not supported. Instead, add this module to your dependen
cies and use regular "require" to load it.
[ERROR] An error occurred while running subprocess cordova.

Thank you for providing this useful plugin. But for my curious, does this plugin can use for AES128? or do you have any suggestion for other plugin?

Hello,

I followed your readme, but in ios, encrypt/decrypt return null, problem was your example's key wasn't correct.

secureKey: String = '123456789101234567890123456789011'; // Any string, the length should be 32

This key's length isn't 32, its length 33,
[12345] [67891] [01234] [56789] [01234] [56789] [011] => 33characters
then encrypt/decrypt not working properly, returns null, please fix this example's key.

I followed the example from #2 and gone ahead and implemented my encryption & decryption function like this:

const saltForHash: string = CryptoJS.lib.WordArray.random(16);
const pass: string = CryptoJS.lib.WordArray.random(256);
// Keysize in words. 1 Word is equal to 32 bits apparently and we pass in 4 words with the param "keySize"
const key128Bits: WordArray = CryptoJS.PBKDF2(pass, saltForHash, { keySize: 4, iterations: 1000 });

// AES CBC uses 128 bit blocks so we need to use a 128 bit long IV (16 * 8). Source:
// https://security.stackexchange.com/questions/90848/encrypting-using-aes-256-can-i-use-256-bits-iv
const iv: string = CryptoJS.lib.WordArray.random(16);
const encryptedString: string = await this.aES256.encrypt(key128Bits.toString(), iv.toString(), 'dataEncrypted');

const decryptedString: string = await this.aES256.decrypt(key128Bits.toString(), iv.toString(), encryptedString);

console.log(decryptedString);

But what I don't understand is why I had to generate a 128 bit long key in order to get the encryption to work. When I passed keySize: 8 instead of 4 the variable encryptedString was null.

I debugged the plugin and it turns out this hardcheck on line https://github.com/Ideas2IT/cordova-aes256/blob/master/src/ios/AES256CBC.swift#L217 caused the function to return null.

So my questions are:

1. How is the 32 char long string determined? According to my knowledge the key should be 256 bit long.
2. Is my parameter wrongly encoded and it should not be a UTF-8 string but maybe a different encoding?

Error when run ionic cordova build android --prod --release
When run ionic cordova build android, works.
My ionic info:

Ionic:

   ionic (Ionic CLI)  : 4.0.5
   Ionic Framework    : ionic-angular 3.5.0
   @ionic/app-scripts : 1.3.12

Cordova:

   cordova (Cordova CLI) : 8.1.2 ([email protected])
   Cordova Platforms     : android 7.0.0

System:

   Android SDK Tools : 26.1.1
   NodeJS            : v8.11.3 (C:\Program Files\nodejs\node.exe)
   npm               : 5.6.0
   OS                : Windows 10

Environment:

   ANDROID_HOME : C:\Users\tm\AppData\Local\Android\android-sdk

$ ionic cordova build android --prod --release
> ionic-app-scripts build --prod --target cordova --platform android
[16:00:06]  ionic-app-scripts 1.3.12
[16:00:06]  build prod started ...
[16:00:06]  clean started ...
[16:00:06]  clean finished in 10 ms
[16:00:06]  copy started ...
[16:00:06]  ngc started ...
[16:00:12]  ionic-app-script task: "build"
[16:00:12]  Error: Metadata version mismatch for module
            C:/workspace/app/node_modules/@ionic-native/aes-256/index.d.ts, found version 4, expected 3
Error: Metadata version mismatch for module C:/workspace/app/node_modules/@ionic-native/aes-256/index.d.ts, found version 4, expected 3
    at StaticSymbolResolver.getModuleMetadata (C:\workspace\app\node_modules\@angular\compiler\bundles\compiler.umd.js:24474:34)
    at StaticSymbolResolver._createSymbolsOf (C:\workspace\app\node_modules\@angular\compiler\bundles\compiler.umd.js:24260:46)
    at StaticSymbolResolver.getSymbolsOf (C:\workspace\app\node_modules\@angular\compiler\bundles\compiler.umd.js:24241:14)
    at C:\workspace\app\node_modules\@angular\compiler\bundles\compiler.umd.js:23023:30
    at Array.forEach (<anonymous>)
    at extractProgramSymbols (C:\workspace\app\node_modules\@angular\compiler\bundles\compiler.umd.js:23022:79)
    at AotCompiler.compileAll (C:\workspace\app\node_modules\@angular\compiler\bundles\compiler.umd.js:22720:47)
    at CodeGenerator.codegen (C:\workspace\app\node_modules\@angular\compiler-cli\src\codegen.js:30:14)
    at Function.NgTools_InternalApi_NG_2.codeGen (C:\workspace\app\node_modules\@angular\compiler-cli\src\ngtools_api.js:61:30)
    at Object.doCodegen (C:\workspace\app\node_modules\@ionic\app-scripts\dist\aot\codegen.js:6:51)
[ERROR] An error occurred while running subprocess ionic-app-scripts.

