Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > Java > incorrect decryption using AES/CBC

Reply
Thread Tools

incorrect decryption using AES/CBC

 
 
jimgardener
Guest
Posts: n/a
 
      06-19-2008
hi
i tried to encrypt a message using AES/CBC/PKCS5Padding and stored the
aeskey in keystore and wrote the IV byte[] and encrypted message to a
text file.Then in another piece of code i read the IV and encrypted
message from file and retrieved the aeskey from keystore again tried
to decrypt the message.I am getting the first part of message garbled
and only last part of message is properly decrypted.
ie,for the message
"all hands report to deck immediately" i get
?3??u?sU?c? to deck immediately

can someone help me to correct this ?
p.s:
i have put only trivial try catch blocks to save space here

//makes a new keystore
public static void makeKeyStore(){
try{
KeyStore ks=KeyStore.getInstance("JCEKS");
ks.load(null,"".toCharArray());
FileOutputStream ksout=new FileOutputStream("myks.keystore");
char[] password = new char[] {'m','y','n','a','m','e'};
ks.store(ksout, password);
Arrays. fill(password, '\u0000' ) ;
debug("empty keystore created");
}
catch(Exception e){
e.printStackTrace();
}

}

//encrypts a message
public static void blockCipherEncrDemo(){

String plaintext="all hands report to deck immediately";
try{
KeyGenerator kg=KeyGenerator.getInstance("AES");
SecretKey skey=kg.generateKey();
byte[] aeskey=skey.getEncoded();
SecretKeySpec spec=new SecretKeySpec(aeskey,"AES");
Cipher cip=Cipher.getInstance("AES/CBC/PKCS5Padding");
cip.init(Cipher.ENCRYPT_MODE, spec);
byte[] iv=cip.getIV();
FileOutputStream foutiv=new FileOutputStream("blockiv.txt");
foutiv.write(iv);

KeyStore ks=KeyStore.getInstance("JCEKS");
FileInputStream ksin=new FileInputStream("myks.keystore");

char[] passwd=new char[] {'m','y','n','a','m','e'};
ks.load(ksin,passwd);
ks.setKeyEntry("myaeskey",skey,passwd,null);
FileOutputStream fos = new FileOutputStream("myks.keystore");
ks.store(fos,passwd);
Arrays.fill(passwd,'\u0000');
//encrypt plaintext
byte[] plainbytes=plaintext.getBytes("UTF-8");
CipherOutputStream cipout=new CipherOutputStream(new

FileOutputStream("blockencrypted.txt"),cip);
cipout.write(plainbytes);
cipout.flush();
cipout.close();

}
catch(Exception e){
e.printStackTrace();
}
}


//trying to decrypt the message from file "blockencrypted.txt"

public static void blockCipherDecrDemo(){
try{
KeyStore ks=KeyStore.getInstance("JCEKS");
FileInputStream finks=new FileInputStream("myks.keystore");
char[] passwd=new char[] {'m','y','n','a','m','e'};
ks.load(finks,passwd);
Key skey=ks.getKey("myaeskey", passwd);
if (skey!=null)System.out.println("skey retrieved from keystore");
finks.close();
Arrays.fill(passwd,'\u0000');
byte[] aeskey=skey.getEncoded();
SecretKeySpec keySpec = new SecretKeySpec(aeskey, "AES");
Cipher c=Cipher.getInstance("AES/CBC/PKCS5Padding");
FileInputStream finiv=new FileInputStream("blockiv.txt");
byte[] iv = new byte[finiv.available()];
finiv.close();
IvParameterSpec ivspec= new IvParameterSpec(iv);
c.init(Cipher.DECRYPT_MODE, keySpec,ivspec);
CipherInputStream cipin=new CipherInputStream(new

FileInputStream("blockencrypted.txt"),c);
int r=0;
byte[] tempbytes=new byte[16];
FileOutputStream fout=new FileOutputStream("blockdecrypted.txt");
String s="";
String s1=null;
while((r=cipin.read(tempbytes))!=-1){
fout.write(tempbytes,0,r);
s1=new String(tempbytes,0,r,Charset.forName("UTF-8"));
s=s+s1;

}
System.out.println("message is:>>\n"+s);

}
catch(Exception e){
e.printStackTrace();
}

}
 
Reply With Quote
 
 
 
 
jimgardener
Guest
Posts: n/a
 
      06-19-2008

>
> You forgot to do something rather obvious here.
>


sorry!forgot the read()
thanks rossum
jim
 
Reply With Quote
 
 
 
 
Roedy Green
Guest
Posts: n/a
 
      06-20-2008
On Thu, 19 Jun 2008 08:07:08 -0700 (PDT), jimgardener
<(E-Mail Removed)> wrote, quoted or indirectly quoted someone who
said :


> byte[] iv = new byte[finiv.available()];
> finiv.close();
> IvParameterSpec ivspec= new IvParameterSpec(iv);
> c.init(Cipher.DECRYPT_MODE, keySpec,ivspec);


see http://mindprod.com/jgloss/cipher.html

It is almost identical to your problem with the exception it generates
its own key rather than hashing one out of a pass phrase.

Looks to me that you did not set up your salt iv array correctly. You
allocated it, but did not fill it. Both encrypt and decrypt must use
identical not-particularly secret salt.

salt is the wrong word. There is a funny word people use for salting
in the context of CBC which escapes me.

--

Roedy Green Canadian Mind Products
The Java Glossary
http://mindprod.com
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Using hybrid encryption/decryption Susanne Kaufmann Java 2 12-16-2013 12:10 PM
Automate decryption using GnuPGInterface George Python 2 11-30-2005 06:30 PM
encryption and decryption using SoapExtension Henrik Bruhn ASP .Net Web Services 0 02-18-2004 11:55 AM
Forms Authentication Fails Between ASP.NET 1.0 and 1.1 Applications (Cookie Decryption Fails) John Saunders ASP .Net 1 11-18-2003 03:25 PM
database connection string encryption and decryption Srinivasa Reddy K Ganji ASP .Net 1 07-18-2003 11:30 AM



Advertisments