It's not a secret anymore!
The moose likes Security and the fly likes Encrypt in Java / Decrypt in C++ Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Encrypt in Java / Decrypt in C++ " Watch "Encrypt in Java / Decrypt in C++ " New topic

Encrypt in Java / Decrypt in C++

Anand Wadhwani
Ranch Hand

Joined: Mar 21, 2005
Posts: 151
Hi Ranchers,

I am getting mad at following problem, almost given up on keep doing research on this.

I need to encrypt a string in java, store the encrpted string in database along with key used for encryption.

Later an ActiveX component would use the key to decrypt the encrypted string.

How is it possible? I have tried DES, AES everything is working fine, both in Java working fine, both in C++ working fine. BUT, encryption in java and decryption in C++ not working

I would really really appreciate very much if somebody could help me with this issue. The code would be wonderful!

[ April 13, 2005: Message edited by: Anand Wadhwani ]

SCWCD 1.4<br />---------------------<br />Ability is what you're capable of. <br />Motivation determines what you do. <br />Attitude determines how well you do it.<br />---------------------
gopi gakkam

Joined: Jul 30, 2007
Posts: 4
I want to same type of code please help me,
how did you generate AES 128 encryption key dynamically which supports java and C/C++?

Rahul Bhattacharjee
Ranch Hand

Joined: Nov 29, 2005
Posts: 2308
Hi Anand,

I think ,as long as the algorithm and other related parameters are same on both sides ,it should work fine.

How are you trying this ? Which algorithm and what are the other parameters you are using for encrypting in java and how it will be decrypted in C++?

Rahul Bhattacharjee
LinkedIn - Blog
greg stark
Ranch Hand

Joined: Aug 10, 2006
Posts: 220
Also, you might consider going to this NIST page You can find test values there that you should encrypt with both implementations. If one of them matches but the other doesn't, you know which one is correct. Usually, the actual problem is something simple like byte ordering. Again, by using the test values this should become apparent.

Nice to meet you.
Pat Farrell

Joined: Aug 11, 2007
Posts: 4659

Yes, getting the test vectors from NIST is the right thing to do.
For any serious cryptography, there are standard test vectors that you really need to make sure your code can replicate.

Many crypto algoithms are not byte oriented, but are block of bit oriented, so they are used to working with, and thinking of 32 or 64 or 128 bit blocks. Bit order is important, and Java's String and Character classes typically have 16 bit characters.

You have to make sure your big-endian and little endian stuff is perfect.

Many of the standard crypto really are defined for unsigned octets, which are the same as unsigned byte in C, but have no real equivalent in Java.

The trick to crypto code is the test vectors. A properly working crypto routine will take nice text/strings and make it look like garbage. A badly implemented one will also take nice text/strings and make it look like garbage. With real crypto, you can't look at the garbage and tell if it is right or not.
I agree. Here's the link:
subject: Encrypt in Java / Decrypt in C++
jQuery in Action, 3rd edition