I'm able to cipher using PBEWithHmacSHA256AndAES_128 , but when i try to decipher it doesnt do anything, my encrypt code is:
PBEKeySpec keySpec = new PBEKeySpec(passwordServer.toCharArray());
SecretKeyFactory kf;
kf = SecretKeyFactory.getInstance("PBEWithHmacSHA256AndAES_128");
secretKey = kf.generateSecret(keySpec);
byte[] ivBytes = {0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18,
0x19,0x1A,0x1B,0x1C,0x1D,0x1E,0x1F,0x20};
IvParameterSpec ivSpec = new IvParameterSpec(ivBytes);
PBEParameterSpec spec = new PBEParameterSpec(salt, 20, ivSpec);
c = Cipher.getInstance("PBEWithHmacSHA256AndAES_128");
c.init(Cipher.ENCRYPT_MODE, secretKey, spec);
params = c.getParameters();
and my decrypt code is the following:
Cipher c = Cipher.getInstance("PBEWithHmacSHA256AndAES_128");
c.init(Cipher.DECRYPT_MODE, secretKey, params);
FileInputStream fis = new FileInputStream("repositorios/login.cif");
FileOutputStream fos = new FileOutputStream("repositorios/login2.txt");
CipherOutputStream cos = new CipherOutputStream(fos, c);
byte[] b = new byte[16];
int i = fis.read(b);
while (i != -1) {
cos.write(b, 0, i);
i = fis.read(b);
}
cos.close();
fis.close();
After i run the code, the file "login2.txt" is empty.
Am I doing something wrong while using this algorithm?
Thank you!
EDIT:
1. where i store the salt:
BufferedWriter out = new BufferedWriter
(new FileWriter("repositorios/salt.txt",true));
BufferedReader in=new BufferedReader
(new FileReader("repositorios/salt.txt"));
byte[]salt;
String l = in.readLine();
if(l != null){
salt = l.getBytes();
} else {
salt = new byte[16];
RANDOM.nextBytes(salt);
out.write(new String (salt, "UTF-8"));
}
my chiper code:
FileOutputStream fos = new FileOutputStream("repositorios/login.cif");
CipherOutputStream cos = new CipherOutputStream(fos, c);
out = new BufferedWriter(new FileWriter("repositorios/login.txt",true));
String aEncriptar = user + ":" + passwd +"\n";
byte[] b= aEncriptar.getBytes();
cos.write(b, 0, b.length);
cos.close();
Related
I'm getting the following error when i tried to decrypt a list of ogg files but when i try to decrypt only one it works this is my code.
for (IpstoriResponse ipstori: descargas) {
Executors.newSingleThreadExecutor().execute(() -> {
ipstori.setAudioHistory(getOfflineFile(ipstori.getAudioPath(), ipstori.getAudioCle(), ipstori.getAudioIv(), requireContext(), ipstori.getAudioCle()));
prepareList.add(...);
});
}
}
private String getOfflineFile(String input, String key, String iv, Context context, String name){
String result = null;
try {
File initialFile = new File(input);
InputStream inputStream = new FileInputStream(initialFile);
File outputDir = context.getCacheDir(); // context being the Activity pointer
File outputFile = File.createTempFile(name, ".ogg", outputDir);
FileOutputStream fos = new FileOutputStream(outputFile);
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
SecretKey secretKey = makeKey(key);
IvParameterSpec ivParameterSpec = makeIv(iv);
cipher.init(Cipher.DECRYPT_MODE, secretKey, ivParameterSpec);
CipherInputStream cipherInputStream = new CipherInputStream(inputStream, cipher);
byte[] buffer = new byte[8192];
int nread;
while ((nread = cipherInputStream.read(buffer)) > 0) {
fos.write(buffer, 0, nread);
}
fos.flush();
fos.close();
cipherInputStream.close();
result = outputFile.getPath();
tempFiles.add(result);
} catch (Exception ex) {
...
}
return result;
}
that's really weird cause when you try to decrypt only one element of the list the code works fine
Im trying to implement file decryption by referring this code:
Encryption part i have done this way:
https//stackoverflow.com/questions/64423926/encrypt-file-in-java-and-decrypt-in-openssl-with-key-aes
And the encrypted file im able to decrypt with openssl.
