I'm working on a security application using my own customized cryptography method, and having a problem on message decryption.
Here is an my Code
private static void myCryptography(){
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
byte[] input = "Hitesh Dhamshaniya".getBytes();
byte[] keyBytes = "ABCD657865BHNKKK".getBytes();
SecretKeySpec key = new SecretKeySpec(keyBytes, "AES");
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS7Padding", "BC");
// encryption pass
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] cipherText = new byte[cipher.getOutputSize(input.length)];
int ctLength = cipher.update(input, 0, input.length, cipherText, 0);
ctLength += cipher.doFinal(cipherText, ctLength);
Log.e("==> ", " == > Encode " + Base64.encodeToString(cipherText, Base64.DEFAULT));
String encodedStr = Base64.encodeToString(cipherText, Base64.DEFAULT);
// decryption pass
cipherText = Base64.decode(encodedStr, Base64.DEFAULT);
cipher.init(Cipher.DECRYPT_MODE, key);
byte[] plainText = new byte[cipher.getOutputSize(ctLength)];
int ptLength = cipher.update(cipherText, 0, ctLength, plainText, 0);
ptLength += cipher.doFinal(plainText, ptLength);
Log.e("==> ", " == > Decoded " + new String(plainText, "UTF-8"));
}
Getting below output
== > Encode TteNmufoa5AWWmEPBmQ3N8fdqRpahvwUR7CSclAcsjM=
== > Decoded Hitesh Dhamshaniya���������������������
How to remove unwanted character like '��' from decode string.
The cipher removes the padding automatically. What you see here comes from the conversion of the byte array plainText to the string. You should only use the first ptLength bytes instead of the whole array:
new String(plainText, 0, ptLength, "UTF-8")
Related
I have done encryption in android with a static password i.e. "encrypt". The encryption works fine and encrypts the data. But when i try to decrypt the encrypted text it does not show. The code to decrypt is as follow.
public String decrypt(String msg, String inputPassword) throws Exception{
SecretKeySpec key= generateKey(inputPassword);
Cipher c = Cipher.getInstance(AES);
c.init(Cipher.DECRYPT_MODE, key);
byte[] decodedValue= Base64.decode(msg, Base64.DEFAULT);
/*If this line is present the encrypted message is not seen*/
byte[] decValue = c.doFinal(Base64.decode(decodedValue,
Base64.DEFAULT));
String decryptedValue = new String(decodedValue);
String decryptedValue = new String(decValue, StandardCharsets.UTF_8);
return decryptedValue;
}
When the code (below the comment) is enabled. The message is not displayed. But when the line is commented. This is shown in the message box
After the code is commented.
This is the encrypt and key generate methods.
public String encrypt(String message, String inputPassword) throws Exception{
SecretKeySpec key = generateKey(inputPassword);
Cipher c = Cipher.getInstance(AES);
c.init(c.ENCRYPT_MODE, key);
byte[] encVal = c.doFinal(message.getBytes());
String encryptedValue = Base64.encodeToString(encVal, Base64.DEFAULT);
return encryptedValue;
}
//For generating key for encryption
public SecretKeySpec generateKey(String inputPassword) throws Exception{
final MessageDigest digest = MessageDigest.getInstance("SHA-256");
byte[] bytes = inputPassword.getBytes("UTF-8");
digest.update(bytes, 0, bytes.length);
byte[] key = digest.digest();
SecretKeySpec secretKeySpec = new SecretKeySpec(key, "AES");
return secretKeySpec;
}
The log is follow
enter image description here
Also the API level is not maintained... I don't know where to setup this as well.
enter image description here
Could you try changing this
String decryptedValue = new String(decodedValue)
to this
String decryptedValue = new String(decodedValue, StandardCharsets.UTF_8)
And for your error, try changing to this
c.doFinal(Base64.decode(decodedValue, Base64.DEFAULT))
I need to use PublicKey to encrypt session key but I have public key as Base64 encoded string so I tried to convert it as :
KeyFactory kf = KeyFactory.getInstance("RSA"); // or "EC" or whatever
byte[] keyBytes = _publicKey.getBytes();
byte[] publicKeyBytes = Base64.decode(keyBytes, Base64.DEFAULT);
X509EncodedKeySpec publicKeySpecs = new X509EncodedKeySpec(publicKeyBytes);
Log.v("", "X509 KS" + publicKeySpecs);
publicKey = kf.generatePublic(publicKeySpecs);
But I am getting public key as null value and getting exception as :
java.security.spec.InvalidKeySpecException: java.lang.RuntimeException: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
If anyone has idea how to do it or have working code then please help me.
