Hi,
I'm a bit stuck in trying to port local encryption to javascript. It's no
problem to de/encrypt the symmetric key used and use the same encryption
algorithm as Briefcase/ODK Collect, but I can't seem to figure out how to
get the initialization vector correctly. Currently, my decryption test (of
a record encrypted with ODK Collect) results in something like this:
º¥±ãluVÅ�í°/ÀV.0' ?>2
images1457984210252.jpg1457984197772.jpguuid:aab60510-f435-45ca-a7ae-dec99914a8c8
If I understand correctly the initialization vector is determined by:
- creating a md5 hash of the instanceId and the symmetric key, and getting
the md5 digest as byte array
- shift/increment a byte
https://github.com/opendatakit/briefcase/blob/b81c79384894939cb77d1f8877b4bcbcb3e6327f/src/org/opendatakit/briefcase/util/CipherFactory.java#L74in
this array
- this is the initialization vector used for symmetric en/decryption of a
file
I think step 2 is where I go wrong. If I understand correctly, with a
record that contains 2 mediafiles, to en/decrypt the submission.xml.enc
(i.e. the 3rd file), the 3rd item in the array (index 2) has to be
shifted/incremented. Is that correct?
Thanks much in advance for clarifying this.
Martijn
Got it (finally)!
By the time the 3rd file is reached the bytes in position 0, 1, and 2 have
been incremented, of course..... Phew.
···
On Wednesday, March 16, 2016 at 11:36:17 AM UTC-6, Martijn van de Rijdt wrote:
>
> Hi,
>
> I'm a bit stuck in trying to port local encryption to javascript. It's no
> problem to de/encrypt the symmetric key used and use the same encryption
> algorithm as Briefcase/ODK Collect, but I can't seem to figure out how to
> get the initialization vector correctly. Currently, my decryption test (of
> a record encrypted with ODK Collect) results in something like this:
>
> º¥±ãluVÅ�‰í°/ÀV.0' ?>2
> images1457984210252.jpg1457984197772.jpguuid:aab60510-f435-45ca-a7ae-dec99914a8c8
>
>
>
>
> If I understand correctly the initialization vector is determined by:
>
> 1. creating a md5 hash of the instanceId and the symmetric key, and
> getting the md5 digest as byte array
> 2. shift/increment a byte
> in
> this array
> 3. this is the initialization vector used for symmetric en/decryption of a
> file
>
> I think step 2 is where I go wrong. If I understand correctly, with a
> record that contains 2 mediafiles, to en/decrypt the submission.xml.enc
> (i.e. the 3rd file), the 3rd item in the array (index 2) has to be
> shifted/incremented. Is that correct?
>
> Thanks much in advance for clarifying this.
>
> Martijn
>
>
>