Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > Java > Java string encryption/decryption

Reply
Thread Tools

Java string encryption/decryption

 
 
dj_uncas
Guest
Posts: n/a
 
      11-20-2008
Hello group,

I have a problem, and I hope you can help me. I'm building an RMI
client/server solution, which requires encrypted parameters. I'm
mostly sending objects with String-type parameters, and therefore just
need to be able to encrypt and decrypt a String.

I have been looking at Java Cryptographic Extension, and had a running
sample that worked, however in the sample, I did not convert the
encrypted byte-array to a String before decrypting it. When I try
that, I get different exceptions regarding the length of the String
I'm trying to decrypt. For example, with the Triple DES algorithm I
get:
"javax.crypto.IllegalBlockSizeException: Input length must be multiple
of 8 when decrypting with padded cipher"

Some other algorithms just tell me, that the incomming string is not
padded correctly...

I think my issue is in converting the encrypted byte-array to a
String, and back - and this is where I fall short. Can you give me
some pointers on this?


Regards,

Mads
 
Reply With Quote
 
 
 
 
Tom Anderson
Guest
Posts: n/a
 
      11-20-2008
On Thu, 20 Nov 2008, dj_uncas wrote:

> I have a problem, and I hope you can help me. I'm building an RMI
> client/server solution, which requires encrypted parameters. I'm mostly
> sending objects with String-type parameters, and therefore just need to
> be able to encrypt and decrypt a String.


Have you thought about doing RMI over SSL? Would that do what you need?
Have a look:

http://today.java.net/pub/a/today/20...e-new-rmi.html

tom

--
skin thinking
 
Reply With Quote
 
 
 
 
dj_uncas
Guest
Posts: n/a
 
      11-20-2008
On Nov 20, 5:24*pm, rossum <(E-Mail Removed)> wrote:
> On Thu, 20 Nov 2008 06:49:55 -0800 (PST), dj_uncas <(E-Mail Removed)>
> wrote:
>
> >Hello group,

>
> >I have a problem, and I hope you can help me. I'm building an RMI
> >client/server solution, which requires encrypted parameters. I'm
> >mostly sending objects with String-type parameters, and therefore just
> >need to be able to encrypt and decrypt a String.

>
> >I have been looking at Java Cryptographic Extension, and had a running
> >sample that worked, however in the sample, I did not convert the
> >encrypted byte-array to a String before decrypting it.

>
> You probably need to convert the cyphertext to Base64 rather than to a
> String. *Cyphertext will contain all bytes from -128 to 127 which will
> make for a very strange string if you convert it directly. *Base64 is
> a form of armouring so you can effectively transmit raw bytes over a
> text stream.
>
> >When I try
> >that, I get different exceptions regarding the length of the String
> >I'm trying to decrypt. For example, with the Triple DES algorithm I
> >get:
> >"javax.crypto.IllegalBlockSizeException: Input length must be multiple
> >of 8 when decrypting with padded cipher"

>
> 3DES is obsolescent. *Unless you are using it for backwards
> compatibility you should change to AES. *The blocksize for AES is 128
> bits (16 bytes). *What padding did you specify? *The JCE default is no
> padding so you will get a blocksize error if your plaintext is not a
> multiple of 8 bytes (DES) or 16 bytes (AES). *Also if you are using
> ECB mode, do not because it is not safe. *Use CBC or CTR instead.
>
>
>
> >Some other algorithms just tell me, that the incomming string is not
> >padded correctly...

>
> Check what padding you are specifying at both ends. *They must be the
> same.
>
>
>
> >I think my issue is in converting the encrypted byte-array to a
> >String, and back - and this is where I fall short. Can you give me
> >some pointers on this?