Thanks in Advance
Hi guys I generated Public Key from Base64 encoded String .
after wondering for few days this code worked for me.
String _publicKey= base64encoded_publickey;
// InputStream fileInputStream = null;
try {
// Receiving side
byte[] decodedBytes = Base64.decode(_publicKey, Base64.DEFAULT);
fileInputStream = new ByteArrayInputStream(decodedBytes);
// Print the decoded string
String decodedString = new String(decodedBytes);
CertificateFactory certFactory = CertificateFactory
.getInstance(CERTIFICATE_TYPE);
// certFactory.
X509Certificate cert = (X509Certificate) certFactory
.generateCertificate(fileInputStream);
publicKey = cert.getPublicKey();
Log.d("TAG", "Public key of the certificate:" + publicKey);
} catch (Exception e) {
e.printStackTrace();
throw new RuntimeException("Could not intialize encryption module",
e);
} finally {
if (keyStream != null) {
try {
keyStream.close();
} catch (IOException e) {
e.printStackTrace();
}
}
}
Hope it will help you...Thanks...
well, last time it worked for me (I used bouncyCastle library..), you might need to modify it if it doesn't suit your need..
KeyPairGenerator keyGen = null;
KeyPair kp = null;
keyGen = KeyPairGenerator.getInstance("ECDSA", "BC");
ECGenParameterSpec ecSpec = new ECGenParameterSpec("brainpoolp160r1");
keyGen.initialize(ecSpec, new SecureRandom());
kp = keyGen.generateKeyPair();
EDIT:
(oops my bad, that's for initial generation..)
at that time I stored them as one..
and I need to convert the Base64 string back to array of byte first, and split them into part 1 and part 2..
private void splitKeyPair (byte[] thekeypair, byte[] part1, byte[] part2)
{
System.arraycopy(thekeypair, 0, part1, 0, 68);
System.arraycopy(thekeypair, 68, part2, 0, 115);
}
byte[] part1 = new byte[68];
byte[] part2 = new byte[115];
splitKeyPair(inputBuffer, part1, part2);
fact = KeyFactory.getInstance("ECDSA", "BC");
kp = new KeyPair(fact.generatePublic(new X509EncodedKeySpec(part1)),
fact.generatePrivate(new PKCS8EncodedKeySpec(part2)));
hope it helps..
*note: the size might vary, depending on the spec..
I need to encrypt the username and password and encode them and send it via SOAP header.
I used DES algorithm to encrypt the plainText `
String key = "qwer1234qwetr123wqw";
String x = "sadgsagd:%%^%ghsagdh";
byte[] keyBytes = new byte[1024];
byte[] plaintext = x.getBytes();
byte[] tdesKeyData = key.getBytes();
Cipher c3des = Cipher.getInstance("DESede/CBC/PKCS5Padding");
SecretKeySpec myKey = new SecretKeySpec(tdesKeyData, "DESede");
IvParameterSpec ivspec = new IvParameterSpec(keyBytes);
c3des.init(Cipher.ENCRYPT_MODE, myKey, ivspec);
byte[] cipherText = c3des.doFinal(plaintext);
int hash = Base64.encode(cipherText).hashCode();
return Base64.encode(cipherText);`
At runtime i am getting an Exception:
javax.crypto.BadPaddingException: Given
if you are using byte buffer of 64,i probably is too long change it to 32,
or use the length of file like this byte[] buffer = new byte[(int)new File("data").length()];
my problem get solved after doing this..
I am using code to Base-64 encode and encrypt data in c#, then I ship the file over to my Android app where I attempt to decrypt it.
