jQuery in Action, 3rd edition
The moose likes Java in General and the fly likes Basic use of JCE (Java Cryptography Extension) Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Java in General
Bookmark "Basic use of JCE (Java Cryptography Extension)" Watch "Basic use of JCE (Java Cryptography Extension)" New topic

Basic use of JCE (Java Cryptography Extension)

Jimmy Ho
Ranch Hand

Joined: Jul 31, 2007
Posts: 61
I'm perusing the JCE JavaDocs and intro docs and I'm a little lost. (I'm using JDK 1.5.0_17 by the way)

All I want to do is take a couple of strings and encrypt them with a simple password or key (symmetric) and store them as ASCII/UTF-8 in a text file. And then unencrypt in the code.

Context: I work in the retail space and there's a bunch of retail stores that will have store servers with configuration files for Java programs. Some of these config files will have lines that say,


I would rather it say something like,


Where the 'key' or 'password' to unlock the encryption is just hard-coded in the JAR file that contains the application. Granted, someone can decompile the JAR, but this level of security is acceptable for our purposes.

Is there a simple way to just say, convertStringToGobblygook(s, key) and then the reverse?

It looks like I can use Cipher, CipherInputStream and CipherOutputStream wrapped over a StringReader/Writer or whatever. But even then, I'm getting confused as to the exact parameters to feed to the Cipher class.

Note that I don't need a fancy 1024-bit RSA blah-blah-blah encryption. Just something moderately better than, say, using ObjectOutputStream.


Ulf Dittmer

Joined: Mar 22, 2005
Posts: 42965
Examples of using DES and AES are linked in the http://faq.javaranch.com/java/SecurityFaq#encryption page.
Gavin Tranter
Ranch Hand

Joined: Jan 01, 2007
Posts: 333
It can be a bit confusing.

The steps need are rather stright forward, you need to create a key, this will be used to initialise the cypher algorthmn.
I tend to use AES as my algorithmn (it is symmetric), I usual use 32 BYTE Hex Strings, this could be hard code within the code I guess.

Use something like apache codec to convert the key (hex String) to a byte array.

Then create a SecretKeySpec using the byte array and the Algorthimn name.

This can then be used to create a Cipher object (with the mode of operation encryption/decryption).

Once you have your Cipher object you can use cipher.doFinal(string.getBytes()); where string is what you wish to encrypt.

This will return you a ByteArray which is encrypted.

Dont dump this out to a string, you are much better off converting it to a HexString, again using apache codec.

Hope that helps.
Pat Farrell

Joined: Aug 11, 2007
Posts: 4659

A common bug in the use of JCE is that Jave loves Unicode strings, and nearly all cryptography uses byte arrays. (Technically octet arrays, which are unsigned).

Make sure that all your code is using byte[], never use String.
I agree. Here's the link: http://aspose.com/file-tools
subject: Basic use of JCE (Java Cryptography Extension)
It's not a secret anymore!