Win a copy of Think Java: How to Think Like a Computer Scientist this week in the Java in General forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Help please: Encrypt, save to file, then decrypt later to read

 
Gus Parker
Greenhorn
Posts: 19
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I'm new to encrypting data in JAVA, have spend a few days reading up about it
and trying several methods, the methods I have got to work have pretty weak encryption.

The code below is one I'd really like to get working properly but seem to be having trouble with

Any point in the right direction, or what I am doing wrong would be great help.

Cheers



This code - Works fine.



The trouble is I want to write the encrypted message into a text file, then read it again
from another class.

So I tryed this below, tryed break down the key, then trying to rebuild the key (so I can
use it in another class once I get this right)

As you can see down the bottom, the first "Text Decryted : " Message will only show the
message it originally generate for this instance.

BUT the second one fails when it trys to Decrypt the code I have given it from class, the key
I've used with the 2nd one I have taken from another instance of running the program (the one
were I got the encrypted message to be decryted)




Do you think I'm going about this the right way, am I getting warm with it?

Is there a better way to be doing this?

Basically I want to take a string, encrypt it, save that to a text file, then decrypt it to read it
later on.

Any help would be fantastic,

Cheers, good day to you :-)

 
Ulf Dittmer
Rancher
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
byte[] textDecrypted2 = desCipher.doFinal(text)

This doesn't make sense to me. "text" is not encrypted - it is the original cleartext, so any attempts to decrypt it would result in garbage.

Aside #1: Any time you're using String.getBytes() instead of String.getBytes(String) the code is dependent on the platform you're running. If this code is supposed to run on different platforms (OS X, Windows, Linux, ...) then that is a bug waiting to happen.

Aside #2: DES is weak and obsolete. Use at least Triple-DES (the algorithm for which is called "DESede" in Java parlance).
 
Gus Parker
Greenhorn
Posts: 19
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ulf Dittmer wrote:
byte[] textDecrypted2 = desCipher.doFinal(text)

This doesn't make sense to me. "text" is not encrypted - it is the original cleartext, so any attempts to decrypt it would result in garbage.

Aside #1: Any time you're using String.getBytes() instead of String.getBytes(String) the code is dependent on the platform you're running. If this code is supposed to run on different platforms (OS X, Windows, Linux, ...) then that is a bug waiting to happen.

Aside #2: DES is weak and obsolete. Use at least Triple-DES (the algorithm for which is called "DESede" in Java parlance).


Hi, thanks for your reply, you've given me a couple of things to look into there, cheers

With the "text", What I'm trying to do is input the encrypted message that I have already encrypted to the textfile(I've got the first half right).......

I'm really not sure I'm doing the right thing though.

What I've done is encrypted the message, got the secret key, along with the encrypted message from the textfile
and tryed to rebuild the string in another class.....

where I have:


which equals to :

javax.crypto.spec.SecretKeySpec@fffe793d

.........

I have a suspicion that might be were the problem is.....

when i run:



and then print myDesKey....

it shows something like....

com.sun.crypto.provider.DESKey@fffe7f57



So if I have the key, can I just decrypt the encryted message anywhere?
Do you think that might be the problem, the key issue?
Or am I totally on the wrong path?
 
Ulf Dittmer
Rancher
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
javax.crypto.spec.SecretKeySpec@fffe793d
com.sun.crypto.provider.DESKey@fffe7f57

These are just the JVM's default representations for objects; they don't tell you anything about the key being used. If you want to know the actual key, use SecretKey.getEncoded.

SecretKey myDesKey = keygenerator.generateKey();

This will create a new, random key, which sounds like the wrong thing to do, since you want to use a known, pre-existing key (if I understand correctly). Of course, if you store they key in a file, then it doesn't matter whether the key was random to being with, since nobody needs to remember it.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic