REST API - Decrypting AES Encrypted field
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-28-2017 11:23 PM
Hi,
To decrypt an AES encrypted field through REST API, we have one issue of understanding the IV(Initialization Vector) and how to use that to decrypt the first block of 16 characters.
Encrypted field from the REST response JSON (description form field):
"description":"84d1d37bdb7a3200750573ffbf96191f:0aZdRxsIqSpFtuszNr73na/J9JuMLNB0J6T2f2FrV0sUlMmbW4prbZMmXGnLU4W6CDlb5F1lb8js\r\nRHw6tfyZd5ZL//ZUlozE916wvP+zd+uUfjpk2Bl9o2uAu+1bsNoAVdtP5m5fbnkjxf9yLRzREVVO\r\nIwYQOxNI/CeX2dzF/Uc="
Encryption method: AES 128 Bit.
Password: 1234567890123456
Original Text: "new description for new incident.
lets see if the initial part is same or it changes for this new incident"
Decrypted output : "bGOn>22H~KH:38/_for new incident.
lets see if the initial part is same or it changes for this new incident"
Decryption Used: AES/CBC/PKCS5Padding
How to decrypt the first block (that is highlighted in Red ). In other words, how to interpret 84d1d37bdb7a3200750573ffbf96191f in terms of IV to decrypt the first 16 characters ?
Any help would be appreciated.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-28-2017 11:54 PM
Can you please validate to encryption/decryption output online, Check that encryption you did, is that correct?
check below thread..
http://wiki.servicenow.com/index.php?title=Encryption_Support#gsc.tab=0
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-29-2017 12:17 AM
Hi, Encryption output provided here is taken from my own servicenow instance using REST API. Servicenow REST API json response had the "description" field which was encrypted.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-29-2017 12:25 AM
can you use base64 to encode ? or restricted to AES only
check below thread:
Encryption Support - ServiceNow Wiki
Decrypt AES128 Encrypted field in Business Rule
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-31-2017 02:02 AM
Here is the code for Decryption using AES, but still first 16bits are scrambled. I've given new IvParameterSpec(new byte[16]).
public class AESDecryption {
private static String key = "1234567890123456";
private static String str = "0aZdRxsIqSpFtuszNr73na/J9JuMLNB0J6T2f2FrV0sUlMmbW4prbZMmXGnLU4W6CDlb5F1lb8js\r\nRHw6tfyZd5ZL//ZUlozE916wvP+zd+uUfjpk2Bl9o2uAu+1bsNoAVdtP5m5fbnkjxf9yLRzREVVO\r\nIwYQOxNI/CeX2dzF/Uc=";
private static String paddingstr = "AES/CBC/PKCS5Padding";
private static int iterationCount = 65536;
private static int keyLength = 256;
private static String secretKeyAlg = "PBEWithHmacSHA256AndAES_256";
public static void main(String[] args) throws Exception {
String finalStrDec = null;
SecretKeyFactory factory = SecretKeyFactory.getInstance(secretKeyAlg);
PBEKeySpec spec = new PBEKeySpec(key.toCharArray(), generateSalt(), iterationCount, keyLength);
SecretKey secretKey = factory.generateSecret(spec);
SecretKeySpec secretKeySpec = new SecretKeySpec(secretKey.getEncoded(), "AES");
IvParameterSpec ivSpec = new IvParameterSpec(new byte[16]);
Cipher cipherDec = Cipher.getInstance(paddingstr);
cipherDec.init(Cipher.DECRYPT_MODE, secretKeySpec, ivSpec);
byte[] original = cipherDec.doFinal(org.apache.commons.codec.binary.Base64.decodeBase64(str));
finalStrDec = new String(original);
System.out.println(finalStrDec);
}
public static byte[] generateSalt() throws UnsupportedEncodingException {
SecureRandom random = new SecureRandom();
byte bytes[] = new byte[20];
random.nextBytes(bytes);
String salt = new String(bytes);
return salt.getBytes("UTF-8");
}
}
