AES Encryption for Cloud BC

julkifli33
julkifli33 Member Posts: 1,092
in NAV Three Tier
Hi All,
I need to encrypt for AES Encryption in Cloud BC.
is BC able to do that?

usually i encrypt from here --> https://www.devglan.com/online-tools/aes-encryption-decryption
1f6pd9ocw0nt.png

Best Answer

  • dreez
    dreez Member Posts: 73
    Answer ✓
    Hello,

    Yes, you can

    AES is just a variant of Rijndael algorithm.

    https://en.wikipedia.org/wiki/Advanced_Encryption_Standard

    AES always takes blocks of 128 bits size and accepts three variants of the encryption key: 128, 192 and 256 bits and it's implemented in Business Central.

    I had to change your initialization vector (IV) a little bit, because it must contain exactly 16 bytes.
    Also I have used a PKCS7 padding, because if you don't use any padding at all, then you must be sure that your input (text that you want to encrypt) is divisible to complete blocks (which are 128 bits long).

    Here is sample of code that does that:
    local procedure AESEncryptionExample()
var
    RijndaelCryptography: Codeunit "Rijndael Cryptography";
    Base64Convert: Codeunit "Base64 Convert";
    EncryptedText: Text;
    DecryptedText: Text;
begin
    RijndaelCryptography.SetEncryptionData(Base64Convert.ToBase64('1106198321061984'), Base64Convert.ToBase64('ITGateWayXyZ1234'));
    RijndaelCryptography.SetBlockSize(128);
    RijndaelCryptography.SetCipherMode('CBC');
    RijndaelCryptography.SetPaddingMode('PKCS7');
    EncryptedText := RijndaelCryptography.Encrypt('Hello world');
    DecryptedText := RijndaelCryptography.Decrypt(EncryptedText);

    Message('EncryptedText: %1, DecryptedText: %2', EncryptedText, DecryptedText);
end;

Answers

  • dreez
    dreez Member Posts: 73
    Answer ✓
    Hello,

    Yes, you can

    AES is just a variant of Rijndael algorithm.

    https://en.wikipedia.org/wiki/Advanced_Encryption_Standard

    AES always takes blocks of 128 bits size and accepts three variants of the encryption key: 128, 192 and 256 bits and it's implemented in Business Central.

    I had to change your initialization vector (IV) a little bit, because it must contain exactly 16 bytes.
    Also I have used a PKCS7 padding, because if you don't use any padding at all, then you must be sure that your input (text that you want to encrypt) is divisible to complete blocks (which are 128 bits long).

    Here is sample of code that does that:
    local procedure AESEncryptionExample()
var
    RijndaelCryptography: Codeunit "Rijndael Cryptography";
    Base64Convert: Codeunit "Base64 Convert";
    EncryptedText: Text;
    DecryptedText: Text;
begin
    RijndaelCryptography.SetEncryptionData(Base64Convert.ToBase64('1106198321061984'), Base64Convert.ToBase64('ITGateWayXyZ1234'));
    RijndaelCryptography.SetBlockSize(128);
    RijndaelCryptography.SetCipherMode('CBC');
    RijndaelCryptography.SetPaddingMode('PKCS7');
    EncryptedText := RijndaelCryptography.Encrypt('Hello world');
    DecryptedText := RijndaelCryptography.Decrypt(EncryptedText);

    Message('EncryptedText: %1, DecryptedText: %2', EncryptedText, DecryptedText);
end;
  • julkifli33
    julkifli33 Member Posts: 1,092
    Hi @dreez thank you so much for your help.
    by the way for padding PKCS7, is it consider the same like NoPadding?
  • dreez
    dreez Member Posts: 73
    edited 2024-07-04
    No it is not the same, but you can use no padding if you want.

    The thing is that when you encrypt something using AES, it is divided into blocks of text, 128 bits each. If your input is not a mulitply of 128 bits, then it cannot be divided into complete (128bits sized) blocks and that causes errors.

    That is where padding comes to help. When you use padding then your input is derived so it can be divided into complete blocks, so there is no issue.

    You just have to use the same padding while decrypting, so you get proper results
  • julkifli33
    julkifli33 Member Posts: 1,092
    hi @dreez , i tried using None and '', but it doesnt work.
    what should i put as nopadding?
  • dreez
    dreez Member Posts: 73
    edited 2024-07-04
    You can just ommit setting the padding, then there will be none padding.

    'None' should work aswell, why does not it work for you? Do you get an error or what?
  • julkifli33
    julkifli33 Member Posts: 1,092
    Hi @dreez here is my error message if put "RijndaelCryptography.SetPaddingMode('None');"
    q42340smj500.png

    you are right, once i remove the padding it works.
    thank you so much Dreez !!
  • dreez
    dreez Member Posts: 73
    Oh, I was wrong. Apparently PKCS7 is a default padding as I just read in documentation. Meaning that if you won't set any padding, the PKCS7 will be taken.

    The error you've got above is saying that your input cannot be divided into complete blocks.

    That's what I was trying to explain to you earlier... If you don't choose any padding you have to make sure, that your input is a multiple of 128 bits.

    The 'None' padding is correct for what you want. And the message above is correct. Your input is just incorrect.
  • julkifli33
    julkifli33 Member Posts: 1,092
    no worries. i just commented the padding.
    and it works :)
    thanks a lot

Categories