file: cordova-plugin-aes256-encryption/PBKDF2.swift
warning: 'withUnsafeBytes' is deprecated: use withUnsafeBytes<R>(_: (UnsafeRawBufferPointer) throws -> R) rethrows -> R instead
saltData.withUnsafeBytes

I need help in understanding the new withUnsafeBytes format. For now I can only build with swift 4. But i would like to build in Swift 5 too.

Hello,

I'm using Ionic 4 Beta 19, and getting null when trying to decrypt, but only on iOS ... But Android is working fine ...

async aesData(data) { return await this.aes.encrypt(this.secureKey, this.secureIV, data) .catch( (error: any) => console.error(error) ); }

`async revertAesData(data) {
    return await this.aes.decrypt(this.secureKey,
        this.secureIV,
        data)
        .catch(
            (error: any) => console.error(error)
        );
}`

• Ionic:

  ionic (Ionic CLI) : 4.1.1 (/usr/local/lib/node_modules/ionic)
  Ionic Framework : @ionic/angular 4.0.0-beta.19
  @angular-devkit/core : 0.7.2
  @angular-devkit/schematics : 0.7.2
  @angular/cli : 6.2.4
  @ionic/ng-toolkit : 1.1.0
  @ionic/schematics-angular : 1.0.7

Capacitor:

capacitor (Capacitor CLI) : 1.0.0-beta.8
@capacitor/core : 1.0.0-beta.8

Cordova:

cordova (Cordova CLI) : 8.0.0
Cordova Platforms : android 7.0.0, ios 4.5.5
Cordova Plugins : cordova-plugin-ionic-keyboard 2.1.3, cordova-plugin-ionic-webview 2.2.5, (and 9 other plugins)

System:

NodeJS : v8.11.4 (/usr/local/bin/node)
npm : 5.10.0
OS : macOS
Xcode : Xcode 10.1 Build version 10B61

Hi,

I have a problem when I encrypt a text with AES 256 in IONIC. If I run the application in a IOS device, the result is different of the Android device. I don´t know the problem.
Can you help me?
Thanks in advance

What do you think of the idea to make all methods public & static from this class: https://github.com/BorntraegerMarc/cordova-aes256/blob/master/src/android/AES256.java

I could provide a PR.

The benefit would be that we could use the same class for our custom plugin without needing to manually copy & paste the code. Since we need to do something custom with encryption in our native plugin.

When I try to build project for iOS, I got those errors:

platforms/ios/prj/Plugins/cordova-plugin-aes256-encryption/PBKDF2.swift:4:36: error: use of undeclared type 'CCPBKDFAlgorithm'
public class func pbkdf2(hash: CCPBKDFAlgorithm, password: String, salt: String, keyByteCount: Int, rounds: Int) -> String? {
^~~~~~~~~~~~~~~~
platforms/ios/prj/Plugins/cordova-plugin-aes256-encryption/PBKDF2.swift:31:38: error: use of undeclared type 'Data'
private class func toHex(_ data: Data) -> String {
^~~~
platforms/ios/prj/Plugins/cordova-plugin-aes256-encryption/AES256.swift:1:30: error: use of undeclared type 'CDVPlugin'
@objc(AES256) class AES256 : CDVPlugin {
^~~~~~~~~
platforms/ios/prj/Plugins/cordova-plugin-aes256-encryption/AES256.swift:1:2: error: only classes that inherit from NSObject can be declared @objc
@objc(AES256) class AES256 : CDVPlugin {
~^~~~~~~~~~~~~
platforms/ios/prj/Plugins/cordova-plugin-aes256-encryption/PBKDF2.swift:7:30: error: use of unresolved identifier 'Data'
var derivedKeyData = Data(repeating: 0, count: keyByteCount)
^~~~
platforms/ios/prj/Plugins/cordova-plugin-aes256-encryption/PBKDF2.swift:14:17: error: use of unresolved identifier 'CCKeyDerivationPBKDF'
CCKeyDerivationPBKDF(
^~~~~~~~~~~~~~~~~~~~
platforms/ios/prj/Plugins/cordova-plugin-aes256-encryption/PBKDF2.swift:15:21: error: use of unresolved identifier 'CCPBKDFAlgorithm'
CCPBKDFAlgorithm(kCCPBKDF2),
^~~~~~~~~~~~~~~~
platforms/ios/prj/Plugins/cordova-plugin-aes256-encryption/PBKDF2.swift:15:38: error: use of unresolved identifier 'kCCPBKDF2'
CCPBKDFAlgorithm(kCCPBKDF2),
^~~~~~~~~
platforms/ios/prj/Plugins/cordova-plugin-aes256-encryption/PBKDF2.swift:23:33: error: use of unresolved identifier 'kCCSuccess'
if (derivationStatus != kCCSuccess) {
^~~~~~~~~~

