I was implementing encryption decryption of a file using the AES/CBC/PKCS5PADDING algorithm. And I noticed some peculiarity. With the correct order of initialization of the IV, everything is decrypted correctly. But if the order is wrong (see commented out lines), the beginning of the line is decoded incorrectly.
But if the decryption happens with wrong IV in CBC mode then nothing should be decrypted. After all, that's how AES/CBC works.
My question is - why is the string still decrypted with the wrong IV ?
Output
org.junit.ComparisonFailure:
Expected :Test string Test string Test string Test string Test string Test string
Actual :�Eݠ�/ՙ�, 9B�� string Test string Test string Test string Test string
Code
import javax.crypto.*;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import java.io.*;
import java.nio.charset.StandardCharsets;
import java.security.*;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.InvalidParameterSpecException;
import java.security.spec.KeySpec;
public class CryptographyService {
private static final String SECRET_KEY_DERIVATION_ALGORITHM = "PBKDF2WithHmacSHA256";
private static final String CIPHER_ALGORITHM_MODE_PADDING = "AES/CBC/PKCS5PADDING";
private static final String CIPHER_ALGORITHM = "AES";
private static final int SALT_LEN = 32;
private static byte[] createSalt() {
byte[] salt = new byte[SALT_LEN];
SecureRandom random = new SecureRandom();
random.nextBytes(salt);
return salt;
}
private static SecretKey secretKeyCreate(String userPassword, byte[] salt) throws NoSuchAlgorithmException,
InvalidKeySpecException {
SecretKeyFactory factory = SecretKeyFactory.getInstance(SECRET_KEY_DERIVATION_ALGORITHM);
KeySpec spec = new PBEKeySpec(userPassword.toCharArray(), salt, 25000, 256);
SecretKey tmp = factory.generateSecret(spec);
SecretKey secret = new SecretKeySpec(tmp.getEncoded(), CIPHER_ALGORITHM);
return secret;
}
public static void encrypt(String userPassword, String fileEncryptName, String jsonPasswordsData)
throws NoSuchAlgorithmException, InvalidKeySpecException,
NoSuchPaddingException, InvalidKeyException, InvalidParameterSpecException, IOException {
byte[] salt = createSalt();
SecretKey secretKey = secretKeyCreate(userPassword, salt);
Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM_MODE_PADDING);
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
AlgorithmParameters params = cipher.getParameters();
byte[] iv = params.getParameterSpec(IvParameterSpec.class).getIV();
//cipher.init(Cipher.ENCRYPT_MODE, secretKey); // incorrect decrypt
try (FileOutputStream fileOutputStream = new FileOutputStream(fileEncryptName);
CipherOutputStream cipherOutputStream = new CipherOutputStream(fileOutputStream, cipher)) {
fileOutputStream.write(iv);
fileOutputStream.write(salt);
fileOutputStream.flush();
cipherOutputStream.write(jsonPasswordsData.getBytes(StandardCharsets.UTF_8));
}
}
public static String decrypt(String userPassword, String fileDecryptName) throws NoSuchPaddingException,
NoSuchAlgorithmException, IOException, InvalidParameterSpecException, InvalidKeySpecException,
InvalidAlgorithmParameterException, InvalidKeyException {
Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM_MODE_PADDING);
AlgorithmParameters params = cipher.getParameters();
int ivLength = params.getParameterSpec(IvParameterSpec.class).getIV().length;
byte[] iv = new byte[ivLength];
byte[] salt = new byte[SALT_LEN];
byte[] plainText;
try (FileInputStream fileInputStream = new FileInputStream(fileDecryptName);
CipherInputStream cipherInputStream = new CipherInputStream(fileInputStream, cipher)) {
fileInputStream.read(iv);
fileInputStream.read(salt);
SecretKey secretKey = secretKeyCreate(userPassword, salt);
cipher.init(Cipher.DECRYPT_MODE, secretKey, new IvParameterSpec(iv));
plainText = cipherInputStream.readAllBytes();
}
return new String(plainText, StandardCharsets.UTF_8);
}
}
Related
I am trying to encrypt a string with a user defined password and then decode it with the string again.
