May 23rd, 2007Encryption in AS2 and AS3
If ever you need to encrypt or decrypt something from in AS2 or AS3, this might come in handy for you. I’ve started off with the great encryption classes written for AS2 by meychi.com (currently offline), but felt there had to be a more user-friendly way of using them, so I got to work on it last night and think I’ve come up with a pretty elegant solution.
You can download the ZIP-archive to try it out for yourself.
Please note that this release is still early alpha and there’s probably alot of room for improvement, I’ll post updated copies for the files here regularly. There’s also still little documentation in the files and there aren’t any unit tests yet.Inside the ZIP you’ll find an FLA for AS2 and one for AS3. The AS2 FLA comes in a Flash8 and a FlashCS3 flavour.The FLA’s contain a single MovieClip with a linkage to their respective .as source files.
Inside the package be.boulevart.as2.security are the wrapper classes I wrote for the original AS2 implementation by meychi.
What this does is provide you with an elegant way of using any encryption type with just a single line of code:
e = new Encryption(EncryptionTypes.RC4(), str , this.theKey, null, null, null);
See what I did with the EncryptionTypes there?
Since AS2 nor AS3 provide Enum’s (like for instance C# does), the static class EncryptionTypes serves as a wrapper for the various AS2 encryption classes. It’s functions return an Object instance of the appropriate encryption class. So instead of importing all the encryption classes to your class and instantiating a new instance for each class, you just import be.boulevart.as2.security.* and call EncryptionTypes.<type_you_choose>();
Next, pass in the string you want to encrypt and (depending on the encryption type you choose) additional parameters. Now you can just call e.encrypt to encrypt your string and e.decrypt to decrypt it. Wasn’t that easy?
I also ported the originals by meychi to AS3. Only GUID and LZW ain’t working in AS3 just yet.
Full AS3 example:
package be.boulevart.as3 {
/**
* Encodes and decodes a base64 string.
* @authors Sven Dens - http://www.svendens.com
* @version 0.1
*
* Original Javascript implementation:
* Aardwulf Systems, www.aardwulf.com
* See: http://www.aardwulf.com/tutor/base64/base64.html
*/
import flash.display.MovieClip;
import be.boulevart.as3.security.Encryption;
import be.boulevart.as3.security.EncryptionTypes;public class as3_cryptdemo extends MovieClip {
protected var e:Encryption;
protected var theKey:String = “you’ll never guess”;
protected var str:String = “My super secret string”;public function as3_cryptdemo()
{
trace(”String before encryption: ” + str + “\n”);//RC4 encryption
e = new Encryption(EncryptionTypes.RC4(), str , this.theKey, null, null, null);
e.encrypt();
trace(”String after RC4 encryption: ” + e.getInput());
e.decrypt();
trace(”String after RC4 decryption: ” + e.getInput() + “\n”);//Base8 encryption
e = new Encryption(EncryptionTypes.Base8(), str , null, null, null, null);
e.encode();
trace(”String after Base8 encoding: ” + e.getInput());
e.decode();
trace(”String after Base8 decoding: ” + e.getInput() + “\n”);//Base64 encryption
e = new Encryption(EncryptionTypes.Base64(), str , null, null, null, null);
e.encode();
trace(”String after Base64 encoding: ” + e.getInput());
e.decode();
trace(”String after Base64 decoding: ” + e.getInput() + “\n”);//Goauld calculation
e = new Encryption(EncryptionTypes.Goauld(), str , null, null, null, null);
e.calculate();
trace(”String after Goauld calculation: ” + e.getInput() + “\n”);//MD5 calculation
e = new Encryption(EncryptionTypes.MD5(), str , null, null, null, null);
e.calculate();
trace(”String after MD5 calculation: ” + e.getInput() + “\n”);//ROT13 calculation
e = new Encryption(EncryptionTypes.ROT13(), str , null, null, null, null);
e.calculate();
trace(”String after ROT13 calculation: ” + e.getInput() + “\n”);//SHA1 calculation
e = new Encryption(EncryptionTypes.SHA1(), str , null, null, null, null);