Problem is, I get an "Length of Base64 encoded input string is not a multiple of 4." error when decrypting:
(Java code for Android):
try
{
Boolean inEvent = false;
// read encrypted file to string
BufferedInputStream fin = new BufferedInputStream(new FileInputStream(filename));
ByteArrayOutputStream bout = new ByteArrayOutputStream();
byte buffer[] = new byte[8192];
int read = fin.read(buffer);
while(read != -1) {
bout.write(buffer, 0, read);
read = fin.read(buffer);
}
fin.close();
String encryptedText = bout.toByteArray().toString();
String unencryptedText = "";
// decrypt string
try
{
unencryptedText = Decrypt(encryptedText, sKey); <-- error occurs here
}
catch ( Exception e)
{
alert(e.getMessage());
return sched;
}
Decrypt method:
protected String Decrypt(String text, String key) throws Exception
{
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
byte[] keyBytes= new byte[16];
byte[] b= key.getBytes("UTF-8");
int len= b.length;
if (len > keyBytes.length) len = keyBytes.length;
System.arraycopy(b, 0, keyBytes, 0, len);
SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "AES");
IvParameterSpec ivSpec = new IvParameterSpec(keyBytes);
cipher.init(Cipher.DECRYPT_MODE,keySpec,ivSpec);
byte [] results = cipher.doFinal(Base64Coder.decode(text));
return new String(results,"UTF-8");
}
Finally, here is the c# code I am encrypting with:
(c# code):
string Encrypt(string textToEncrypt, string key)
{
RijndaelManaged rijndaelCipher = new RijndaelManaged();
rijndaelCipher.Mode = CipherMode.CBC;
rijndaelCipher.Padding = PaddingMode.PKCS7;
rijndaelCipher.KeySize = 0x80;
rijndaelCipher.BlockSize = 0x80;
byte[] pwdBytes = Encoding.UTF8.GetBytes(key);
byte[] keyBytes = new byte[0x10];
int len = pwdBytes.Length;
if (len > keyBytes.Length)
{
len = keyBytes.Length;
}
Array.Copy(pwdBytes, keyBytes, len);
rijndaelCipher.Key = keyBytes;
rijndaelCipher.IV = keyBytes;
ICryptoTransform transform = rijndaelCipher.CreateEncryptor();
byte[] plainText = Encoding.UTF8.GetBytes(textToEncrypt);
return Convert.ToBase64String(transform.TransformFinalBlock(plainText, 0, plainText.Length));
}
Not sure what's wrong. Does the length of the key have to be some specific number of bytes long?
The comment has already identified the problem, and you'd see it immediately if you debugged the key item here: the base 64 string you think you are reading.
You collect your bytes from the file in bout. But your attempt to convert it to a string representation is not doing anything like what you imagine. It's going to be something like "[B#2352544e]", just Java's internal default toString() from the array. Instead, try new String(bout.toByteArray(), Charset.forName("US-ASCII")).
So I've seen a lot of examples, and done a lot of googling, and looked at examples on Stack Overflow... and I need help. I've got an Android application and I'm storing username and passwords on the device, and I need to encrypt them AES 256. From looking at examples, this is what I have so far:
public class Security {
Cipher ecipher;
Cipher dcipher;
// 8-byte Salt
byte[] salt = {
(byte)0xA9, (byte)0x9B, (byte)0xC8, (byte)0x32,
(byte)0x56, (byte)0x35, (byte)0xE3, (byte)0x03
};
// Iteration count
int iterationCount = 19;
public Security (String passPhrase) {
try {
// Create the key
KeySpec keySpec = new PBEKeySpec(passPhrase.toCharArray(), salt, iterationCount);
SecretKey key = SecretKeyFactory.getInstance(
"PBEWithSHAAndAES").generateSecret(keySpec);
ecipher = Cipher.getInstance(key.getAlgorithm());
dcipher = Cipher.getInstance(key.getAlgorithm());
// Prepare the parameter to the ciphers
AlgorithmParameterSpec paramSpec = new PBEParameterSpec(salt, iterationCount);
// Create the ciphers
ecipher.init(Cipher.ENCRYPT_MODE, key, paramSpec);
dcipher.init(Cipher.DECRYPT_MODE, key, paramSpec);
} catch (Exception e) {
e.printStackTrace();
}
}
public String encrypt(String str) {
try {
// Encode the string into bytes using utf-8
byte[] utf8 = str.getBytes("UTF8");
// Encrypt
byte[] enc = ecipher.doFinal(utf8);
// Encode bytes to base64 to get a string
return Base64.encodeToString(enc, Base64.DEFAULT);
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
public String decrypt(String str) {
try {
// Decode base64 to get bytes
byte[] dec = Base64.decode(str, Base64.DEFAULT);
// Decrypt
byte[] utf8 = dcipher.doFinal(dec);
// Decode using utf-8
return new String(utf8, "UTF8");
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
}
I'm trying to make it password based, so a user will create an account the first time using the username and password needed to communicate back to the server, and create a PIN that will be used as the key for these credentials stored in the database.