any help on this?

Error---- Error occurred while performing decrypt

Encrypt Okey but no decrypt.

Hi

I wanted to get feedback from the authors & maintainers whether you are open (or even planning?) to support ionic's capacitor? https://capacitor.ionicframework.com/docs/plugins

I think generally Cordova plugins should work out of the box and I will test in the following weeks whether there are any issues. But wants to get some feedback from you guys :)

Now since capacitor is stable (https://blog.ionicframework.com/announcing-capacitor-1-0/) it would be a good time to start thinking about it.

Looking forward to get feedback :)

Hi, is it possible or there's any way for ionic, to encrypted the JSON file and send it to the server, and there it would decrypted the file and read the content.
Can you do it if use AES256 for java in server side?

Hey ✌️

Could you release a new version of the plugin which includes the latest commit? We'd like to use it

Hi guys, me again (the bearer of bad news) 👋

When compiling our cordova project with xcode 11 & using this plugin we receive this compilation errors:

CompileSwift normal i386 /Users/borntsch/Documents/BorntraegerMarc/komed-frontend/platforms/ios/Komed\ Health/Plugins/cordova-plugin-aes256-encryption/AES256CBC.swift
CompileSwift normal i386 /Users/borntsch/Documents/BorntraegerMarc/komed-frontend/platforms/ios/Komed\ Health/Plugins/cordova-plugin-aes256-encryption/PBKDF2.swift
CompileSwiftSources normal i386 com.apple.xcode.tools.swift.compiler
CompileSwiftSources normal x86_64 com.apple.xcode.tools.swift.compiler
CompileSwift normal x86_64 /Users/borntsch/Documents/BorntraegerMarc/komed-frontend/platforms/ios/Komed\ Health/Plugins/cordova-plugin-aes256-encryption/AES256CBC.swift
CompileSwift normal x86_64 /Users/borntsch/Documents/BorntraegerMarc/komed-frontend/platforms/ios/Komed\ Health/Plugins/cordova-plugin-aes256-encryption/PBKDF2.swift

I am adding "cordova-plugin-aes256-encryption" plugin to my Angular/Ionic-5 project which increasing iOS build size from 24.5MB to 99.7MB.
If anyone facing the similar issue?
Version Details:
"@ionic-native/aes-256": "^5.35.0",
"cordova-plugin-aes256-encryption": "^2.0.1",

@rajeshi2i @pandiarajan-i2i

I got an error messages in xCode. it works find in Android

Error: Plugin Optional("AES256") does not respond to method call generateSecureKey:.
Ensure plugin method exists and uses @objc in its declaration

Dear Team,
We are using ionic v3 project and doing AES 256 encryption algorithm. the chiper Text not valid and it is not base64 format. how do we change the format to supported java. i have generated chiper Text as below format, it is working decryption within ionic project, if we use similar to other java layers. it is not able to decrypted. please helps.

format of chiper text : 77be64b6202dbbf43bfdce7669722b9c

We have been using the key with a Key length of 16 and the IV with a key length of 16 as the encryption of the http request. I tried to enter the key with a key length of 16, But the result of Android encryption is different from the encryption result of the server, and the value after ios encrypted is null. What should I do to use the kty with length of 16?

Any solution is worth trying

I didn't see the used AES mode. It's important for the user to know...

