incorrect decryption using AES/CBC

Discussion in 'Java' started by jimgardener, Jun 19, 2008.

  1. jimgardener

    jimgardener Guest

    hi
    i tried to encrypt a message using AES/CBC/PKCS5Padding and stored the
    aeskey in keystore and wrote the IV byte[] and encrypted message to a
    text file.Then in another piece of code i read the IV and encrypted
    message from file and retrieved the aeskey from keystore again tried
    to decrypt the message.I am getting the first part of message garbled
    and only last part of message is properly decrypted.
    ie,for the message
    "all hands report to deck immediately" i get
    ?3??u?sU?c? to deck immediately

    can someone help me to correct this ?
    p.s:
    i have put only trivial try catch blocks to save space here

    //makes a new keystore
    public static void makeKeyStore(){
    try{
    KeyStore ks=KeyStore.getInstance("JCEKS");
    ks.load(null,"".toCharArray());
    FileOutputStream ksout=new FileOutputStream("myks.keystore");
    char[] password = new char[] {'m','y','n','a','m','e'};
    ks.store(ksout, password);
    Arrays. fill(password, '\u0000' ) ;
    debug("empty keystore created");
    }
    catch(Exception e){
    e.printStackTrace();
    }

    }

    //encrypts a message
    public static void blockCipherEncrDemo(){

    String plaintext="all hands report to deck immediately";
    try{
    KeyGenerator kg=KeyGenerator.getInstance("AES");
    SecretKey skey=kg.generateKey();
    byte[] aeskey=skey.getEncoded();
    SecretKeySpec spec=new SecretKeySpec(aeskey,"AES");
    Cipher cip=Cipher.getInstance("AES/CBC/PKCS5Padding");
    cip.init(Cipher.ENCRYPT_MODE, spec);
    byte[] iv=cip.getIV();
    FileOutputStream foutiv=new FileOutputStream("blockiv.txt");
    foutiv.write(iv);

    KeyStore ks=KeyStore.getInstance("JCEKS");
    FileInputStream ksin=new FileInputStream("myks.keystore");

    char[] passwd=new char[] {'m','y','n','a','m','e'};
    ks.load(ksin,passwd);
    ks.setKeyEntry("myaeskey",skey,passwd,null);
    FileOutputStream fos = new FileOutputStream("myks.keystore");
    ks.store(fos,passwd);
    Arrays.fill(passwd,'\u0000');
    //encrypt plaintext
    byte[] plainbytes=plaintext.getBytes("UTF-8");
    CipherOutputStream cipout=new CipherOutputStream(new

    FileOutputStream("blockencrypted.txt"),cip);
    cipout.write(plainbytes);
    cipout.flush();
    cipout.close();

    }
    catch(Exception e){
    e.printStackTrace();
    }
    }


    //trying to decrypt the message from file "blockencrypted.txt"

    public static void blockCipherDecrDemo(){
    try{
    KeyStore ks=KeyStore.getInstance("JCEKS");
    FileInputStream finks=new FileInputStream("myks.keystore");
    char[] passwd=new char[] {'m','y','n','a','m','e'};
    ks.load(finks,passwd);
    Key skey=ks.getKey("myaeskey", passwd);
    if (skey!=null)System.out.println("skey retrieved from keystore");
    finks.close();
    Arrays.fill(passwd,'\u0000');
    byte[] aeskey=skey.getEncoded();
    SecretKeySpec keySpec = new SecretKeySpec(aeskey, "AES");
    Cipher c=Cipher.getInstance("AES/CBC/PKCS5Padding");
    FileInputStream finiv=new FileInputStream("blockiv.txt");
    byte[] iv = new byte[finiv.available()];
    finiv.close();
    IvParameterSpec ivspec= new IvParameterSpec(iv);
    c.init(Cipher.DECRYPT_MODE, keySpec,ivspec);
    CipherInputStream cipin=new CipherInputStream(new

    FileInputStream("blockencrypted.txt"),c);
    int r=0;
    byte[] tempbytes=new byte[16];
    FileOutputStream fout=new FileOutputStream("blockdecrypted.txt");
    String s="";
    String s1=null;
    while((r=cipin.read(tempbytes))!=-1){
    fout.write(tempbytes,0,r);
    s1=new String(tempbytes,0,r,Charset.forName("UTF-8"));
    s=s+s1;

    }
    System.out.println("message is:>>\n"+s);

    }
    catch(Exception e){
    e.printStackTrace();
    }

    }
     
    jimgardener, Jun 19, 2008
    #1
    1. Advertising

  2. jimgardener

    jimgardener Guest


    >
    > You forgot to do something rather obvious here.
    >


    sorry!forgot the read()
    thanks rossum
    jim
     
    jimgardener, Jun 19, 2008
    #2
    1. Advertising

  3. jimgardener

    Roedy Green Guest

    On Thu, 19 Jun 2008 08:07:08 -0700 (PDT), jimgardener
    <> wrote, quoted or indirectly quoted someone who
    said :


    > byte[] iv = new byte[finiv.available()];
    > finiv.close();
    > IvParameterSpec ivspec= new IvParameterSpec(iv);
    > c.init(Cipher.DECRYPT_MODE, keySpec,ivspec);


    see http://mindprod.com/jgloss/cipher.html

    It is almost identical to your problem with the exception it generates
    its own key rather than hashing one out of a pass phrase.

    Looks to me that you did not set up your salt iv array correctly. You
    allocated it, but did not fill it. Both encrypt and decrypt must use
    identical not-particularly secret salt.

    salt is the wrong word. There is a funny word people use for salting
    in the context of CBC which escapes me.

    --

    Roedy Green Canadian Mind Products
    The Java Glossary
    http://mindprod.com
     
    Roedy Green, Jun 20, 2008
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Nate Wiger

    New AES gem available -- fast-aes

    Nate Wiger, Jan 20, 2010, in forum: Ruby
    Replies:
    3
    Views:
    200
    Pål Bergström
    Jul 1, 2010
  2. Unreal
    Replies:
    4
    Views:
    141
    Unreal
    Sep 11, 2004
  3. Homer J.
    Replies:
    3
    Views:
    134
    Homer J.
    Nov 14, 2004
  4. Hal Vaughan
    Replies:
    6
    Views:
    1,094
    Hal Vaughan
    Sep 5, 2005
  5. Replies:
    1
    Views:
    183
Loading...

Share This Page