e.calculate();
trace(”String after SHA1 calculation: ” + e.getInput() + “\n”);//LZW compression
/*e = new Encryption(EncryptionTypes.LZW(), str , null, null, null, null);
e.compress();
trace(”String after LZW compression: ” + e.getInput());
e.decompress();
trace(”String after LZW decompression: ” + e.getInput() + “\n”);*///TEA encryption
e = new Encryption(EncryptionTypes.TEA(), str , this.theKey, null, null, null);
e.encrypt();
trace(”String after TEA encryption: ” + e.getInput());
e.decrypt();
trace(”String after TEA decryption: ” + e.getInput() + “\n”);//Rijndael encryption
e = new Encryption(EncryptionTypes.Rijndael(), str , this.theKey, “CBC”, 256, 256);
e.encryptRijndael();
trace(”String after Rijndael encryption: ” + e.getInput());
e.decryptRijndael();
trace(”String after Rijndael decryption: ” + e.getInput() + “\n”);
}
}
}
Full AS2 example:
import be.boulevart.as2.security.Encryption;
import be.boulevart.as2.security.EncryptionTypes;class be.boulevart.as2.as2_cryptdemo extends MovieClip
{
private var e:Encryption;
private var theKey:String = “you’ll never guess”;
private var str:String = “My super secret string”;public function as2_cryptdemo()
{
trace(”String before encryption: ” + str + “\n”);//RC4 encryption
e = new Encryption(EncryptionTypes.RC4(), str , this.theKey, null, null, null);
e.encrypt();
trace(”String after RC4 encryption: ” + e.getInput());
e.decrypt();
trace(”String after RC4 decryption: ” + e.getInput() + “\n”);//Base8 encryption
e = new Encryption(EncryptionTypes.Base8(), str , null, null, null, null);
e.encode();
trace(”String after Base8 encoding: ” + e.getInput());
e.decode();
trace(”String after Base8 decoding: ” + e.getInput() + “\n”);//Base64 encryption
e = new Encryption(EncryptionTypes.Base64(), str , null, null, null, null);
e.encode();
trace(”String after Base64 encoding: ” + e.getInput());
e.decode();
trace(”String after Base64 decoding: ” + e.getInput() + “\n”);//Goauld calculation
e = new Encryption(EncryptionTypes.Goauld(), str , null, null, null, null);
e.calculate();
trace(”String after Goauld calculation: ” + e.getInput() + “\n”);//MD5 calculation
e = new Encryption(EncryptionTypes.MD5(), str , null, null, null, null);
e.calculate();
trace(”String after MD5 calculation: ” + e.getInput() + “\n”);//ROT13 calculation
e = new Encryption(EncryptionTypes.ROT13(), str , null, null, null, null);
e.calculate();
trace(”String after ROT13 calculation: ” + e.getInput() + “\n”);//SHA1 calculation
e = new Encryption(EncryptionTypes.SHA1(), str , null, null, null, null);
e.calculate();
trace(”String after SHA1 calculation: ” + e.getInput() + “\n”);//LZW compression
e = new Encryption(EncryptionTypes.LZW(), str , null, null, null, null);
e.compress();
trace(”String after LZW compression: ” + e.getInput());
e.decompress();
trace(”String after LZW decompression: ” + e.getInput() + “\n”);//TEA encryption
e = new Encryption(EncryptionTypes.TEA(), str , this.theKey, null, null, null);
e.encrypt();
trace(”String after TEA encryption: ” + e.getInput());
e.decrypt();
trace(”String after TEA decryption: ” + e.getInput() + “\n”);//Rijndael encryption
e = new Encryption(EncryptionTypes.Rijndael(), str , this.theKey, “CBC”, 256, 256);
e.encryptRijndael();
trace(”String after Rijndael encryption: ” + e.getInput());
e.decryptRijndael();
trace(”String after Rijndael decryption: ” + e.getInput() + “\n”);
}
}
Like I said, still early alpha, but nevertheless fun to play with.
Let us know what you think about it!
crossposted at Tested Unit
Technorati Tags: as2, as3, encryption, flash
December 17th, 2007 at 4:57 pm
Hi,
I definitely appreciate your hard work on this library. I am attempting to implement it now. My only suggestion regards the implementation. It would be nice to see a static method that you can call, passing in encryption type, string to be encrypted, and key that simply returns the encrypted string. Thanks again for how far you’ve already brought this.
Robert
April 24th, 2008 at 2:29 am
Hey, looks like the server “svendens.be” is down.
