« Metal Hurlant home page
« Actionscript Encryption Library Update
Coming out of hibernation »

As3Crypto 1.2: now with less bugs

So my 1.2 release ends up being less awesome than hoped.
I had a bunch of bug fixes I was sitting on, hoping I’d release them at the same time as some new neat thing, but the new neat thing is taking longer than planned, and the blog comments make it clear you guys are already trying to use what’s there, so I might as well make it work well.
I felt particularly bad when not once, but twice, a comment indicated someone ended up fixing something I had already fixed but not pushed yet.
I guess it’s time to adopt more of a “Release early, release often” cycle.
Hopefully the next release will have some authentic awesomeness built-in.

Until then, here are the release notes for this version:
- math: Completed BigInteger support. Moved BigInteger under com.hurlant.math
- public key: RSA decrypt and key generation
- crud: basic DER/PEM support to parse RSA keys (X.509 SubjectPublicKeyInfo and PKCS#1 RSAPrivateKey)
- random: support for TLS-PRF; weak attempt at seeding Random.
- hash: added MD2. slow legacy stuff.
- modes: CFB, CFB8 and OFB padding bug fixes
- secret key: TripeDES bug fix
- demo UI: added OpenSSL Monkey tab that checks that a few operations are compatible between As3Crypto and OpenSSL
- demo UI: added UI for RSA decryption and key generation

The DER/PEM line refers to the fact you can feed the library one of those openSSL-generated RSA keys that start with “—–BEGIN RSA PRIVATE KEY—–” or “—–BEGIN PUBLIC KEY—–”. Check RSAKeyTest.as for examples.

The current plan for the next release is to have enough code to be able to establish a simple TLS session, with various restrictions (I don’t have DSA nor DH yet, so I’m gunning for TLS_RSA_WITH_AES_128_CBC_SHA support, which is enough to talk to some popular https servers.)

As an aside, the BigInteger class should be sufficient to implement DH and DSA. I’m not going to focus on that for now, so if someone else feels like contributing, please do.

Explore posts in the same categories: Security, flash, actionscript

This entry was posted on Sunday, April 29th, 2007 at 10:56 pm and is filed under Security, flash, actionscript. You can comment below, or link to this permanent URL from your own site.

24 Comments on “As3Crypto 1.2: now with less bugs”

  1. shinkaiho Says:
    April 30th, 2007 at 4:03 am

    good job henri keep it up

  2. Steve Longdo Says:
    April 30th, 2007 at 5:43 pm

    Thanks so much for your hard work on this project!

  3. Matt Lins Says:
    May 8th, 2007 at 6:21 am

    How is the TLS implementation coming along?

    I’ve been working on this(TLS) for about 3-4 weeks and I’m almost finished. I’m using your crypto libraries. I’d like to get in contact with you and mabye collaborate. I looked for contact information on you blog, but was unable to find any. Hopefully you have my email from the comment.

    Please reach out. :)

  4. encryptionerinthemood Says:
    May 11th, 2007 at 10:45 am

    Plz can somebody help me with the usage of as3crypto???
    I want to use the hmac md5 function, how can i do????

  5. Biffer Rowley Says:
    May 28th, 2007 at 12:05 pm

    Hi there im attempting to use your super code to create an HMAC-SHA1 digest of a string value using my Amazon S3 AWS secret access key. To create this succesfully would you be able to help me out figuring if im rite in saying the AWS secret access key is base64 or text?

  6. Ashish Says:
    June 7th, 2007 at 5:56 am

    m new bee to actionscript. but i want to encrypt a file and decrypt it while reading. how to do this with as3crypto
    thanks.

  7. IO Says:
    July 4th, 2007 at 2:04 am

    Impressive, and pretty usefull.
    I read in your blog that you had some ideas on implementing DH, which is a necessity especially for authentication, storing info localy and such. Any way here is a sample code I wrote several years back, that you may wanna use. It’s written in Java (I’m not an AS deveoper but a Sys. Arch.) but since you are using Java’s BigInteger class I think you’ll manage. It’s an example of a SPEKE which is a variant of DH i prefer, since it prevents (to a degree) the “man in the middle” attack. If you’re not familiar with it you can go to WIKI which has a fair explanation. I’ve would have sent it by mail but i haven’t found any obvious link, so here it is.

    public static void keyExchange() throws Exception {
    MessageDigest md = MessageDigest.getInstance(”SHA-512″);
    // System.out.println(md.getAlgorithm());
    // System.out.println(md.getDigestLength() * 8) ;
    // System.out.println(md.getProvider());

    md.reset();
    md.update(”SomeSecretPassword”.getBytes());
    BigInteger hash = new BigInteger(md.digest());
    // System.out.println(hash);
    // System.out.println(hash.bitLength());
    // System.out.println(hash.isProbablePrime(3));

    SecureRandom random = new SecureRandom();

