Crypto needed for decrypting text

This is sort of a 2 part question regarding decryption (that a word) using Java's - javax.crypto.

1 -
I was planning to have some semi-sensitive data encrypted, but would need to be decrypted when using my system. Such things as a persons unique account number, which will be encrypted in the DB but will need to be decrypted to display on the system when they user is logged in.

I am using the following snippets of code:

// Encrypt data
Cipher cipher;
cipher = Cipher.getInstance(strAlgo2);
cipher.init(Cipher.ENCRYPT_MODE, sk);
byte[] bOrigStr = strSampleTxt[i].getBytes();
byte[] bEncryptStr = cipher.doFinal(bOrigStr);

// Decrtpy data
cipher.init(Cipher.DECRYPT_MODE, sk, iv);
bOrigStr = cipher.doFinal(bEncryptStr);

Problem is I'm getting the following results (Bananarama is test string):
Original Text: Bananarama
Encrypted Text: [B@1bcc0bc
Decrypted Text: [B@111a3a4

Doesn't look very decrypted!

2 -
My second question is regarding comparing passwords that are encrypted...
I have read many things here where people have said passwords do NOT need to be decrypted but cause you can just compare the encrypted strings. This makes sense apart from when I run the test 'Bananarama' string twice I get the following:

Original Text: Bananarama
Encrypted Text: [B@111a3a4
Decrypted Text: [B@10e790c

Original Text: Bananarama
Encrypted Text: [B@12d263f
Decrypted Text: [B@12a0f6c
DIFFERENT!

Also if I run the following, I get:
Original Text: Bananarama
Encrypted Text: [B@111a3a4
Decrypted Text: [B@10e790c

Then run:
Original Text: Chicago
Encrypted Text: [B@111a3a4
Decrypted Text: [B@10e790c

Why are Banarama & Chicago encypted the same?

The full class is here (it's a bit messy because it's full of stuff for testing):

package com.login.test;
  
import java.security.*;
import javax.crypto.*;
import javax.crypto.spec.IvParameterSpec;
 
public class CryptixTest {
  
public static void main (String args[]) throws Exception{
GenerateKey();
}
  
public static void GenerateKey () {

// Test varibales
String strAlgo1 = "DES";
//String strAlgo2 = "DES/CBC/PKCS5Padding";
String strAlgo2 = "DES";

// 10 Test Strings.
String strSampleTxt[] = new String[3];
strSampleTxt[0] = "Bananarama";
strSampleTxt[1] = "Chicago";

byte[] salt = {(byte)0xc7, (byte)0x73, (byte)0x21, (byte)0x8c,
      (byte)0x7e, (byte)0xc8, (byte)0xee, (byte)0x99};

IvParameterSpec iv = new IvParameterSpec(salt);
 
                // Used to test multiple encryptions
for (int i=0;i<2;i++) {
try {
System.out.println("");
System.out.println("Original Text: "+strSampleTxt[i]);

// Generate Secret_key
KeyGenerator kg;
kg = KeyGenerator.getInstance(strAlgo1);
kg.init(56);
SecretKey sk = kg.generateKey();

// Encrypt
Cipher cipher;
cipher = Cipher.getInstance(strAlgo2);
cipher.init(Cipher.ENCRYPT_MODE, sk);
byte[] bOrigStr = strSampleTxt[i].getBytes();
byte[] bEncryptStr = cipher.doFinal(bOrigStr);
System.out.println("Encrypted Text: "+bEncryptStr.toString());

// De_crypt
cipher.init(Cipher.DECRYPT_MODE, sk);
bOrigStr = cipher.doFinal(bEncryptStr);
System.out.println("Decrypted Text: "+bOrigStr);

} catch (IllegalBlockSizeException ex) {
ex.printStackTrace();
} catch (BadPaddingException ex) {
ex.printStackTrace();
} catch (NoSuchAlgorithmException ex) {
ex.printStackTrace();
} catch (NoSuchPaddingException ex) {
ex.printStackTrace();
} catch (InvalidKeyException ex) {
ex.printStackTrace();
} catch (Exception ex){
ex.printStackTrace();
}
}
}
}

[ November 02, 2007: Message edited by: Keith Seller ]

Problem is I'm getting the following results (Bananarama is test string):
Original Text: Bananarama
Encrypted Text: [B@1bcc0bc
Decrypted Text: [B@111a3a4

Doesn't look very decrypted!

It doesn't look like a byte array either ...

Seriously, you can't just system out a byte array. The println() method will convert it to a string with the toString() method. The toString() method for a byte array, just outputs, that it is a byte array and the hash id for the byte array.

And BTW, you went from string to clear text byte array to encrypted byte array. For the reverse, you went from encrypted byte array to clear text byte array, you need to finish by converting that clear text back to a string too.

Henry

What you're printing out is not a string - it is a byte array.

Now unfortunately, arrays have a crappy toString() method. It does not use the contents, but the array type ([B for byte arrays), followed by an @ and the hash code in HEX format).

If you want to check the string value, use new String(bOrigStr) instead.

Cheers guys, this makes a little more sense! :-)

Original Text: Bananarama
Encrypted Text: Vy��\�a��C
Decrypted Text: Bananarama

Original Text: Bananarama
Encrypted Text: ��ZC�h!��~��
Decrypted Text: Bananarama

Original Text: Chicago
Encrypted Text: �&��l?
Decrypted Text: Chicago

But still getting that problem of the two Bananarama encryptions being different.

--- UPDATE ---

Sorted it!
For some reason having the Strings in an array (looping through the encryption/decryption) was giving the two Bananarama's different encryption.

Running it as String1/String2 I get the correct output:

Bananarama
Encrypted Text: TB��zM=<9�up?��
Decrypted Text: Bananarama

Bananarama
Encrypted Text: TB��zM=<9�up?��
Decrypted Text: Bananarama
[ November 02, 2007: Message edited by: Keith Seller ]

What happens if you don't create a different secret key each time?

Encryption comes out the same for each one:

Original Text: Bananarama
Encrypted Text: qy}��,�N#��<p
Decrypted Text: Bananarama

Original Text2: Bananarama
Encrypted Text: qy}��,�N#��<p
Decrypted Text: Bananarama