My code:
SecurityManager.java
package de.example.org;
import javax.crypto.*;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.util.Base64;
public class SecurityManager {
private static final String ALGORITHM = "AES";
private static final String TRANSFORMATION = "AES/ECB/PKCS5Padding";
private static final SecureRandom secureRandom = new SecureRandom();
private static final Base64.Encoder base64Encoder = Base64.getUrlEncoder();
private static final SecretKeyFactory factory;
static {
try {
factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e);
}
}
private static PBEKeySpec generatePBEKeySpec(String password) {
return new PBEKeySpec(password.toCharArray(), generateRandomString(16).getBytes(), 65536, 128);
}
public static String generateRandomString(int length) {
byte[] randomBytes = new byte[length];
secureRandom.nextBytes(randomBytes);
return base64Encoder.encodeToString(randomBytes);
}
public static String generateEncryptedKey(String password) throws InvalidKeySpecException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
SecretKey secretKey = factory.generateSecret(generatePBEKeySpec(password));
byte[] encodedKey = secretKey.getEncoded();
// Convert the secretKey to a SecretKeySpec
Key secretKeySpec = new SecretKeySpec(encodedKey, ALGORITHM);
// Encrypt the original string
Cipher cipher = Cipher.getInstance(TRANSFORMATION);
cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);
String random = generateRandomString(128);
System.out.println(random);
byte[] encryptedBytes = cipher.doFinal(random.getBytes());
return new String(encryptedBytes);
}
public static String decryptKey(String encryptedKey, String password) throws InvalidKeySpecException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
SecretKey secretKey = factory.generateSecret(generatePBEKeySpec(password));
byte[] encodedKey = secretKey.getEncoded();
// Convert the secretKey to a SecretKeySpec
Key secretKeySpec = new SecretKeySpec(encodedKey, ALGORITHM);
// Decrypt the encrypted string
Cipher cipher = Cipher.getInstance(TRANSFORMATION);
cipher.init(Cipher.DECRYPT_MODE, secretKeySpec);
byte[] decryptedBytes = cipher.doFinal(encryptedKey.getBytes());
return new String(decryptedBytes);
}
}
Executing the function in main:
String encrypted = SecurityManager.generateEncryptedKey("123");
String decrypted = SecurityManager.decryptKey(encrypted, "123");
System.out.println(decrypted);
Error:
Exception in thread "main" javax.crypto.IllegalBlockSizeException: Input length must be multiple of 16 when decrypting with padded cipher
at java.base/com.sun.crypto.provider.CipherCore.prepareInputBuffer(CipherCore.java:887)
at java.base/com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:729)
at java.base/com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:434)
at java.base/javax.crypto.Cipher.doFinal(Cipher.java:2206)
at de.example.org.SecurityManager.decryptKey(SecurityManager.java:66)
at de.example.org.main.Main.main(Main.java:11)
I have been sitting on this for hours now, and with bytes I can encrypt it. But since I want to store the encrypted string, so it's still available after a restart, storing the bytes in a file would be less secure AFAIK.
My code wasn't actually able to decrypt. This code does the job:
package de.alexx1.birthdaynotf.helper;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import java.security.Key;
import java.security.SecureRandom;
import java.security.spec.KeySpec;
import java.util.Arrays;
import java.util.Base64;
public class SecurityManager {
private static final String ALGORITHM = "AES/CBC/PKCS5Padding";
private static final String CHARSET = "UTF-8";
private static final int KEY_SIZE = 128;
private static final int ITERATIONS = 65536;
private static final int SALT_LENGTH = 16;
private static final SecureRandom secureRandom = new SecureRandom();
private static final Base64.Encoder base64Encoder = Base64.getEncoder();
public static String generateRandomString(int length) {
byte[] randomBytes = new byte[length];
secureRandom.nextBytes(randomBytes);
return base64Encoder.encodeToString(randomBytes);
}
public static String encrypt(String plainText, String password) throws Exception {
byte[] salt = generateSalt();
SecretKey secretKey = generateSecretKey(password, salt);
byte[] keyBytes = secretKey.getEncoded();
Key key = new SecretKeySpec(keyBytes, "AES");