>
> The cyphertext will not make sense as a String and should not be
> converted to a String as such. *If you need to be able to transmit the
> cyphertext over a text stream or similar then you will need to use
> something like Base64 to enable this. *Of course you will need to
> change from Base64 back into a byte array before decrypting.
>
>
>
> >Regards,

>
> >Mads

>
> Start with your plaintext as a String.
> Convert the plaintext to a byte array.
> Encrypt the byte array to produce the cyphertext as a byte array.
> Convert the cyphertext byte array into a Base64 String for
> transmission.
> After transmission convert the Base64 String back into the cyphertext
> byte array.
> Decrypt the cyphertext byte array to give the plaintext byte array.
> Convert the plaintext byte array back into a String.
>
> Remember to specify the same padding at both ends.
>
> rossum



Well, it makes perfect sense. And Base64 was probably the step i
missed. I still get a "Given final block not properly padded"
exception though. I get a cipher instance like this:

Cipher c = Cipher.getInstance( "AES" );

What do I do to specify the padding? I'm a total Java crypto novice
 
Reply With Quote
 
dj_uncas
Guest
Posts: n/a
 
      11-20-2008
>
> * Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding");


Just one more thing: Which JCE provider can I use for the above
Cipher? I had com.sun.crypto.provider.SunJCE (dynamically) installed,
but it cannot find the algorithm.
 
Reply With Quote
 
Arne Vajh°j
Guest
Posts: n/a
 
      11-21-2008
dj_uncas wrote:
> I have a problem, and I hope you can help me. I'm building an RMI
> client/server solution, which requires encrypted parameters. I'm
> mostly sending objects with String-type parameters, and therefore just
> need to be able to encrypt and decrypt a String.
>
> I have been looking at Java Cryptographic Extension, and had a running
> sample that worked, however in the sample, I did not convert the
> encrypted byte-array to a String before decrypting it. When I try
> that, I get different exceptions regarding the length of the String
> I'm trying to decrypt. For example, with the Triple DES algorithm I
> get:
> "javax.crypto.IllegalBlockSizeException: Input length must be multiple
> of 8 when decrypting with padded cipher"
>
> Some other algorithms just tell me, that the incomming string is not
> padded correctly...
>
> I think my issue is in converting the encrypted byte-array to a
> String, and back - and this is where I fall short. Can you give me
> some pointers on this?


Hex:

private static String toHex(byte[] ba) {
StringBuffer sb = new StringBuffer("");
for (int i = 0; i < ba.length; i++) {
sb.append(Integer.toHexString((ba[i] >> 4) & 0x0F));
sb.append(Integer.toHexString(ba[i] & 0x0F));
}
return sb.toString();
}
private static byte[] fromHex(String s) {
int n = s.length() / 2;
byte[] res = new byte[n];
for(int i = 0; i < n; i++) {
res[i] = (byte)(Integer.parseInt(s.substring(2 * i, 2 * i +
2), 16));
}
return res;
}


Base64:

public static String b64encode(byte[] b) throws MessagingException,
IOException {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
OutputStream b64os = MimeUtility.encode(baos, "base64");
b64os.write(b);
b64os.close();
return new String(baos.toByteArray());
}
public static byte[] b64decode(String s) throws
MessagingException, IOException {
ByteArrayInputStream bais = new ByteArrayInputStream(s.getBytes());
InputStream b64is = MimeUtility.decode(bais, "Base64");
byte[] tmp = new byte[s.length()];
int n = b64is.read(tmp);
byte[] res = new byte[n];
System.arraycopy(tmp, 0, res, 0, n);
return res;
}

Arne
 
Reply With Quote
 
Arne Vajh°j
Guest
Posts: n/a
 
      11-21-2008
dj_uncas wrote:
>> Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding");

>
> Just one more thing: Which JCE provider can I use for the above
> Cipher? I had com.sun.crypto.provider.SunJCE (dynamically) installed,
> but it cannot find the algorithm.


All SUN Java versions >= 1.4.2 should have it.

Arne
 
Reply With Quote
 
Arne Vajh°j
Guest
Posts: n/a
 
      11-21-2008
rossum wrote:

[a ton of good advice that I will not comment on]

> You probably need to convert the cyphertext to Base64 rather than to a
> String. Cyphertext will contain all bytes from -128 to 127 which will
> make for a very strange string if you convert it directly.