What I'm mainly concerned about is does this look secure? I know a fixed salt is bad, how do I fix that?
I know there's been like a billion questions about this, but I want someone to just come out and say "THIS IS SECURE" or "THIS IS NOT SECURE, CHANGE THIS"
Thanks!
EDIT:
So this is the code I have so far, and it seems to be working...
public class Security {
Cipher ecipher;
Cipher dcipher;
byte[] salt = new byte[8];
int iterationCount = 200;
public Security(String passPhrase) {
try {
// generate a random salt
SecureRandom random = new SecureRandom();
random.nextBytes(salt);
// Create the key
KeySpec keySpec = new PBEKeySpec(passPhrase.toCharArray(), salt, iterationCount);
SecretKey key = SecretKeyFactory.getInstance(
"PBEWithSHA256And256BitAES-CBC-BC").generateSecret(keySpec);
ecipher = Cipher.getInstance(key.getAlgorithm());
dcipher = Cipher.getInstance(key.getAlgorithm());
// Prepare the parameter to the ciphers
AlgorithmParameterSpec paramSpec = new PBEParameterSpec(salt, iterationCount);
// Create the ciphers
ecipher.init(Cipher.ENCRYPT_MODE, key, paramSpec);
dcipher.init(Cipher.DECRYPT_MODE, key, paramSpec);
} catch (Exception e) {
e.printStackTrace();
}
}
public String encrypt(String str) {
try {
// Encode the string into bytes using utf-8
byte[] utf8 = str.getBytes("UTF8");
// Encrypt
byte[] enc = ecipher.doFinal(utf8);
// Encode bytes to base64 to get a string
return Base64.encodeToString(enc, Base64.DEFAULT);
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
public String decrypt(String str) {
try {
// Decode base64 to get bytes
byte[] dec = Base64.decode(str, Base64.DEFAULT);
// Decrypt
byte[] utf8 = dcipher.doFinal(dec);
// Decode using utf-8
return new String(utf8, "UTF8");
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
public int getIterationCount() {
return iterationCount;
}
public String getSalt() {
return Base64.encodeToString(salt, Base64.DEFAULT);
}
}
I used this code to test it:
Security s = new Security(pinBox.getText().toString());
String encrypted = s.encrypt(passwordBox.getText().toString());
String decrypted = s.decrypt(encrypted);
builder.setMessage("pin: " + pinBox.getText().toString() + "\n" +
"password: " + passwordBox.getText().toString() + "\n" +
"encrypted: " + encrypted + "\n" +
"decrypted: " + decrypted + "\n" +
"salt: " + s.getSalt());
So I don't need to worry about an initialization vector? Or specifically hardcode a Cipher algorithm?
Thanks again!
EDIT: While the code below is correct, what you have is doing basically the same thing, with the IV derived from the password, so you don't have to store it separately.
Does your code work as expected? For the actual encryption/decryption you would want to use AES, most probably in CBC mode. Then you would need an IV, so it becomes something like this:
ecipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
byte[] iv = new byte[IV_LENGTH];
SecureRandom random = new SecureRandom();
random.nextBytes(iv);
ecipher.init(Cipher.ENCRYPT_MODE, secret, new IvParameterSpec(iv));
byte[] enc = ecipher.doFinal(utf8);
Whether it is secure depends on what you are using this for. The purpose of the salt is to make it harder to brute force the passphrase: if it's random the attacker cannot use pre-generated passphrase tables (passphrase->key). If you are not too worried about this sort of attack, you might leave it fixed. If you decide to make it random, just store it with the encrypted data. Same with the IV.