aspose file tools*
The moose likes Security and the fly likes Help please: Encrypt, save to file, then decrypt later to read Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Help please: Encrypt, save to file, then decrypt later to read" Watch "Help please: Encrypt, save to file, then decrypt later to read" New topic
Author

Help please: Encrypt, save to file, then decrypt later to read

Gus Parker
Greenhorn

Joined: May 10, 2009
Posts: 19
Hi,

I'm new to encrypting data in JAVA, have spend a few days reading up about it
and trying several methods, the methods I have got to work have pretty weak encryption.

The code below is one I'd really like to get working properly but seem to be having trouble with

Any point in the right direction, or what I am doing wrong would be great help.

Cheers



This code - Works fine.



The trouble is I want to write the encrypted message into a text file, then read it again
from another class.

So I tryed this below, tryed break down the key, then trying to rebuild the key (so I can
use it in another class once I get this right)

As you can see down the bottom, the first "Text Decryted : " Message will only show the
message it originally generate for this instance.

BUT the second one fails when it trys to Decrypt the code I have given it from class, the key
I've used with the 2nd one I have taken from another instance of running the program (the one
were I got the encrypted message to be decryted)




Do you think I'm going about this the right way, am I getting warm with it?

Is there a better way to be doing this?

Basically I want to take a string, encrypt it, save that to a text file, then decrypt it to read it
later on.

Any help would be fantastic,

Cheers, good day to you :-)

Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41818
    
  62
byte[] textDecrypted2 = desCipher.doFinal(text)

This doesn't make sense to me. "text" is not encrypted - it is the original cleartext, so any attempts to decrypt it would result in garbage.

Aside #1: Any time you're using String.getBytes() instead of String.getBytes(String) the code is dependent on the platform you're running. If this code is supposed to run on different platforms (OS X, Windows, Linux, ...) then that is a bug waiting to happen.

Aside #2: DES is weak and obsolete. Use at least Triple-DES (the algorithm for which is called "DESede" in Java parlance).

Ping & DNS - my free Android networking tools app
Gus Parker
Greenhorn

Joined: May 10, 2009
Posts: 19
Ulf Dittmer wrote:
byte[] textDecrypted2 = desCipher.doFinal(text)

This doesn't make sense to me. "text" is not encrypted - it is the original cleartext, so any attempts to decrypt it would result in garbage.

Aside #1: Any time you're using String.getBytes() instead of String.getBytes(String) the code is dependent on the platform you're running. If this code is supposed to run on different platforms (OS X, Windows, Linux, ...) then that is a bug waiting to happen.

Aside #2: DES is weak and obsolete. Use at least Triple-DES (the algorithm for which is called "DESede" in Java parlance).


Hi, thanks for your reply, you've given me a couple of things to look into there, cheers

With the "text", What I'm trying to do is input the encrypted message that I have already encrypted to the textfile(I've got the first half right).......

I'm really not sure I'm doing the right thing though.

What I've done is encrypted the message, got the secret key, along with the encrypted message from the textfile
and tryed to rebuild the string in another class.....

where I have:


which equals to :

javax.crypto.spec.SecretKeySpec@fffe793d

.........

I have a suspicion that might be were the problem is.....

when i run:



and then print myDesKey....

it shows something like....

com.sun.crypto.provider.DESKey@fffe7f57



So if I have the key, can I just decrypt the encryted message anywhere?
Do you think that might be the problem, the key issue?
Or am I totally on the wrong path?
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41818
    
  62
javax.crypto.spec.SecretKeySpec@fffe793d
com.sun.crypto.provider.DESKey@fffe7f57

These are just the JVM's default representations for objects; they don't tell you anything about the key being used. If you want to know the actual key, use SecretKey.getEncoded.

SecretKey myDesKey = keygenerator.generateKey();

This will create a new, random key, which sounds like the wrong thing to do, since you want to use a known, pre-existing key (if I understand correctly). Of course, if you store they key in a file, then it doesn't matter whether the key was random to being with, since nobody needs to remember it.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Help please: Encrypt, save to file, then decrypt later to read