(new String(b, cs)).getBytes(cs) will even return b for all
character sets.

Arne



 
Reply With Quote
 
Roedy Green
Guest
Posts: n/a
 
      11-21-2008
On Thu, 20 Nov 2008 06:49:55 -0800 (PST), dj_uncas <(E-Mail Removed)>
wrote, quoted or indirectly quoted someone who said :

>I have a problem, and I hope you can help me. I'm building an RMI
>client/server solution, which requires encrypted parameters. I'm
>mostly sending objects with String-type parameters, and therefore just
>need to be able to encrypt and decrypt a String.


Encryption works with bytes. So you must first encode your string as
byte[] to encrypt it, e.g. to UTF-8. see
http://mindprod.com/jgloss/encoding.

You will get a mishmash of bytes once encrypted. You can't simply
decode this as a UTF-8 string since it will include bytes that are not
legit UTF-8 sequences. You must "armour" it to convert it to String,
usually a string of limited character set, so it won't be mangled by
email. There are many ways to armour. BASE64 is common.

See http://mindprod.com/jgloss/armouring.html

Code provided.

At the other end, you string the armour, and get back the bytes. Then
you decrypt. You get back bytes. Then you decode the UTF-8. Whew!

For code to do all this without JCE see:
http://mindprod.com/products1.html#TRANSPORTER

For code to do it with JCE see:
http://mindprod.com/jgloss/cipher.html
--
Roedy Green Canadian Mind Products
http://mindprod.com
Your old road is
Rapidly agin'.
Please get out of the new one
If you can't lend your hand
For the times they are a-changin'.
 
Reply With Quote
 
Roedy Green
Guest
Posts: n/a
 
      11-21-2008
On Thu, 20 Nov 2008 10:12:37 -0800 (PST), dj_uncas <(E-Mail Removed)>
wrote, quoted or indirectly quoted someone who said :

>Just one more thing: Which JCE provider can I use for the above
>Cipher? I had com.sun.crypto.provider.SunJCE (dynamically) installed,
>but it cannot find the algorithm.


To see which algorithms are available with your default provider, see
http://mindprod.com/jgloss/jce.html
which has the code
..
--
Roedy Green Canadian Mind Products
http://mindprod.com
Your old road is
Rapidly agin'.
Please get out of the new one
If you can't lend your hand
For the times they are a-changin'.
 
Reply With Quote
 
Roedy Green
Guest
Posts: n/a
 
      11-21-2008
On Fri, 21 Nov 2008 07:43:23 -0800, Roedy Green
<(E-Mail Removed)> wrote, quoted or indirectly quoted
someone who said :

> Encryption works with bytes. So you must first encode your string as
>byte[] to encrypt it, e.g. to UTF-8. see
>http://mindprod.com/jgloss/encoding.


that should read
http://mindprod.com/jgloss/encoding.html
--
Roedy Green Canadian Mind Products
http://mindprod.com
Your old road is
Rapidly agin'.
Please get out of the new one
If you can't lend your hand
For the times they are a-changin'.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
'System.String[]' from its string representation 'String[] Array' =?Utf-8?B?UmFqZXNoIHNvbmk=?= ASP .Net 0 05-04-2006 04:29 PM
Is "String s = "abc";" equal to "String s = new String("abc");"? Bruce Sam Java 15 11-19-2004 06:03 PM
String[] files = {"a.doc, b.doc"}; VERSUS String[] files = new String[] {"a.doc, b.doc"}; Matt Java 3 09-17-2004 10:28 PM
String.replaceAll(String regex, String replacement) question Mladen Adamovic Java 3 12-05-2003 04:20 PM
Re: String.replaceAll(String regex, String replacement) question Mladen Adamovic Java 0 12-04-2003 04:40 PM



Advertisments