May 19th, 2008 at 12:21 pm
Thanks for updating the download link !
July 2nd, 2008 at 7:04 pm
hi
im trying to decrypt this using c# at the other end but as its converted into hex it seems to be being a little odd, have you managed this ? What I was thinking of doing was changing the output from the encrypt function so it returns a base64 encoded string (which would then be the same as the c# end) rather than a hex value, or am i barking ?
December 8th, 2008 at 7:28 pm
can you update the link please?
it seems like svendens.com is down.
February 10th, 2009 at 2:50 pm
Hi there
just came across your wrapper class ASCrypt and it looks very useful indeed.
My problem is that I cant get php/Mcrypt to encrypt content that ASCrypt will decode successfully….
I;m trying both TEA and Rijndael as they look the most secure for my purposes.
Any pointers would be appreciated
Thanks
May 17th, 2009 at 5:56 pm
nice library! Is there any way to encrypt emails inside swf with this class?
June 9th, 2009 at 10:23 pm
Very nice set of classes. Thanks a million.
June 12th, 2009 at 4:16 pm
That was very useful.
Thanks a lot
June 27th, 2009 at 11:20 am
Basically with this you can encrypt a string using a ‘key’ which turns your string into lots of unreadable characters…The thing is that there is so much open source free code out there that can do everything under the sun that there really isn’t much of a need to steal other people’s code…
July 10th, 2009 at 9:49 am
AS3 may be especially well suited for banking and other industries where there are heavy investments in FTP scripting, applications and security…. And, of course, in the decrypt function, I had to use an escape on the return string to get all my characters back to normal….
July 14th, 2009 at 4:47 pm
I’ve often thought that if someone wanted to take the time and had the skill to reverse engineer my applications, they would probably spend just as much time doing as if they were to create their own app from scratch…I had the same problem with my Asian characters failing encryption/decryption using the TEA encryption…
July 15th, 2009 at 7:51 pm
I would like to use this Encryption code but the download link is down. Do you have an other download location?
Thanks in advance.
July 17th, 2009 at 12:03 pm
Great code. How would one go about using this to encrypt files rather than just text?
July 19th, 2009 at 9:45 am
AS2 is designed to be a real-time exchange system. When a business entity has data ready to send to a trading partner, the data is immediately pushed to the trading partner… In older systems, the data would be held in a queue somewhere until the trading partner picked up the data….
July 26th, 2009 at 1:21 pm
The thing is that there is so much open source free code out there that can do everything under the sun that there really isn’t much of a need to steal other people’s code…
August 16th, 2009 at 6:35 am
[...] Descarga Directa: http://labs.boulevart.be/index.php/2007/05/23/encryption-in-as2-and-as3/ [...]
September 3rd, 2009 at 12:03 am
Just what I was looking for. Very easy to implement AS3 version into Flex. Thank you for your hard work on this!!! You saved me loads of time.
October 9th, 2009 at 5:23 am
I am trying to use this and I’m completely new to this and not really a heavy Action Script programmer but I am trying to apply this to a a string that is loaded in from an external *.txt file but I can’t get it to read the text encode then decode it. I have placed the code in the first and only frame and also placed in the movie clip that contains the class link file.
[code]
stop();
var myString:LoadVars = new LoadVars();
myString.load(”config.txt”);
//Base64 encryption
myString.onLoad = function(success) {
e = new Encryption(EncryptionTypes.Base64(), str , null, null, null, null);
e.encode();
trace(”String after Base64 encoding: ” + e.getInput());
e.decode();
trace(”String after Base64 decoding: ” + e.getInput() + “\n”);
if (success) {
myText_txt.text = unescape(this);
trace(”Loaded the conif file = ” + success + unescape(this));
var my_array:Array = unescape(this).split(”|”);
for (var i = 0; i<my_array.length; i++) {
trace(my_array[i]);
}
logo_mc.loadMovie(my_array[0]);
name_txt.text = my_array[2] + ” ” + my_array[3];
surname_txt.text = my_array[3];
code_txt.text = my_array[1];
center_txt.text = my_array[4];
}
};
[/code]
January 4th, 2010 at 5:05 pm
Hi there
Thanks a lot for making this, was just what I needed. But it is causing 14 decompiling errors in the AS3 version, so if you got some spare time and nothing to do, you could make them disappear.
Cheers !