But the decrypt to file in java is causing error:
java.lang.IllegalArgumentException: Illegal base64 character 5f
at java.util.Base64$Decoder.decode0(Unknown Source)
at java.util.Base64$Decoder.decode(Unknown Source)
at java.util.Base64$Decoder.decode(Unknown Source)
at aes.AesEncryptTask.decryptNew(AesEncryptTask.java:107)
at aes.AesEncryptTask.main(AesEncryptTask.java:58)
Content in my encrypted file is:
Salted__¨‹–1ž#¡ð=—ÖÏùá•NEÄ
Note: Starting salted part is not base64encoded. following data is encoded.
Please suggest on correct implementation of file decryption.
static void decryptNew(String path,String password, String outPath) {
try{
FileInputStream fis = new FileInputStream(path);
FileOutputStream fos = new FileOutputStream(outPath);
final byte[] pass = password.getBytes(StandardCharsets.US_ASCII);
//final byte[] inBytes = Base64.getDecoder().decode(source);
String source = getFileContent(fis);
final Decoder decoder = Base64.getDecoder();
final byte[] inBytes = decoder.decode(source);
//final byte[] inBytes =source.getBytes();//DatatypeConverter.parseBase64Binary(source);
final byte[] shouldBeMagic = Arrays.copyOfRange(inBytes, 0, SALTED_MAGIC.length);
if (!Arrays.equals(shouldBeMagic, SALTED_MAGIC)) {
throw new IllegalArgumentException("Initial bytes from input do not match OpenSSL SALTED_MAGIC salt value.");
}
final byte[] salt = Arrays.copyOfRange(inBytes, SALTED_MAGIC.length, SALTED_MAGIC.length + 8);
final byte[] passAndSalt = array_concat(pass, salt);
byte[] hash = new byte[0];
byte[] keyAndIv = new byte[0];
for (int i = 0; i < 3 && keyAndIv.length < 48; i++) {
final byte[] hashData = array_concat(hash, passAndSalt);
MessageDigest md = null;
md = MessageDigest.getInstance("SHA-1");
hash = md.digest(hashData);
keyAndIv = array_concat(keyAndIv, hash);
}
final byte[] keyValue = Arrays.copyOfRange(keyAndIv, 0, 32);
final SecretKeySpec key = new SecretKeySpec(keyValue, "AES");
final byte[] iv = Arrays.copyOfRange(keyAndIv, 32, 48);
final Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(iv));
final byte[] clear = cipher.doFinal(inBytes, 16, inBytes.length - 16);
String contentDecoded = new String(clear, StandardCharsets.UTF_8);
fos.write(contentDecoded.getBytes());
fos.close();
//cipher.init(Cipher.DECRYPT_MODE, sks);
/*CipherInputStream cis = new CipherInputStream(fis, cipher);
int b;
byte[] d = new byte[8];
while((b = cis.read(d)) != -1) {
fos.write(d, 0, b);
}
fos.flush();
fos.close();
cis.close();*/
System.out.println("Decrypt is completed");
}catch(Exception e){
e.printStackTrace();
}
}
The below code is doing a complete file encryption and decryption and is compatible to the OpenSSL commands
encrypt: openssl enc -aes-256-cbc -pass pass:testpass -d -p -in plaintext.txt -out plaintext.txt.crypt -md md5
decrypt: openssl aes-256-cbc -d -in plaintext.txt.crypt -out plaintext1.txt -k testpass -md md5
I left out some variables as they are not used in decryption method and on the other hand substituded the byte[]
concatination with a pure Java version.
The simple output is:
encrypt done plaintext.txt
ciphertext: plaintext.txt
Decrypt is completed
Security warning: the key derivation is DEPRECATED and should not used any longer. The code does not have any exception handling and is for educational purpose only.
