Encripting with PBE key

[krzysztof.murkowski]

Hi,

I'm trying to encript simple text with PBE key which is generated from
the password.
This code is generating the same output for the different passwords.
What's wrong?

Thanks a lot for your help,
Krzysztof

import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;

public class Test05
{
public static void main( String args[] ) throws Exception
{
/*
byte[] salt = {
(byte)0xA9, (byte)0x9B, (byte)0xC8, (byte)0x32,
(byte)0x56, (byte)0x35, (byte)0xE3, (byte)0x03
};
int iterationCount = 19;
*/
String password = "password";
// String password = "different password";

// PBEKeySpec keySpec = new PBEKeySpec( password.toCharArray(), salt,
iterationCount, 8 );
PBEKeySpec keySpec = new PBEKeySpec( password.toCharArray() );
System.out.println( "keySpec: " + keySpec.getPassword() );

SecretKeyFactory keyFactory =
SecretKeyFactory.getInstance( "PBE" );
System.out.println( "keyFactory: " + keyFactory.getAlgorithm() );

SecretKey key = keyFactory.generateSecret( keySpec );
System.out.println( "key: " + key.getAlgorithm() );

Cipher cipher = Cipher.getInstance( key.getAlgorithm() );
System.out.println( "cipher.getInstance" );

cipher.init( Cipher.ENCRYPT_MODE, key );
System.out.println( "cipher.init" );

String input = "open text to be encrypted";
System.out.println( cipher.doFinal( input.getBytes() ) );
}
}

 

[rossum]

Hi,

I'm trying to encript simple text with PBE key which is generated from
the password.
This code is generating the same output for the different passwords.
What's wrong?

Thanks a lot for your help,
Krzysztof

import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;

public class Test05
{
public static void main( String args[] ) throws Exception
{
/*
byte[] salt = {
(byte)0xA9, (byte)0x9B, (byte)0xC8, (byte)0x32,
(byte)0x56, (byte)0x35, (byte)0xE3, (byte)0x03
};
int iterationCount = 19;
*/
String password = "password";
// String password = "different password";

// PBEKeySpec keySpec = new PBEKeySpec( password.toCharArray(), salt,
iterationCount, 8 );
PBEKeySpec keySpec = new PBEKeySpec( password.toCharArray() );
System.out.println( "keySpec: " + keySpec.getPassword() );

getPassword() returns an array of char. toString(), which is called
in the background of your println(), will treat this as an array. You
will get "C[XXXXXX", where the X are hex digits making up the hash
code of the array. This is probably not what you were expecting. You
need to explicitly convert the returned char[] to a String for it to
print the actual contents of the array.

SecretKeyFactory keyFactory =
SecretKeyFactory.getInstance( "PBE" );
System.out.println( "keyFactory: " + keyFactory.getAlgorithm() );

Different passwords will not change the algorithm, so you will always
get the same output here from getAlgorithm().

SecretKey key = keyFactory.generateSecret( keySpec );
System.out.println( "key: " + key.getAlgorithm() ); Ditto.


Cipher cipher = Cipher.getInstance( key.getAlgorithm() );
System.out.println( "cipher.getInstance" );

cipher.init( Cipher.ENCRYPT_MODE, key );
System.out.println( "cipher.init" );

String input = "open text to be encrypted";
System.out.println( cipher.doFinal( input.getBytes() ) );

Again, you will not get the contents of the array, just "B[XXXXXX".

rossum

 

[Roedy Green]

Cipher cipher = Cipher.getInstance( key.getAlgorithm() );

I think your biggest problem is here. It would be obvious if you
printed out key.getAlgorithm() which is a String.

Look at the Javadoc for Cipher.getInstance.

public static final Cipher getInstance(String transformation)
...
Parameters:
transformation - the name of the transformation, e.g.,
DES/CBC/PKCS5Padding. See Appendix A in the Java Cryptography
Extension Reference Guide for information about standard
transformation names.

cipher knows the algorithm to use, but not the key.

you need a cipher.init to tell it the secret key.

 

[krzysztof.murkowski]

Hi,

thanks a lot for all very useful hints.
Below the working code.

regards,
Krzysztof

import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;

public class Test05
{
public static void main( String args[] ) throws Exception
{

byte[] salt = {
(byte)0xA9, (byte)0x9B, (byte)0xC8, (byte)0x32,
(byte)0x56, (byte)0x35, (byte)0xE3, (byte)0x03
};
int iterationCount = 19;

String password = "password";
// String password = "different password";

PBEKeySpec keySpec = new PBEKeySpec( password.toCharArray(), salt,
iterationCount, 8 );
System.out.println( "keySpec: " +
String.valueOf( keySpec.getPassword() ) );
System.out.println( "keySpec: " + keySpec.getKeyLength() );

PBEParameterSpec paramSpec = new
PBEParameterSpec( keySpec.getSalt(), keySpec.getIterationCount() );

SecretKeyFactory keyFactory =
SecretKeyFactory.getInstance( "PBE" );
System.out.println( "keyFactory: " + keyFactory.getAlgorithm() );

SecretKey key = keyFactory.generateSecret( keySpec );
System.out.println( "key: " + key.getAlgorithm() );

Cipher cipher = Cipher.getInstance( key.getAlgorithm() );
System.out.println( "cipher.getInstance" );

cipher.init( Cipher.ENCRYPT_MODE, key, paramSpec );
System.out.println( "cipher.init" );

String sinput = "clear text";
System.out.println( "-> " + sinput );
byte bencrypt[] = cipher.doFinal( sinput.getBytes() );

Cipher dcipher = Cipher.getInstance( key.getAlgorithm() );
dcipher.init( Cipher.DECRYPT_MODE, key, paramSpec );

byte bdecrypt[] = dcipher.doFinal( bencrypt );

String soutput = new String( bdecrypt );
System.out.println( "<- " + soutput );
}
}