Re: Java string encryption/decryption
- From: dj_uncas <djuncas@xxxxxxxxx>
- Date: Thu, 20 Nov 2008 09:14:38 -0800 (PST)
On Nov 20, 5:24 pm, rossum <rossu...@xxxxxxxxxxxx> wrote:
On Thu, 20 Nov 2008 06:49:55 -0800 (PST), dj_uncas <djun...@xxxxxxxxx>
wrote:
Hello group,
I have a problem, and I hope you can help me. I'm building an RMI
client/server solution, which requires encrypted parameters. I'm
mostly sending objects with String-type parameters, and therefore just
need to be able to encrypt and decrypt a String.
I have been looking at Java Cryptographic Extension, and had a running
sample that worked, however in the sample, I did not convert the
encrypted byte-array to a String before decrypting it.
You probably need to convert the cyphertext to Base64 rather than to a
String. Cyphertext will contain all bytes from -128 to 127 which will
make for a very strange string if you convert it directly. Base64 is
a form of armouring so you can effectively transmit raw bytes over a
text stream.
When I try
that, I get different exceptions regarding the length of the String
I'm trying to decrypt. For example, with the Triple DES algorithm I
get:
"javax.crypto.IllegalBlockSizeException: Input length must be multiple
of 8 when decrypting with padded cipher"
3DES is obsolescent. Unless you are using it for backwards
compatibility you should change to AES. The blocksize for AES is 128
bits (16 bytes). What padding did you specify? The JCE default is no
padding so you will get a blocksize error if your plaintext is not a
multiple of 8 bytes (DES) or 16 bytes (AES). Also if you are using
ECB mode, do not because it is not safe. Use CBC or CTR instead.
Some other algorithms just tell me, that the incomming string is not
padded correctly...
Check what padding you are specifying at both ends. They must be the
same.
I think my issue is in converting the encrypted byte-array to a
String, and back - and this is where I fall short. Can you give me
some pointers on this?
The cyphertext will not make sense as a String and should not be
converted to a String as such. If you need to be able to transmit the
cyphertext over a text stream or similar then you will need to use
something like Base64 to enable this. Of course you will need to
change from Base64 back into a byte array before decrypting.
Regards,
Mads
Start with your plaintext as a String.
Convert the plaintext to a byte array.
Encrypt the byte array to produce the cyphertext as a byte array.
Convert the cyphertext byte array into a Base64 String for
transmission.
After transmission convert the Base64 String back into the cyphertext
byte array.
Decrypt the cyphertext byte array to give the plaintext byte array.
Convert the plaintext byte array back into a String.
Remember to specify the same padding at both ends.
rossum
Well, it makes perfect sense. And Base64 was probably the step i
missed. I still get a "Given final block not properly padded"
exception though. I get a cipher instance like this:
Cipher c = Cipher.getInstance( "AES" );
What do I do to specify the padding? I'm a total Java crypto novice :-(
.
- Follow-Ups:
- Re: Java string encryption/decryption
- From: rossum
- Re: Java string encryption/decryption
- References:
- Java string encryption/decryption
- From: dj_uncas
- Re: Java string encryption/decryption
- From: rossum
- Java string encryption/decryption
- Prev by Date: Re: super.clone() puzzlement
- Next by Date: Logic Sort Order
- Previous by thread: Re: Java string encryption/decryption
- Next by thread: Re: Java string encryption/decryption
- Index(es):
Relevant Pages
|
|
