aspose file tools*
The moose likes Security and the fly likes Java encryption... Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Java encryption..." Watch "Java encryption..." New topic
Author

Java encryption...

Tad Dicks
Ranch Hand

Joined: Nov 16, 2004
Posts: 264
I'm really new to any of the java encryption stuff and tried to write a real simple program to test it out:



When I run it I get the following output:


It appearently doesn't encrypt the string at all and throws an exception when trying to decrypt.

-Tad
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41867
    
  63
Have a look at this thread. The code contained in one of the responses works fine.


Ping & DNS - my free Android networking tools app
Seetesh Hindlekar
Ranch Hand

Joined: Feb 13, 2004
Posts: 244
I changed the code to
KeyGenerator kg = KeyGenerator.getInstance("DESede");

But getting the java.security.InvalidKeyException: Invalid key length: 24 bytes

Any solurions?

Rgds,

Seetesh
chris up
Greenhorn

Joined: Aug 02, 2006
Posts: 2
Triple DES (aka DESede) needs a 192 bit key.
chris up
Greenhorn

Joined: Aug 02, 2006
Posts: 2
Sorry that was the most redundant post ever (24 bytes = 192 bits), i was definately not thinking.

Try this to fix your original problem...

c.init(Cipher.DECRYPT_MODE, skeySpec, c.getParameters());

When initializing a cipher with a generated key in encrypt mode there are some parameters which are created underneath the covers which need to be given to the decrypter (related to the mode and padding which you specified in getting the instance of the cipher).
James Sabre
Ranch Hand

Joined: Sep 07, 2004
Posts: 781

There are three obvious problems with yoour code.

1) Using
c = Cipher.getInstance("DES/CBC/PKCS5Padding");
indicates that you wish to use CBC mode so you will need an initialisation vector (IV). For DES this will be 8 bytes used as
byte[] ivBytes = your IV bytes
IvParameterSpec iv = new IvParameterSpec(ivBytes);
cipher.init(javax.crypto.Cipher.ENCRYPT_MODE, key, iv);
You will need to supply the same IV when you decrypt.

2) Using
String y = new String(c.doFinal(x.getBytes()));
has two problems -

a) x.getBytes() uses the default platform encoding to turn characters into bytes so you 'may' get a different result for different platforms. It is normally better to specify the encoding i.e. x.getBytes("utf-8") then the same bytes will be generated for ALL platforms.
b) String y = new String(c.doFinal(...))
tries to turn the arbitrary bytes generated by the encryption process into a String using the default platform encoding. As well as the problems outlined in a), this has the additional problem that not all bytes and byte sequences can represent a valid character so the transformation is frequently not reversible. If you MUST have a String result from the encryption then use Base64 or Hex to armor the bytes.


Retired horse trader.
 Note: double-underline links may be advertisements automatically added by this site and are probably not endorsed by me.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Java encryption...