code:
import javax.crypto.Cipher;
import javax.crypto.CipherOutputStream;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.*;
import java.util.Arrays;
public class MainSo {
public static void main(String[] args) {
System.out.println("https://stackoverflow.com/questions/64443373/decrypt-aes-encrypted-file-in-java-sha1-openssl?noredirect=1#comment113960588_64443373");
String plaintextFilename = "plaintext.txt";
String ciphertextFilename = "plaintext.txt.crypt";
String decryptedtextFilename = "plaintextDecrypted.txt";
String password = "testpass";
// openssl equivalent:
// decrypt: openssl aes-256-cbc -d -in plaintext.txt.crypt -out plaintext1.txt -k testpass -md md5
// encrypt: openssl enc -aes-256-cbc -pass pass:testpass -d -p -in sample.crypt -out sample.txt -md md5
String ciphertext = encryptfile(plaintextFilename, password);
System.out.println("ciphertext: " + ciphertext);
decryptNew(ciphertextFilename, password, decryptedtextFilename);
}
public static String encryptfile(String path, String password) {
try {
FileInputStream fis = new FileInputStream(path);
FileOutputStream fos = new FileOutputStream(path.concat(".crypt"));
final byte[] pass = password.getBytes(StandardCharsets.UTF_8);
final byte[] salt = (new SecureRandom()).generateSeed(8);
fos.write("Salted__".getBytes(StandardCharsets.UTF_8));
fos.write(salt);
final byte[] passAndSalt = concatenateByteArrays(pass, salt);
byte[] hash = new byte[0];
byte[] keyAndIv = new byte[0];
for (int i = 0; i < 3 && keyAndIv.length < 48; i++) {
final byte[] hashData = concatenateByteArrays(hash, passAndSalt);
final MessageDigest md = MessageDigest.getInstance("MD5");
hash = md.digest(hashData);
keyAndIv = concatenateByteArrays(keyAndIv, hash);
}
final byte[] keyValue = Arrays.copyOfRange(keyAndIv, 0, 32);
final byte[] iv = Arrays.copyOfRange(keyAndIv, 32, 48);
final SecretKeySpec key = new SecretKeySpec(keyValue, "AES");
final Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(iv));
CipherOutputStream cos = new CipherOutputStream(fos, cipher);
int b;
byte[] d = new byte[8];
while ((b = fis.read(d)) != -1) {
cos.write(d, 0, b);
}
cos.flush();
cos.close();
fis.close();
System.out.println("encrypt done " + path);
} catch (IOException | NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException | InvalidAlgorithmParameterException e) {
e.printStackTrace();
}
return path;
}
static void decryptNew(String path,String password, String outPath) {
byte[] SALTED_MAGIC = "Salted__".getBytes(StandardCharsets.UTF_8);
try{
FileInputStream fis = new FileInputStream(path);
FileOutputStream fos = new FileOutputStream(outPath);
final byte[] pass = password.getBytes(StandardCharsets.US_ASCII);
final byte[] inBytes = Files.readAllBytes(Paths.get(path));
final byte[] shouldBeMagic = Arrays.copyOfRange(inBytes, 0, SALTED_MAGIC.length);
if (!Arrays.equals(shouldBeMagic, SALTED_MAGIC)) {
throw new IllegalArgumentException("Initial bytes from input do not match OpenSSL SALTED_MAGIC salt value.");
}
final byte[] salt = Arrays.copyOfRange(inBytes, SALTED_MAGIC.length, SALTED_MAGIC.length + 8);
final byte[] passAndSalt = concatenateByteArrays(pass, salt);
byte[] hash = new byte[0];
byte[] keyAndIv = new byte[0];
for (int i = 0; i < 3 && keyAndIv.length < 48; i++) {
final byte[] hashData = concatenateByteArrays(hash, passAndSalt);
MessageDigest md = null;
md = MessageDigest.getInstance("MD5");
hash = md.digest(hashData);
keyAndIv = concatenateByteArrays(keyAndIv, hash);
}
final byte[] keyValue = Arrays.copyOfRange(keyAndIv, 0, 32);
final SecretKeySpec key = new SecretKeySpec(keyValue, "AES");
final byte[] iv = Arrays.copyOfRange(keyAndIv, 32, 48);
final Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(iv));
final byte[] clear = cipher.doFinal(inBytes, 16, inBytes.length - 16);
String contentDecoded = new String(clear, StandardCharsets.UTF_8);
fos.write(contentDecoded.getBytes());
fos.close();
System.out.println("Decrypt is completed");
}catch(Exception e){
e.printStackTrace();
}
}
public static byte[] concatenateByteArrays(byte[] a, byte[] b) {
return ByteBuffer
.allocate(a.length + b.length)
.put(a).put(b)
.array();
}
}
Okay, so when I encrypt anything, lets say in this case a file, with my computer. It works fine encrypting and decrypting said file. However if encrypt the file with my computer then send it too my android and run the same decryption code I wrote it wont decrypt the file properly. It doesn't show any errors, however the file is clearly not decrypted properly.
So I've learned that Bouncy Castle is quite different than JVM/JDK standard encryption library, so I'm not 100% sure if that's the problem. However it would make sense. The issue is that if it is I don't know how to use the JVM/JDK library for encryption on my android. I don't want too use the Bouncy Castle library on my computer.
public static void encrypt(File source, File dest, String password){
try{
FileInputStream inFile = new FileInputStream(source.getPath());
FileOutputStream outFile = new FileOutputStream(dest.getPath());
byte[] salt = new byte[8], iv = new byte[16];
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
KeySpec keySpec = new PBEKeySpec(password.toCharArray(), salt, 65536, 256);
SecretKey secretKey = factory.generateSecret(keySpec);
SecretKey secret = new SecretKeySpec(secretKey.getEncoded(), "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, secret, new IvParameterSpec(iv));
byte[] input = new byte[64];
int bytesRead;
while((bytesRead = inFile.read(input)) != -1){
byte[] output = cipher.update(input, 0, bytesRead);
if(output != null){
outFile.write(output);
}
}
byte[] output = cipher.doFinal();
if(output != null){
outFile.write(output);
}
inFile.close();
outFile.flush();
outFile.close();
}catch(Exception e){
e.printStackTrace();
}
}
public static void decrypt(File source, File dest, String password){
try{
byte[] salt = new byte[8], iv = new byte[16];
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
KeySpec keySpec = new PBEKeySpec(password.toCharArray(), salt, 65536, 256);
SecretKey tmp = factory.generateSecret(keySpec);
SecretKey secret = new SecretKeySpec(tmp.getEncoded(), "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, secret, new IvParameterSpec(iv));
FileInputStream fis = new FileInputStream(source.getPath());
FileOutputStream fos = new FileOutputStream(dest.getPath());
byte[] in = new byte[64];
int read;
while((read = fis.read(in)) != -1){
byte[] output = cipher.update(in, 0, read);
if(output != null){
fos.write(output);
}
}
byte[] output = cipher.doFinal();
if(output != null){
fos.write(output);
}
fis.close();
fos.flush();
fos.close();
}catch(Exception e){
e.printStackTrace();
}
}
The outcome would be too be able too encrypt any file with my computer using the standard JVM/JDK encryption library and being able too decrypt the same file with my android.
However if there is a different library other than Bouncy Castle that would work with android I'm open for ideas.
I've faced similar issue. First check if your encryption and decryption is setup properly.
If those are okay, then you should convert the encrypted text to Base64 or similar encoding.
Then decode the Base64 encoding first on the mobile and then decrypt the file.
The issue occurs because, some characters are not suitable for saving or transfering between mediums. They also gets affected by the underlying OS. Even if a bit is changed, your whole decrypted text will be changed, that might be the case here
ANDROID CODE
public static void decrypt(File source, File dest, String password){
try{
Base64InputStream fis = new Base64InputStream(new DataInputStream(new FileInputStream(source.getPath())), Base64.DEFAULT);
FileOutputStream fos = new FileOutputStream(dest.getPath());
byte[] salt = new byte[8], iv = new byte[16];
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
KeySpec keySpec = new PBEKeySpec(password.toCharArray(), salt, 65536, 256);
SecretKey tmp = factory.generateSecret(keySpec);
SecretKey secret = new SecretKeySpec(tmp.getEncoded(), "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, secret, new IvParameterSpec(iv));
byte[] in = new byte[64];
int read;
while((read = fis.read(in)) != -1){
byte[] output = cipher.update(in, 0, read);
if(output != null){
fos.write(output);
}
}
byte[] output = cipher.doFinal();
if(output != null){
fos.write(output);
}
fis.close();
fos.flush();
fos.close();
}catch(Exception e){
e.printStackTrace();
}
}
Regular JVM
public static void encrypt(File source, File dest, String password){
try{
FileInputStream inFile = new FileInputStream(source.getPath());
OutputStream outFile = Base64.getEncoder().wrap(new FileOutputStream(dest.getPath()));
byte[] salt = new byte[8], iv = new byte[16];
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
KeySpec keySpec = new PBEKeySpec(password.toCharArray(), salt, 65536, 256);
SecretKey secretKey = factory.generateSecret(keySpec);
SecretKey secret = new SecretKeySpec(secretKey.getEncoded(), "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, secret, new IvParameterSpec(iv));