When using this library to do encryption & decryption of medium sized objects I get a lot of these warnings in XCode:

2018-08-31 17:59:54.204442+0200 Komed Health[645:64889] THREAD WARNING: ['AES256'] took '43.134766' ms. Plugin should use a background thread.
2018-08-31 17:59:54.965438+0200 Komed Health[645:64889] THREAD WARNING: ['AES256'] took '36.801025' ms. Plugin should use a background thread.
2018-08-31 18:00:03.473940+0200 Komed Health[645:64889] THREAD WARNING: ['AES256'] took '36.212891' ms. Plugin should use a background thread.
2018-08-31 18:00:04.627526+0200 Komed Health[645:64889] THREAD WARNING: ['AES256'] took '44.189941' ms. Plugin should use a background thread.
2018-08-31 18:00:05.309261+0200 Komed Health[645:64889] THREAD WARNING: ['AES256'] took '38.112061' ms. Plugin should use a background thread.

Do you think this might be an issue at some point?

Would be great if there would be methods which use a private AES key by providing its bytes directly to the method instead of running PBKDF2 on the private key.

Hello, I have a problem. Help me? :D

Uncaught (in promise): Error: StaticInjectorError(AppModule)[CryptProvider -> AES256]: 
  StaticInjectorError(Platform: core)[CryptProvider -> AES256]: 
    NullInjectorError: No provider for AES256!
get@ionic://localhost/build/vendor.js:1377:28
resolveToken@ionic://localhost/build/vendor.js:1675:27
tryResolveToken@ionic://localhost/build/vendor.js:1617:28
get@ionic://localhost/build/vendor.js:1485:35
resolveToken@ionic://localhost/build/vendor.js:1675:27
tryResolveToken@ionic://localhost/build/vendor.js:1617:28
get@ionic://localhost/build/vendor.js:1485:35
_createClass@ionic://localhost/build/vendor.js:11307:47
_createProviderInstance$1@ionic://localhost/build/vendor.js:11281:38
resolveNgModuleDep@ionic://localhost/build/vendor.js:11266:42
createClass@ionic://localhost/build/vendor.js:12863:42
createDirectiveInstance@ionic://localhost/build/vendor.js:12700:48
createViewNodes@ionic://localhost/build/vendor.js:14158:76
createRootView@ionic://localhost/build/vendor.js:14047:20
callWithDebugContext@ionic://localhost/build/vendor.js:15472:47
create@ionic://localhost/build/vendor.js:11652:60
_viewInit@ionic://localhost/build/vendor.js:82039:50
ionic://localhost/build/vendor.js:81852:32
onInvoke@ionic://localhost/build/vendor.js:5134:39
run@ionic://localhost/build/polyfills.js:3:10149
ionic://localhost/build/polyfills.js:3:20245
onInvokeTask@ionic://localhost/build/vendor.js:5125:43
runTask@ionic://localhost/build/polyfills.js:3:10844
o@ionic://localhost/build/polyfills.js:3:7901
promiseReactionJob@[native code]

My ionic is:

Ionic:

   Ionic CLI          : 5.4.14 (/usr/local/lib/node_modules/ionic)
   Ionic Framework    : ionic-angular 3.9.2
   @ionic/app-scripts : 3.2.3

Cordova:

   Cordova CLI       : 9.0.0 ([email protected])
   Cordova Platforms : android 8.1.0, ios 5.1.1
   Cordova Plugins   : cordova-plugin-ionic-keyboard 2.2.0, cordova-plugin-ionic-webview 4.1.3, (and 11 other plugins)

Utility:

   cordova-res                          : not installed
   native-run (update available: 0.3.0) : 0.2.7

System:

   Android SDK Tools : 26.1.1 (/Users/devuser/Library/Android/sdk/)
   ios-deploy        : 1.9.2
   ios-sim           : 8.0.2
   NodeJS            : v10.18.0 (/usr/local/Cellar/node@10/10.18.0/bin/node)
   npm               : 6.13.4
   OS                : macOS High Sierra
   Xcode             : Xcode 10.1 Build version 10B61

Hello,

This may be something really obvious, but I do not use Ionic either just Capacitor on it's own, so I have added the following to my MainActivity.java file: import com.ideas2it.aes256.AES256; and added: add(AES256.class); but each time I try to run I get the following:

class file for org.apache.cordova.CordovaPlugin not found

Is this something silly? Do I need to include another library to support this?

Any help would be hugely appreciated.

Do note I do have a security storage plugin installed which uses Cordova and includes the org.apache.cordova.file package and that functions perfectly, but yeah not sure what is happening or how to fix.

Thanks in advance,