    BigInteger prime = new BigInteger(1024, 2, random);
    System.out.append(”CS:\t”).println(new BigInteger(pubA.getEncoded()));

    // keyGen.initialize(paramSpec);
    KeyPair keyPairB = keyGen.generateKeyPair();
    PublicKey pubB = keyPairB.getPublic();
    System.out.append(”CS:\t”).println(A);
    System.out.append(”C

  8. maliboo Says:
    August 1st, 2007 at 10:33 am

    Hi,

    I’m trying to make simple RSA signature. AFAIU ( https://www.pgpi.org/doc/pgpintro/#p12 ) for this I must encrypt message (or it’s hash) with private key, then decrypting it with public key with success guarantees origin of information. But it seems not work :(
    I’m using something like this:

    //plain, crypt: textfields; rsaPrv, rsaPub: key pair
    function doSign ():void
    {
    var plainMsg:String = plain.text;
    var data:ByteArray = Hex.toArray(Hex.fromString(plainMsg));
    var dst:ByteArray = new ByteArray();
    rsaPrv.encrypt(data, dst, data.length);
    var out:String = Base64.encodeByteArray(Hex.toArray(Hex.fromArray(dst)));
    crypt.text = out;
    }

    function doUnsign ():void
    {
    var cryptMsg:String = crypt.text;
    var data:ByteArray = Hex.toArray(Hex.fromArray(Base64.decodeToByteArray(cryptMsg)));
    var dst:ByteArray = new ByteArray();
    rsaPub.decrypt(data, dst, data.length);
    var out:String = Hex.toString(Hex.fromArray(dst));
    plain.text = out;
    }

    Any ideas?:(

  9. maliboo Says:
    August 2nd, 2007 at 11:44 am

    Finally got it;) I must provide raw -pad/-unpad functions to en-/de-crypt. And of course decrypt with private first, then encrypt with public. Works like a charm!
    Thanks for this stuff! :)

  10. Joshua Beall Says:
    September 1st, 2007 at 5:33 pm

    Hi There,

    Thanks for releasing this crypto library! I tried out your demo, and tried to decrypt the data I had encrypted using PHP. I get “binary goo” when I try to decrypt in PHP. Any suggestions?

    Here are the options I’m using on the AS3 side:
    https://www.joshbeall.com/personal/flex/as3cryptodemo.png

    And here’s the PHP code I’m using:

    /* Start PHP code */
    $key = “ca0c2a7cbd7345bf80818582ce650409″;
    $data = “2952c1139ec795e02991ad220763″;
    $iv = “54354d13a4a6ca5bedf699d43540de15″;

    $packOptions = “H*”;
    $key = pack($packOptions,$key);
    $data = pack($packOptions,$data);
    $iv = pack($packOptions,$iv);

    $encryptionDescriptor = mcrypt_module_open(MCRYPT_RIJNDAEL_128, null, MCRYPT_MODE_CFB, null);
    mcrypt_generic_init($encryptionDescriptor, $key,$iv);
    $decrypted = mdecrypt_generic($encryptionDescriptor, $data);
    mcrypt_generic_deinit($encryptionDescriptor);
    mcrypt_module_close($encryptionDescriptor);
    /* End PHP code */

    BTW, on another note — if I choose 256 bit AES on the AS3 Crypto demo, it get a 128 bit (16 byte) IV. PHP’s mcrypt then complains about the IV not being long enough.

  11. Johanes Says:
    September 11th, 2007 at 7:36 pm

    Hi, I just tried to use your library for testing, however when I did a test on the Base64 util I encountered a problem to convert the Base64 byte array back to string.

    var original:String = “A string of Something!”;
    trace(”Original -> “+original);
    trace(”Decoded -> “+Base64.decodeToByteArray(original));
    trace(”Encoded -> “+Base64.encodeByteArray(Base64.decodeToByteArray(original)));

    that will result in

    Original -> A string of Something!
    Decoded -> û-®)àþ?¿J??¶§?ø§
    Encoded -> A/string/oe/Something/in

    Is it something to be expected or did I do something silly there?

  12. Johanes Says:
    September 13th, 2007 at 9:23 pm

    Hi, I also tested the public key demo, and somehow I got an error to decrypt a text using 512bit encryption, but it works using 1024 bit.

    The text is “A string of Something, and other thing, and other thing”.

    Is it normal, or is it a bug?

  13. Bilge Says:
    September 18th, 2007 at 3:04 pm

    Oh lawd, dat sum awesome?

    Now you could just use some slightly fleshier documentation, but heh, it’s free, right?

  14. Pleh Says:
    October 8th, 2007 at 5:43 am

    Looking forward to TLS implementation :)

    Matt Lins, if you have TLS working, would it be possible to post your source somewhere? I would be extreemly greatful.