Cipher cipher = Cipher.getInstance(ALGORITHM);
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] encryptedBytes = cipher.doFinal(plainText.getBytes(CHARSET));
byte[] iv = cipher.getIV();
byte[] encryptedText = new byte[salt.length + iv.length + encryptedBytes.length];
System.arraycopy(salt, 0, encryptedText, 0, salt.length);
System.arraycopy(iv, 0, encryptedText, salt.length, iv.length);
System.arraycopy(encryptedBytes, 0, encryptedText, salt.length + iv.length, encryptedBytes.length);
return Base64.getEncoder().encodeToString(encryptedText);
}
public static String decrypt(String encryptedText, String password) throws Exception {
byte[] encryptedTextBytes = Base64.getDecoder().decode(encryptedText.getBytes(CHARSET));
byte[] salt = Arrays.copyOfRange(encryptedTextBytes, 0, SALT_LENGTH);
byte[] iv = Arrays.copyOfRange(encryptedTextBytes, SALT_LENGTH, SALT_LENGTH + 16);
byte[] cipherText = Arrays.copyOfRange(encryptedTextBytes, SALT_LENGTH + 16, encryptedTextBytes.length);
SecretKey secretKey = generateSecretKey(password, salt);
Key key = new SecretKeySpec(secretKey.getEncoded(), "AES");
Cipher cipher = Cipher.getInstance(ALGORITHM);
cipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(iv));
byte[] decryptedBytes = cipher.doFinal(cipherText);
return new String(decryptedBytes, CHARSET);
}
private static SecretKey generateSecretKey(String password, byte[] salt) throws Exception {
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
KeySpec spec = new PBEKeySpec(password.toCharArray(), salt, ITERATIONS, KEY_SIZE);
return factory.generateSecret(spec);
}
private static byte[] generateSalt() {
byte[] salt = new byte[SALT_LENGTH];
secureRandom.nextBytes(salt);
return salt;
}
}
I am working on a project for my Java programming class to create a password manager, and I am working on encrypting and decrypting my passwords.
I have the encryption piece working fine, but I keep getting an javax.crypto.AEADBadTagException: Tag mismatch! error.
Here is the full error:
Exception in thread "main" javax.crypto.AEADBadTagException: Tag mismatch!
at java.base/com.sun.crypto.provider.GaloisCounterMode.decryptFinal(GaloisCounterMode.java:580)
at java.base/com.sun.crypto.provider.CipherCore.finalNoPadding(CipherCore.java:1116)
at java.base/com.sun.crypto.provider.CipherCore.fillOutputBuffer(CipherCore.java:1053)
at java.base/com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:853)
at java.base/com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:446)
at java.base/javax.crypto.Cipher.doFinal(Cipher.java:2202)
at PasswordVault.Decrypt(PasswordVault.java:89)
at PasswordVault.main(PasswordVault.java:27)
I've been trying to figure out this error on my own through researching here, but I am not having much luck or understanding about what is going wrong.
This is my main class:
import java.io.UnsupportedEncodingException;
import java.security.*;
import java.util.ArrayList;
import java.util.Scanner;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import java.util.Base64;
public class PasswordVault {
private static ArrayList<Password> passwordVault;
public Scanner keyboard = new Scanner(System.in);
public String website;
public String username;
private String password;
private SecretKey key;
public static void main(String[] args) throws IllegalBlockSizeException, BadPaddingException, NoSuchAlgorithmException, NoSuchPaddingException, UnsupportedEncodingException, InvalidKeyException, NoSuchProviderException, InvalidAlgorithmParameterException {
passwordVault = new ArrayList<>();
addPassword();
System.out.println(passwordVault);
//byte [] passwordByte = passwordVault.get(0).getPassword().getBytes();
System.out.println(Decrypt(passwordVault.get(0).getPassword(),generateKey()));
}
public static void addPassword() throws NoSuchPaddingException, BadPaddingException, NoSuchAlgorithmException, IllegalBlockSizeException, UnsupportedEncodingException, InvalidKeyException, NoSuchProviderException, InvalidAlgorithmParameterException {
Scanner keyboard = new Scanner(System.in);
String website;
String username;
String password;
SecretKey key = null;
System.out.println("Please enter in the website that you would like to store a password:");
website = keyboard.nextLine();
System.out.println("Please enter your username");
username = keyboard.nextLine();
System.out.println("Please enter your password");
password = keyboard.nextLine();
key = generateKey();
savePassword(website,username,password,key);
}
private static ArrayList<Password>savePassword(String website, String username, String password, SecretKey key) throws IllegalBlockSizeException, BadPaddingException, NoSuchAlgorithmException, NoSuchPaddingException, UnsupportedEncodingException, InvalidKeyException, NoSuchProviderException, InvalidAlgorithmParameterException {
String encryptedPassword;
encryptedPassword = Encrypt(password,key);
String stringEncryptedPassword = new String(encryptedPassword);
Password savePass = new Password(website, username, stringEncryptedPassword);
passwordVault.add(savePass);
return passwordVault;
}
public static SecretKey generateKey() throws NoSuchPaddingException, NoSuchAlgorithmException {
SecureRandom random = SecureRandom.getInstanceStrong();
KeyGenerator keyGen = KeyGenerator.getInstance("AES");
keyGen.init(128, random);
SecretKey key = keyGen.generateKey();
return key;
}
private static String Encrypt(String password, SecretKey key) throws UnsupportedEncodingException, NoSuchPaddingException, NoSuchAlgorithmException, BadPaddingException, IllegalBlockSizeException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchProviderException {
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding", "SunJCE");
byte[] iv = new byte[12];
SecureRandom random = SecureRandom.getInstanceStrong();
random.nextBytes(iv);
GCMParameterSpec spec = new GCMParameterSpec(128, iv);
cipher.init(Cipher.ENCRYPT_MODE, key, spec);
byte [] bytePassword = password.getBytes("UTF-8");
byte [] encryptedPassword = cipher.doFinal(bytePassword);
/*Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
cipher.init(Cipher.ENCRYPT_MODE, key);
byte [] bytePassword = password.getBytes("UTF-8");
byte [] encryptedPassword = cipher.doFinal(bytePassword);
return Base64.getEncoder().encodeToString(encryptedPassword);*/
//return encryptedPassword;
return Base64.getEncoder().encodeToString(encryptedPassword);
}
private static String Decrypt(String password, SecretKey key) throws UnsupportedEncodingException, NoSuchPaddingException, NoSuchAlgorithmException, BadPaddingException, IllegalBlockSizeException, InvalidKeyException, NoSuchProviderException, InvalidAlgorithmParameterException {
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding", "SunJCE");
byte[] iv = new byte[12];
SecureRandom random = SecureRandom.getInstanceStrong();
random.nextBytes(iv);
GCMParameterSpec spec = new GCMParameterSpec(128, iv);
cipher.init(Cipher.DECRYPT_MODE, key, spec);
return new String(cipher.doFinal(Base64.getDecoder().decode(password)));
}
//byte [] byteDecryptPassword = cipher.doFinal(password);
// String newPassword = new String(password, "UTF-8");
//Cipher cipher = null;
//cipher = Cipher.getInstance("AES/GCM/NoPadding");
//cipher.init(Cipher.DECRYPT_MODE, key);
/*byte [] bytePassword = new byte[0];
bytePassword = password.getBytes("UTF-8");
byte [] encryptedPassword = new byte[0];
encryptedPassword = cipher.doFinal(bytePassword);*/
}
This is my Password object:
public class Password {
String website;
String login;
String password;
public Password(String website, String login, String password) {
this.website = website;
this.login = login;
this.password = password;
}
public String getWebsite() {
return website;
}
public void setWebsite(String website) {
this.website = website;
}
public String getLogin() {
return login;
}
public void setLogin(String login) {
this.login = login;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
#Override
public String toString(){
return "Website: " + website + " Login: " + login + " Password: " + password;
}
}
What I am hoping to get right now with my tests is a decrypted plain text version of the password that I enter in. Right now, I just keep getting this BadTag issue.
Any help is greatly appreciated.
Just to give you some idea on how you could program this, let's show you a new PasswordVault.
Your own new code fragment also works of course, currently sidesteps the required design for password storage; it is a generic GCM example which doesn't store the IV, doesn't have the vault and so on (which is probably a good idea to start off with if you cannot get GCM to work).
Note that the following code fragment is still not a secure vault, but it shows how to program the fault in an OO-fashion.
import static java.nio.charset.StandardCharsets.UTF_8;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Scanner;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
public class PasswordVault {
private static final int KEY_SIZE_BITS = 128;
private static final int GCM_TAG_SIZE_BITS = 128;
private static final int GCM_IV_SIZE_BYTES = 12;
private ArrayList<PasswordEntry> vaultBoxes;
private SecretKey key;
public PasswordVault() throws NoSuchAlgorithmException {
vaultBoxes = new ArrayList<>();
key = generateKey();
}
public void encryptAndStorePasswordEntry(PasswordEntry passwordEntry) throws GeneralSecurityException {
String encryptedPassword = encrypt(passwordEntry.getPassword(), key);
PasswordEntry savePass = new PasswordEntry(passwordEntry.getWebsite(), passwordEntry.getLogin(),
encryptedPassword);
vaultBoxes.add(savePass);
}
public PasswordEntry retrieveAndDecryptPasswordEntry() throws GeneralSecurityException {
// TODO think of a way to retrieve the password for a specific entry
PasswordEntry encryptedPasswordEntry = vaultBoxes.get(0);
String password = decrypt(encryptedPasswordEntry.getPassword(), key);
return new PasswordEntry(encryptedPasswordEntry.getWebsite(), encryptedPasswordEntry.getLogin(), password);
}
public static SecretKey generateKey() throws NoSuchAlgorithmException {
SecureRandom random = SecureRandom.getInstanceStrong();
KeyGenerator keyGen = KeyGenerator.getInstance("AES");
keyGen.init(KEY_SIZE_BITS, random);
return keyGen.generateKey();
}
public static String encrypt(String password, SecretKey key) throws GeneralSecurityException {
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
byte[] iv = generateRandomIV();
GCMParameterSpec spec = new GCMParameterSpec(GCM_TAG_SIZE_BITS, iv);
cipher.init(Cipher.ENCRYPT_MODE, key, spec);
byte[] bytePassword = password.getBytes(UTF_8);
byte[] ivCTAndTag = new byte[GCM_IV_SIZE_BYTES + cipher.getOutputSize(bytePassword.length)];
System.arraycopy(iv, 0, ivCTAndTag, 0, GCM_IV_SIZE_BYTES);
cipher.doFinal(bytePassword, 0, bytePassword.length, ivCTAndTag, GCM_IV_SIZE_BYTES);
return Base64.getEncoder().encodeToString(ivCTAndTag);
}
private static byte[] generateRandomIV() {
byte[] iv = new byte[GCM_IV_SIZE_BYTES];
SecureRandom random = new SecureRandom();
random.nextBytes(iv);
return iv;
}
public static String decrypt(String encryptedPassword, SecretKey key) throws GeneralSecurityException {
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
byte[] ivAndCTWithTag = Base64.getDecoder().decode(encryptedPassword);
GCMParameterSpec spec = new GCMParameterSpec(GCM_TAG_SIZE_BITS, ivAndCTWithTag, 0, GCM_IV_SIZE_BYTES);
cipher.init(Cipher.DECRYPT_MODE, key, spec);
byte[] plaintext = cipher.doFinal(ivAndCTWithTag, GCM_IV_SIZE_BYTES, ivAndCTWithTag.length - GCM_IV_SIZE_BYTES);
return new String(plaintext, UTF_8);
}
public static void main(String[] args) throws Exception {
PasswordVault vault = new PasswordVault();
PasswordEntry passwordEntry = readPlainPasswordEntry();
vault.encryptAndStorePasswordEntry(passwordEntry);
System.out.println(vault.vaultBoxes);
PasswordEntry decryptedPasswordEntry = vault.retrieveAndDecryptPasswordEntry();
System.out.println(decryptedPasswordEntry);
}
public static PasswordEntry readPlainPasswordEntry() {
try (Scanner keyboard = new Scanner(System.in)) {
System.out.println("Please enter in the website that you would like to store a password:");
String website = keyboard.nextLine();
System.out.println("Please enter your username");
String login = keyboard.nextLine();
System.out.println("Please enter your password");
String password = keyboard.nextLine();
return new PasswordEntry(website, login, password);
}
}
}
As you will see, I've renamed quite a lot of variables as well and introduced multiple constants. I've made the vault one object with state, which consists of the key and the secure entries.
Of course, in the end you want to serialize the vault to store the encrypted values without the key, which must be stored / retrieved / derived from somewhere else. You don't want to mix retrieving the password and storing the password entries (which I've renamed, because a website and login is not part of a password).
I've also simplified the exception handling and String handling (if you ever perform new String(string) then you might be surprised that it consists of return string; internally). To handle crypto exceptions well, take a look at this answer of mine.
OK, hopefully this helps you along. Good luck with the rest of it.
I actually figured out the solution to my program.
I had to end up refactoring things because I think I kept resetting my iv, which would cause a type mismatch.
Here is my finished and working code:
import javax.crypto.*;
import javax.crypto.spec.GCMParameterSpec;
import java.io.UnsupportedEncodingException;
import java.security.*;
import java.util.ArrayList;
import java.util.Scanner;
public class TestPasswordVault {
private static ArrayList<Password> passwordVault;
public Scanner keyboard = new Scanner(System.in);
public String website;
public String username;
private String password;
private static SecretKey key;
public static void main(String[] args) throws UnsupportedEncodingException, NoSuchPaddingException, NoSuchAlgorithmException, BadPaddingException, IllegalBlockSizeException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchProviderException {
String test = "kittens";
SecureRandom random = SecureRandom.getInstanceStrong();
KeyGenerator keyGen = KeyGenerator.getInstance("AES");
keyGen.init(128, random);
SecretKey key = keyGen.generateKey();
byte[] iv = new byte[12];
random.nextBytes(iv);
System.out.println(test);
byte [] newTest = doEncrypt(test,iv,random,key);
System.out.println(newTest);
System.out.println(doDecrypt(newTest,iv,random,key));
}
public static byte [] doEncrypt(String password, byte [] iv, SecureRandom random, SecretKey key) throws NoSuchPaddingException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, UnsupportedEncodingException {
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding", "SunJCE");
GCMParameterSpec spec = new GCMParameterSpec(128, iv);
cipher.init(Cipher.ENCRYPT_MODE, key, spec);
byte [] encryptPassword = password.getBytes("UTF-8");
byte[] cipherText = cipher.doFinal(encryptPassword);
return cipherText;
}
public static String doDecrypt(byte [] encrypted, byte [] iv, SecureRandom random, SecretKey key)throws NoSuchPaddingException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, UnsupportedEncodingException {
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding", "SunJCE");
GCMParameterSpec spec = new GCMParameterSpec(128, iv);
cipher.init(Cipher.DECRYPT_MODE, key, spec);
byte[] plainText = cipher.doFinal(encrypted);
return new String(plainText);
}
}
I basically need to decrypt a password I retrieve from a server encrypted with Rijndael, I have never worked with encrypting/decrypting before and I am completely lost. I found somewhere in this web that Java has some methods implemented without need of external libraries to do so but I didn't get it. The only thing I need is the decrypt since I won't be writing back into the server anyways.
Any idea on how to do it or where I could find documentation about it?
I don't know if this code, taken from an answer here is what I am looking for, I don't understand much of it, as I said, I've never worked with this kind of stuff before:
byte[] sessionKey = null; //Where you get this from is beyond the scope of this post
byte[] iv = null ; //Ditto
byte[] plaintext = null; //Whatever you want to encrypt/decrypt
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
//You can use ENCRYPT_MODE or DECRYPT_MODE
cipher.calling init(Cipher.ENCRYPT_MODE, new SecretKeySpec(sessionKey, "AES"), new IvParameterSpec(iv));
byte[] ciphertext = cipher.doFinal(plaintext);
Thanks in advance.
Here is a Simple Crypto utility class that might be of help to you. Its based on the code written by ferenc.hechler posted at the following url :
http://www.androidsnippets.com/encryptdecrypt-strings
I have made some changes to it to fit my needs.
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
public class SimpleCrypto {
private static final int KEY_SIZE = 128;
public static String encrypt(String seed, String cleartext) throws NoSuchAlgorithmException, InvalidKeyException, NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException {
final byte[] rawKey = getRawKey(seed.getBytes());
final byte[] result = encrypt(rawKey, cleartext.getBytes());
return bin2hex(result);
}
public static String decrypt(String seed, String encrypted) throws NoSuchAlgorithmException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, NoSuchPaddingException {
final byte[] rawKey = getRawKey(seed.getBytes());
final byte[] enc = toByte(encrypted);
final byte[] result = decrypt(rawKey, enc);
return new String(result);
}
public static String decrypt(String seed, byte[] encrypted) throws NoSuchAlgorithmException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, NoSuchPaddingException {
final byte[] rawKey = getRawKey(seed.getBytes());
final byte[] result = decrypt(rawKey, encrypted);
return new String(result);
}
private static byte[] getRawKey(byte[] seed) throws NoSuchAlgorithmException {
final KeyGenerator kgen = KeyGenerator.getInstance("AES");
final SecureRandom sr = SecureRandom.getInstance("SHA1PRNG");
sr.setSeed(seed);
kgen.init(KEY_SIZE, sr); // 192 and 256 bits may not be available
final SecretKey skey = kgen.generateKey();
byte[] raw = skey.getEncoded();
return raw;
}
public static byte[] encrypt(byte[] raw, byte[] clear) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
final SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
final Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
final byte[] encrypted = cipher.doFinal(clear);
return encrypted;
}
public static byte[] decrypt(byte[] raw, byte[] encrypted) throws IllegalBlockSizeException, BadPaddingException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException {
final SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
final Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, skeySpec);
final byte[] decrypted = cipher.doFinal(encrypted);
return decrypted;
}
public static String toHex(String txt) {
return bin2hex(txt.getBytes());
}
public static String fromHex(String hex) {
return new String(toByte(hex));
}
public static byte[] toByte(String hexString) {
final int len = hexString.length() / 2;
final byte[] result = new byte[len];
for (int i = 0; i < len; i++) {
result[i] = Integer.valueOf(hexString.substring(2 * i, 2 * i + 2), 16).byteValue();
}
return result;
}
public static byte[] getHash(String str) {
MessageDigest digest = null;
try {
digest = MessageDigest.getInstance("SHA-256");
} catch (NoSuchAlgorithmException ex) {
ex.printStackTrace();
}
digest.reset();
return digest.digest(str.getBytes());
}
static String bin2hex(byte[] data) {
return String.format("%0" + (data.length * 2) + "X", new BigInteger(1, data));
}
}
Here is how you would use it to decrypt something :
final String ssid = "MY_WIFI_SSID";
final String encWifiKey = "myEncryptedWifiKeyString";
String wifiKey = "";
try {
wifiKey = new String(SimpleCrypto.decrypt(SimpleCrypto.getHash(ssid), Base64.decode(encWifiKey, Base64.DEFAULT)));
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (IllegalBlockSizeException e) {
e.printStackTrace();
} catch (BadPaddingException e) {
e.printStackTrace();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (NoSuchPaddingException e) {
e.printStackTrace();
}
I convert the secretkey into bytes with following code
SecretKey key = KeyGenerator.getInstance("DES").generateKey();
byte[] bkey=key.getEncoded();
Now how do I get the key from bkey? I tried:
SecretKeySpec secretkey = new SecretKeySpec(bkey,"DES");
SecretKeyFactory sfkey = SecretKeyFactory.getInstance("DES");
SecretKey skey = sfkey.generateSecret(secretkey);
I get the following error:
Error during Exception java.security.spec.InvalidKeySpecException: Inappropriate key specification
This should work
SecretKey key = KeyGenerator.getInstance("DES").generateKey();
byte[] data = key.getEncoded();
SecretKey key2 = new SecretKeySpec(data, 0, data.length, "DES");
Try some of this code...
import javax.crypto.Cipher;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import java.security.Key;
import java.security.InvalidKeyException;
public class DESede {
private static String algorithm = "DESede";
private static Key key = null;
private static SecretKey secretKey = null;
private static Cipher cipher = null;
private static DESede obj = new DESede();
private DESede() {
try {
key = KeyGenerator.getInstance(algorithm).generateKey();
KeyGenerator.getInstance(algorithm).getProvider();
byte[] keyBytes = key.getEncoded();
String keyFormat = key.getFormat();
String keyAlgorithm = key.getAlgorithm();
String keyString = new String(keyBytes);
System.out.println("Key Format::" + keyFormat);
System.out.println("Key Algorithm::" + keyAlgorithm);
System.out.println("Key String::" + keyString);
keyString.getBytes();
secretKey = new SecretKeySpec(keyBytes, 0, keyBytes.length, "DESede");
byte[] secretKeyBytes = key.getEncoded();
String secretKeyFormat = key.getFormat();
String secretKeyAlgorithm = key.getAlgorithm();
String secretKeyString = new String(secretKeyBytes);
System.out.println("Secret Key Format::" + secretKeyFormat);
System.out.println("Secret Key Algorithm::" + secretKeyAlgorithm);
System.out.println("Secret Key String::" + secretKeyString);
String keyNewString = "bXŒ*êÂÕê›æOÄ’Îý‘ãô|8¶Ë1";
byte[] keyNewBytes = keyString.getBytes();
secretKey = new SecretKeySpec(keyBytes, 0, keyBytes.length, "DESede");
cipher = Cipher.getInstance(algorithm);
} catch (Exception e) {
}
}
public static DESede getInstance() {
return obj;
}
public static byte[] encrypt(String input) throws InvalidKeyException,
BadPaddingException, IllegalBlockSizeException {
System.out.println("Inside encrypt()");
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
byte[] inputBytes = input.getBytes();
System.out.println("Exit encrypt()");
return cipher.doFinal(inputBytes);
}
public static String decrypt(byte[] encryptionBytes)
throws InvalidKeyException, BadPaddingException,
IllegalBlockSizeException {
System.out.println("Inside decrypt()");
cipher.init(Cipher.DECRYPT_MODE, secretKey);
byte[] recoveredBytes = cipher.doFinal(encryptionBytes);
String recovered = new String(recoveredBytes);
System.out.println("Exiting decrypt()");
return recovered;
}
public static void main(String args[]) throws InvalidKeyException,
BadPaddingException, IllegalBlockSizeException {
byte[] encryptedValue = DESede.encrypt("plz try encrypt and decrypt me");
System.out.println("encryptedValue::" + encryptedValue);
String decryptedValue = DESede.decrypt(encryptedValue);
System.out.println("decryptedValue::" + decryptedValue);
}
}
I'm writing an application for Android that uses symmetric key encryption to protect sensitive data. As far as I can tell, Android only directly supports "PBEWithMD5AndDES". How secure is this algorithm? Also, I've included my code below (non-andriod). Is my code correctly encrypting the data?