byte[] input = new byte[64];
int bytesRead;
while((bytesRead = inFile.read(input)) != -1){
byte[] output = cipher.update(input, 0, bytesRead);
if(output != null){
outFile.write(output);
}
}
byte[] output = cipher.doFinal();
if(output != null){
outFile.write(output);
}
inFile.close();
outFile.flush();
outFile.close();
}catch(Exception e){
e.printStackTrace();
}
}
public static void decrypt(File source, File dest, String password){
try{
InputStream fis = Base64.getDecoder().wrap(new FileInputStream(source.getPath()));
//FileInputStream fis = new FileInputStream(source.getPath());
FileOutputStream fos = new FileOutputStream(dest.getPath());
byte[] salt = new byte[8], iv = new byte[16];
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
KeySpec keySpec = new PBEKeySpec(password.toCharArray(), salt, 65536, 256);
SecretKey tmp = factory.generateSecret(keySpec);
SecretKey secret = new SecretKeySpec(tmp.getEncoded(), "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, secret, new IvParameterSpec(iv));
byte[] in = new byte[64];
int read;
while((read = fis.read(in)) != -1){
byte[] output = cipher.update(in, 0, read);
if(output != null){
fos.write(output);
}
}
byte[] output = cipher.doFinal();
if(output != null){
fos.write(output);
}
fis.close();
fos.flush();
fos.close();
}catch(Exception e){
e.printStackTrace();
}
}
I am trying to encrypt and decrypt files with BouncyCastle 3DES. But the files are corrupted after encrypting and decrypting. For example a simple text-file or a jpg-image-file. This is my Code:
ZipUnzipBouncyCastle()
{
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
}
public void encrypt3DES(String password, String file)
throws IOException, DataLengthException, IllegalStateException,
InvalidCipherTextException, NoSuchAlgorithmException
{
byte[] data = Files.readAllBytes(new File(file).toPath());
SecureRandom random = new SecureRandom(data);
KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede");
keyGenerator.init(168, random);
SecretKey secreteKey = keyGenerator.generateKey();
BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(
new CBCBlockCipher(new DESedeEngine()));
cipher.init(true, new KeyParameter(secreteKey.getEncoded()));
byte[] result = new byte[cipher.getOutputSize(data.length)];
int tam = cipher.processBytes(data, 0, data.length, result, 0);
cipher.doFinal(result, tam);
byte[] encodedData = Base64.getEncoder().encode(result);
FileOutputStream fileOutputStream = new FileOutputStream(file);
fileOutputStream.write(encodedData);
fileOutputStream.flush();
fileOutputStream.close();
}
public void decrypt3DES(String password, String file)
throws NoSuchAlgorithmException, DataLengthException,
IllegalStateException, InvalidCipherTextException, IOException
{
byte[] data = Files.readAllBytes(new File(file).toPath());
byte[] decodedData = Base64.getDecoder().decode(data);
SecureRandom random = new SecureRandom(decodedData);
KeyGenerator keyGenerator = KeyGenerator.getInstance("DESede");
keyGenerator.init(168, random);
SecretKey secreteKey = keyGenerator.generateKey();
BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(
new CBCBlockCipher(new DESedeEngine()));
cipher.init(true, new KeyParameter(secreteKey.getEncoded()));
byte[] result = new byte[cipher.getOutputSize(decodedData.length)];
int tam = cipher.processBytes(decodedData, 0, decodedData.length, result, 0);
cipher.doFinal(result, tam);
FileOutputStream fileOutputStream = new FileOutputStream(file);
fileOutputStream.write(result);
fileOutputStream.flush();
fileOutputStream.close();
}
I looked all over the Internet but could not find any explanation. What am I doing wrong?
I am trying to make a encryption and decryption app but in decryption method I got javax.crypto.IllegalBlockSizeException: last block incomplete in decryption
byte[] key = ("Sh").getBytes("UTF-8");
MessageDigest sha = MessageDigest.getInstance("SHA-1");
key = sha.digest(key);
key = Arrays.copyOf(key, 16);
secretKeySpec = new SecretKeySpec(key, "AES");
cipher = Cipher.getInstance("AES");
public void dec (String dir)
{
try{
cipher.init(Cipher.DECRYPT_MODE, secretKeySpec);
String cleartextFile = dir;
FileInputStream fis = new FileInputStream(cleartextFile);
CipherInputStream cis = new CipherInputStream(fis, cipher);
FileOutputStream fos = new FileOutputStream(dir);
block = new byte[6];
while ((i = cis.read(block)) != -1) {
fos.write(block, 0, i);
}
fos.close();
}
catch(Exception ex)
{
Toast.makeText(MainActivity.this, "Chiper Error"+ex, Toast.LENGTH_LONG).show();
}
}