Skip to Content

Encoding / Decoding base64Binary with AES-128ECB

Hello all,

to follow hungarian new law about electronic invoice (NAV system) i'm fighting and struggling with encoding and decoding data... and i'm loosing, bad, such fight.

The scenario
Every communication and payload works on XML structure.

Using provided login, i ask for a token to the API and i got it as answer as base64Binary, crypted with AES-128 ECB algorithm.

I should decrypt the token and send it back in the data communication, in a field defined with the facet

What i did until now

  • I receive the token ( example from the last call: mrlWpOOkvG8uuFL05v/VPyCXxr86OoS/dPu5PFsz+mWB29p/kn1MxPsTqZ9MmNcBpEfI8RU3lzbxUu7t+U0tjg== )
  • Convert my token into XSTRING to be able to decrypt it us
 TYPES: BEGIN OF t_t,
                bin TYPE char100
             END OF t_t.
    DATA: t_bin TYPE TABLE OF  t_t WITH DEFAULT KEY,
          r_bin TYPE t_t,
          len TYPE i.
    r_bin-bin = i_data. "my token
    APPEND r_bin TO t_bin.    len = strlen( r_bin-bin ). "88
    CALL FUNCTION 'SCMS_BINARY_TO_XSTRING'
      EXPORTING
         input_length = len
      IMPORTING
        buffer       = e_hex
      TABLES
        binary_tab   = t_bin
      EXCEPTIONS
        failed       = 1
        OTHERS       = 2.
  • To decrypt the token, i got a string-type key, so i convert it to XSTRING too
 FUNCTION 'SCMS_STRING_TO_XSTRING'
     EXPORTING
       text = c_key "the string key
     IMPORTING
        buffer = xkey
     EXCEPTIONS
       failed = 1
       OTHERS = 2.
 mode = zcl_aes_utility=>mc_encryption_mode_ecb.zcl_aes_utility=>decrypt_xstring(            EXPORTING                  i_key = xkey                  i_data = i_token                  i_initialization_vector = iv "initial                 i_encryption_mode = mode           IMPORTING                 e_data = resultx ).
  • And finally i reconvert the decrypted token to Base64 again
CALL FUNCTION 'SCMS_BASE64_ENCODE'
 EXPORTING
 input = x_s
 input_length = len "XSTRING from decrypt / 2
 IMPORTING
 output = o_c
 EXCEPTIONS
 output_too_small = 1
 OTHERS = 2.
 IF sy-subrc <> 0.
* Implement suitable error handling here
 ENDIF.
 token = o_c.
  • And this lead to a token long like the first one ( ryyXiG2iEn+Y/NSeAyY4GAhlw3i6o9PaC0s3UhnPPGKjeRqmODXo6vXGW1TUoswfTn5rVLNm2Lgah6zmSDY7Cg== ), which violates the text50 facet.

i also tried to convert my XSTRING to String instead of Base64 using the proposed solution i found on SCN and around the net (i.e. http://www.samplecodeabap.com/convert-xstring-string/ ) but i discarded this solution because it ends up into generating a bunch of gibberish characters not unicode.

What i need?
i am sure i'm messing something into the whole procedure of take-the-unholy-token-and-decrypt-it, maybe messing with the strings sizes, but i'd really appreaciate if someone could slap my head and points me in the right direction.

Thanks a lot!

facet.png (12.6 kB)
Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

2 Answers

  • Best Answer
    Aug 01, 2018 at 11:03 AM

    Hello Simone,

    right from start you are mentioning the token you receiving (mrlWpOOkvG8uuFL05v/VPyCXxr86OoS/dPu5PFsz+mWB29p/kn1MxPsTqZ9MmNcBpEfI8RU3lzbxUu7t+U0tjg==).

    But after that you are trying to convert it to xstring with SCMS_BINARY_TO_XSTRING.

    I think that is the problem.

    Because token looks like BASE64 string. So you need to decode this BASE64 string to xstring. Then you can decrypt this xstring and so no... rest of your steps seems OK.
    TIP: I like to use CL_HTTP_UTILITY for decoding/encoding BASE64 :-) There are 4 methods (2 for string and 2 for xstring)...

    Add comment
    10|10000 characters needed characters exceeded

  • Aug 01, 2018 at 11:17 AM
    -1

    Hi Simone,

    Similar development was carried out by someone earlier and has some problems in de-crypting. This was discussed in one of the issues of AES library. Please look into the issue at the url

    https://github.com/Sumu-Ning/AES/issues/15

    Issue there is different but, it might give you an idea how it is handled there. Further, the code used there is an adapted version of the whole library but not the library itself.

    Hope that helps..

    Add comment
    10|10000 characters needed characters exceeded