import java.io.UnsupportedEncodingException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.InvalidParameterSpecException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
public class CipherTest
{
private static class EncryptInfo
{
private final byte[] encryptedData;
private final byte[] initVector;
private final byte[] salt;
public EncryptInfo(byte[] encryptedData, byte[] initVector, byte[] salt)
{
this.encryptedData = encryptedData.clone();
this.initVector = initVector.clone();
this.salt = salt.clone();
}
public byte[] getEncryptedData()
{
return encryptedData;
}
public byte[] getInitVector()
{
return initVector;
}
public byte[] getSalt()
{
return salt;
}
}
private static final String keyGenAlgorithm = "PBEWithMD5AndDES";
private static final String keyAlgorithm = "DES";
private static final String cipherTransform = "PBEWithMD5AndDES/CBC/PKCS5Padding";
private static EncryptInfo encrypt(char[] password, byte[] data)
throws NoSuchAlgorithmException, InvalidKeySpecException,
NoSuchPaddingException, InvalidKeyException,
InvalidParameterSpecException, IllegalBlockSizeException,
BadPaddingException, UnsupportedEncodingException
{
byte[] salt = new byte[16];
new SecureRandom().nextBytes(salt);
PBEKeySpec keySpec = new PBEKeySpec(password, salt, 1024);
SecretKeyFactory secretKeyFactory = SecretKeyFactory
.getInstance(keyGenAlgorithm);
SecretKey secretKey = secretKeyFactory.generateSecret(keySpec);
keySpec.clearPassword();
byte[] key = secretKey.getEncoded();
SecretKeySpec secretKeySpec = new SecretKeySpec(key, keyAlgorithm);
Cipher cipher = Cipher.getInstance(cipherTransform);
cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);
byte[] initVector = cipher.getParameters().getParameterSpec(
IvParameterSpec.class).getIV();
return new EncryptInfo(cipher.doFinal(data), initVector, salt);
}
public static byte[] decrypt(byte[] data, char[] password, byte[] salt,
byte[] initVector) throws NoSuchAlgorithmException,
InvalidKeySpecException, NoSuchPaddingException,
InvalidKeyException, InvalidAlgorithmParameterException,
IllegalBlockSizeException, BadPaddingException
{
PBEKeySpec keySpec = new PBEKeySpec(password, salt, 1024);
SecretKeyFactory secretKeyFactory = SecretKeyFactory
.getInstance(keyGenAlgorithm);
SecretKey secretKey = secretKeyFactory.generateSecret(keySpec);
keySpec.clearPassword();
byte[] key = secretKey.getEncoded();
SecretKeySpec secretKeySpec = new SecretKeySpec(key, keyAlgorithm);
Cipher cipher = Cipher.getInstance(cipherTransform);
cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, new IvParameterSpec(
initVector));
return cipher.doFinal(data);
}
public static void main(String[] args) throws Exception
{
char[] password = "password".toCharArray();
EncryptInfo info = encrypt(password, "Message".getBytes());
byte[] decyptedText = decrypt(info.getEncryptedData(), password, info
.getSalt(), info.getInitVector());
System.out.println(new String(decyptedText));
}
}
Both MD5 and DES are weak. If your data being encrypted is really valuable, you should look for some external crypto library for Android that offers AES and SHA256/SHA512 algorithms.
If you want to encrypt data using a symmetric key encryption, I recommend:
1) Use AES, because it is certified by the NSA for data classified as secret.
2) Use a well reviewed implementation so you don't have to research the proper way to configure the code. For example, AESCrypt.
You can find AESCrypt here: http://www.aescrypt.com/java_aes_crypt.html
I've seen AESCrypt used in several financial institutions. AESCrypt for java is a single class that calls JCE methods. Android, JCE is implemented by bouncycastle. I have seen bouncycastle used in several major financial institutions.