    Thanks guys, keep up the fantastic work

  15. Ksero Says:
    October 8th, 2007 at 6:43 am

    Since there’s no real issue tracker, I’ll just post this here… I believe something is wrong with the BigInteger class. I expect these two trace statements to show the same number:

    var modulus = new BigInteger(”a4788e2184b8d68bfe02690e4dbe48b”, 16);
    var base = new BigInteger(5);
    var exponent = new BigInteger(250);
    trace(base.modPow(exponent, modulus).toString(10));
    trace(base.modPowInt(250, modulus).toString(10));

    But they don’t, on my machine using Flash Player 9 on XP. When the exponent is a BigInteger, the result is 0. It works if the modulus is smaller.

  16. Ksero Says:
    October 9th, 2007 at 1:53 am

    Never mind… My mistake… don’t pass integers to the constructor…

  17. catherine andré Says:
    October 18th, 2007 at 4:58 am

    Hi, *.*, I have some problems.

    I have tried your code this way :
    /*———————————————————————*/
    import com.hurlant.crypto.Crypto;
    import com.hurlant.crypto.symmetric.ICipher;
    import com.hurlant.util.Base64;
    import flash.utils.ByteArray;

    private var mydata:ByteArray;

    public function My_encrypt () : void {
    mydata = Base64.decodeToByteArray(TXT_input.text);
    var mykey:ByteArray = Base64.decodeToByteArray(”compaq”);
    var cipher:ICipher = Crypto.getCipher(”simple-aes128-ctr”, mykey);
    cipher.encrypt(mydata);
    }

    public function My_decrypt():void {
    var mykey:ByteArray = Base64.decodeToByteArray(”compaq”);
    var cipher:ICipher = Crypto.getCipher(”simple-aes128-ctr”, mykey);
    cipher.decrypt(mydata);
    TXT_output.text = Base64.encodeByteArray(mydata);
    }
    /*———————————————————*/

    TXT_input, TXT_output are textfields. Both functions are called with buttons.
    Whatever the value of the key, it does not work properly. If my input text is “aa”, and if I encrypt it, the output text after decrypting will be “aaAA”.

    Can you help me and fix it ? Very very quickly ? Thank you.

  18. Shaw Says:
    October 19th, 2007 at 8:26 pm

    Hi Hurlant, I’m a web developer. I’ve update my As3Crypto from v1.1 to v1.2. But I found a big problem, which is that the function of signature has been removed from v1.2(that’s to say:the RSA function of Encrypting with PRIVATE key & Decrypting with PUBLIC key). I wonder why you kick this function out? And would you please add them back again? Thanks very much!!!

  19. masa Says:
    October 23rd, 2007 at 8:22 pm

    Hi,
    I’m trying to use AES(128) with CTR mode on this library. I found some bugs.

    When the data(1321979 bytes) is encrypted every 128 bytes,

    1. the encrypted data is padded for some reason. (Encrypted data is 1321984 bytes)
    2. 128 byte of head of the encrypted data is normaly, but the encrypted data after that is broken. (Looks like the counter return to zero every call encrypt() method. For example, Encrypted data used by Ac3Crypt library could not decrypt used by MS-Windows crypt library)

    I’m looking forward to fix the bugs.
    thanks.

  20. Pleh Says:
    October 24th, 2007 at 7:13 am

    package com.hurlant.util
    {
    import flash.utils.ByteArray;
    import com.hurlant.util.der.Sequence;
    import com.hurlant.util.der.DER;

    public class X509
    {

    private static const OID_RSA_ENCRYPTION:String = “1.2.840.113549.1.1.1″;

    private var _publicKeyModulus:String;
    public function get publicKeyModulus():String {
    return _publicKeyModulus;
    }

    private var _publicKeyExponent:String;
    public function get publicKeyExponent():String {
    return _publicKeyExponent;
    }

    public function X509(certificate:ByteArray){
    certificate.position = 0
    var seq:Sequence = Sequence(DER.parse(certificate));

    for(var i:int=0;i

  21. Tester Says:
    February 23rd, 2008 at 7:43 pm

    Looks like RSAKeyTest.as is broken :-( function testPEM2() could not correctly parse the test pub key. trace(rsa.dump()); will crash the program.

    Is this really the case? Anyone out there have tried PEM.readRSAPublicKey(pem) succesfully?

    Thanks

  22. John Says:
    November 5th, 2008 at 10:03 pm

    The RSA is indeed broken i’ve been looking at it for hours and cant get it to parse a public key in PEM format. I managed to get round it slightly by using

    RSAKey.parsePublicKey and then using the hex equiv of the PEM values N and E that I got using openssl but the encryption doesnt produce output that is compatible with the openssl lib.

    Its a real shame that the RSA support is lacking as everything else seems to work great SHA1 etc…

  23. ilya.devel Says:
    May 13th, 2009 at 12:13 am

    Base64.decodeToByteArray really fails (version: 1.0.0)

  24. Anonymous Says:
    July 3rd, 2022 at 9:32 am

Comment: