Actionscript Encryption Library Update

I’ve just pushed version 1.1 of the as3 crypto library out.
New stuff (from the release notes):
- secret key: DES, 3DES, BlowFish
- mode: CTR, SimpleIV
- demo UI: Added unit tests
- added toString() to each algorithm
- added dispose() to each algorithm. dispose() attempts to clear keys and states from the memory, but it is not guaranteed to work.
- build-swc.xml file to allow command-line compilation of a .SWC library file.

Also, the library site includes a direct link to download the .SWC, and some benchmark numbers taken on my computer.

Beside a few more algorithms (dh, rmd160, dsa and the rest of rsa at least), the biggest missing chunk here is a way to guarantee the integrity of the encrypted content. It’s not terribly hard to rig something like that yourself, but I’d like to provide a way that can interoperate with other environments, so I’ll have to read around a bit on how those things are expected to happen.

Explore posts in the same categories: Security, flash, actionscript

21 Comments on “Actionscript Encryption Library Update”

  1. Ben Says:

    Looks like if you had a more complete RSA implementation a TLS implementation could be created on top of this library. Think XMPP.
    Section ‘A.5. The CipherSuite’. The DH_DSS section requires RSA to sign things, might as well forget DH + DSS for now and get a nice RSA implementation. :-D

    Looking good!


  2. Metal Hurlant Says:

    well yeah. the js library I pilfered RSA from actually has the rest of the stuff needed for a full RSA, as well as BigInteger primitives used by DH and DSA, so I really just need to finish porting that.

    On the other hand, the page hosting the js library looks way down:

    That sucks, but I still have a local copy on my box.

    Anyway, am I to understand you’re volunteering to implement TLS in as3 for no particular reason? ;)

  3. Ben Says:

    I was thinking of making a xmpp network layer. ;-) Although a flash ui tester is currently more inviting.

  4. Matthew OMeara Says:

    Hey Metal,

    Thanks for posting the code, as it turns out I went looking for this very thing today. I did find one issue that you may wish to know about. I hit an end of file error when decrypting DES3 information… so I made a small adjustment to the code.

    public function decrypt(src:ByteArray):void {

    src.position = 0;
    var blockSize:uint = key.getBlockSize();

    // use nibble to match blockSize
    var nib: uint = blockSize;

    var tmp:ByteArray = new ByteArray;
    var dst:ByteArray = new ByteArray;
    for (var i:uint=0;isrc.length) {nib = src.length-i;}

    // here, use the nibble
    src.readBytes(tmp, 0, nib);



    Very nice work though, much appreciated.


  5. Matthew OMeara Says:

    Hey Metal, it looks like some of the code I was posting to you got munched… in the for loop there is an if conditional that sets nib to be smaller than blockSize, only on its last pass when blockSize can cause an EOF error. Cheers… M

  6. Steve Longdo Says:

    Does ActionScript 3 ByteArray make it possible to encrypt a stream of data in combination with your AS Encryption library? For example could I submit a file through a SWF and have something decode it on a server?

  7. Joan Garnet Says:

    Thanx for sharing!
    It’s nice to search something and find that someone took the time to implement it.

  8. Metal Hurlant Says:

    Matthew: Thanks! I’ll roll that in the next update.

    Steve: You can encrypt anything you have access to. If you want to encrypt the upload of a file, actionscript in a swf running from the network doesn’t actually have access to the bytes of that file, so your only hope would be to use the regular file upload facility targeting an HTTP server. But if you have access to the bytes you want to encrypt, you can go crazy.

    Joan: You’re welcome! If you end up using it in a project, feel free to mention it here.

  9. Steve Longdo Says:

    Is there a way to encrypt a stream as it is uploaded from a browser to a server via a HTTP file upload? Does the encryption library require the entire file contents to be in memory in order to encrypt? I guess I need to do a little more homework on which AS3 class is appropriate for handling streams.

  10. Michael Grundvig Says:

    Has anyone been able to get this to work with other languages encryption packages? I’ve spent all evening on it with no luck. Using AES with CBC and PCKS5 padding I can get quite close. If I set the key and IV identical on both Java and the AS3 cipher object I get about 1/3rd of the string to match and the rest doesn’t. Oddly enough though, the AS3 code can always decrypt the encrypted data from Java or itself, but it’s output is always flagged as invalid by Java.

    I’m assuming it’s something to do with block size, but I’ve told Java to use 16 which is the same block size as used by the AS3 code as best I can tell. Any help would be greatly appreciated. I’m more then willing to provide examples of all this as well. Thanks!

  11. Metal Hurlant Says:

    Steve: the flash player will not let a movie loaded from the internet access bytes of a file you intend to upload with FileReference. If you are able to get your file in memory, then yes, you’d need the entire bytes in order to encrypt them.

    Michael: I was going to hide behind my test vectors in the AESKeyTest and CBCModeTest class, but it appears I don’t explicitly test AES-128 CBC with input greater than 16 bytes against any known verified test vectors…
    So there could be a bug there.
    Could you give me some examples with key, plaintext and expected ciphertext? That would help me debug this a bit.


  12. jack Says:

    3DES in 128bits looks very good. but in 192bits something wrong with it.
    plesae check it.

  13. Metal Hurlant Says:

    Jack: Good catch. I have a fix for that in the next release, coming hopefully soon. Meanwhile, you can fix it by going in TripleDesKey::decrypt(), and flipping “decKey3″ and “decKey” in that method.

  14. jack Says:

    thanks , i found it just right now

    public override function encrypt(block:ByteArray, index:uint=0):void
    desFunc(encKey, block,index, block,index);
    desFunc(encKey2, block,index, block,index);
    desFunc(encKey3, block,index, block,index);

    public override function decrypt(block:ByteArray, index:uint=0):void
    desFunc(decKey3, block, index, block, index);
    desFunc(decKey2, block, index, block, index);
    desFunc(decKey, block, index, block, index);

  15. Glen Blanchard Says:

    I have the rest of the BigInteger ported over and updates to the RSAKey to support decryption if you want them.

    Only problem is I forget how much I changed from the originals so have no way of providing just a patch.

    I did update the example page and testing page. You can download it from here:

    Thanks for the encryption part.

  16. Anand Says:


    Do you have any examples of using RSA encryption with your library and then using .NET and RSACryptographicProvider on the serverside to decrypt. ie. a string encrypted on the client in action script sent up to the server and decrypted using RSACryptographicprovider. I am running into errors when I try to accomplish this with Bad Data. Do you have any sample code on the .NET side how to decrypt a value encrypted using your library? Thanks greatly for your help.

  17. Terry Coatta Says:

    Hi –

    I’m trying to encode things on the .NET side with the TripleDESCryptoServiceProvider. I’m using a 192 bit key. Decyption *almost* works, but on the Flash side the first 8 bytes of the decrypted stream are wrong. The rest appear OK. I’ve checked the representations of the key, the IV, and the data on both sides and they are the same at the byte level. Any suggestions of where this has gone wrong?



  18. ken larkin Says:

    Right I can create public / private key pairs using the generate call. 512 is quick eough but 1024 takes 10-20 seconds, sometimes timining out. Anyway when I sign some text I get a different result that when I sign in .NET. I need to pass the signature to .NET to validate against the public key but it doesnt validate in .NET.
    I sign using my function in as3:
    public function sign(stringToSign:String):String
    var dstArray:ByteArray = new ByteArray();
    var srcArray:ByteArray = Hex.toArray(stringToSign);
    var length:Number = srcArray.length;

    rsa.sign(srcArray, dstArray, length);
    return Base64.encodeByteArray(dstArray);

    Any ideas, please please

  19. ken larkin Says:

    Also my verify function in AS3 is:
    public function verify(signature:String, stringToVerify:String):Boolean
    var dstArray:ByteArray = Hex.toArray(signature);
    var encodedSig:String = Base64.encodeByteArray(Hex.toArray(signature));
    var srcArray:ByteArray = Hex.toArray(stringToVerify);
    var length:Number = srcArray.length;

    rsa.verify(srcArray, dstArray, length);
    return true;//hardcoded this for now, how to I get whether it validated or not?


    PS is there no RSA crypto library built into flex that I can use like in .NET

  20. Erik Hallander Says:

    Hey, wow. I’m a bit blown away how comprehensive this class is. Excellent work and incidentally just what I was looking for.

    Times like these I wish there was a “donate” button ;)

  21. Atul Says:

    Do you have any examples of using RSA encryption with your library and then using .NET and RSACryptographicProvider on the serverside to decrypt. ie. a string encrypted on the client in action script sent up to the server and decrypted using RSACryptographicprovider. I am running into errors when I try to accomplish this with Bad Data. Do you have any sample code on the .NET side how to decrypt a value encrypted using your library? Thanks greatly for your help.