Re: using CipherInputStream

From: rossum <rossum48@xxxxxxxxxxxx>
Date: Wed, 18 Jun 2008 00:42:39 +0100

On Tue, 17 Jun 2008 11:11:02 -0700 (PDT), jimgardener
<jimgardener@xxxxxxxxx> wrote:

hi
i was trying to encrypt and decrypt a string using CipherOutputStream
and CipherInputStream as below.I wanted to write the encrypted string
to a file "encfile.enc" using CipherOutputStream and then read back
the decrypted version from that file using CipherInputStream

String plaintext="war starts tomorrow at 19 hours";
byte[] plainbytes=plaintext.getBytes("UTF-8");

KeyGenerator kg=KeyGenerator.getInstance("DES");
SecretKey skey=kg.generateKey();
byte[] deskey= skey.getEncoded();
SecretKeySpec spec=new SecretKeySpec(deskey,"DES");
Cipher cip=Cipher.getInstance("DES/ECB/PKCS5Padding");

^^^ ^^^
ECB mode is broken. Do not use it for any real application, it is
just about OK for testing. Use CBC or CTR modes instead. See
http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation for a
good summary, including an excellent illustration of why ECB mode in
broken.

DES is no longer secure, either use AES or possibly 3DES if some level
of DES compatibility is required.

cip.init(Cipher.ENCRYPT_MODE, spec);

CipherOutputStream cipout=new CipherOutputStream(new

FileOutputStream("encfile.enc"),cip);
cipout.write(plainbytes);
cipout.flush();

Using cipout.close() instead of cipout.flush() helps you here, but
does not entirely solve your problem. It does point you in the
direction of the probable source of the problem.

//now i init the cipher for decryption and use CipherInputStream
cip.init(Cipher.DECRYPT_MODE, spec);
CipherInputStream cipin=new CipherInputStream(new
FileInputStream("encfile.enc"),cip);
byte[] decryptedbytes=new byte[plainbytes.length];
cipin.read(decryptedbytes);

Check how many bytes you are reading here; when I run the program I do
not get the expected number. It looks to me like an i/o problem
rather than a cryptography problem.

rossum

String decryptedtext=new String(decryptedbytes);
System.out.println("plain>>\n"+plaintext);
System.out.println("decrypted>>\n"+decryptedtext);

the result i get is
plain>>
war starts tomorrow at 19 hours
decrypted>>
war starts tomor
Here, after the 16 characters i am getting 'square like' characters.Am
i doing something wrong here?why doesn't the CipherInputStream read/
decrypt the full string?

References:
- using CipherInputStream
  - From: jimgardener

Prev by Date: Re: package junit.framework does not exist
Next by Date: Re: Making a string, file-safe (file-encode??)
Previous by thread: Re: using CipherInputStream
Next by thread: Re: using CipherInputStream
Index(es):
- Date
- Thread

Relevant Pages

using CipherInputStream
... i was trying to encrypt and decrypt a string using CipherOutputStream ... and CipherInputStream as below.I wanted to write the encrypted string ... the decrypted version from that file using CipherInputStream ...
(comp.lang.java.programmer)
Re: using CipherInputStream
... and CipherInputStream as below.I wanted to write the encrypted string ... the decrypted version from that file using CipherInputStream ... war starts tomorrow at 19 hours ... decrypt the full string? ...
(comp.lang.java.programmer)
Re: Trial period for app
... or in a field in a Table and compare it with Nowin startup code, ... encrypted string in the Registry and the other in a Table field. ... decrypt identically, do the time check as before. ...
(microsoft.public.access.modulesdaovba)