I have some Java functions for doing AES encryption, one for a string, and one for a file
private static final String AES_CIPHER_METHOD = "AES";
public static SecretKeySpec createAesKeySpec(byte[] aesKey) {
return new SecretKeySpec(aesKey, AES_CIPHER_METHOD);
}
public static String aesEncrypt(String data, SecretKeySpec aesKeySpec) throws EncryptionException {
try {
Cipher aesCipher = Cipher.getInstance(AES_CIPHER_METHOD);
aesCipher.init(Cipher.ENCRYPT_MODE, aesKeySpec);
byte[] encVal = aesCipher.doFinal(data.getBytes("UTF8"));
return new BASE64Encoder().encode(encVal);
} catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException | IOException | BadPaddingException| IllegalBlockSizeException e) {
throw new EncryptionException(e.getMessage(), e);
}
}
public static void aesEncryptFile(File in, File out, SecretKeySpec aesKeySpec) throws EncryptionException {
try {
Cipher aesCipher = Cipher.getInstance(AES_CIPHER_METHOD);
aesCipher.init(Cipher.ENCRYPT_MODE, aesKeySpec);
try (InputStream inputStream = new FileInputStream(in)) {
try (OutputStream outputStream = new CipherOutputStream(new FileOutputStream(out), aesCipher)){
IOUtils.copy(inputStream, outputStream);
}
}
} catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException | IOException e){
throw new EncryptionException(e.getMessage(), e);
}
}
I also have some tests to output some test data
private static final String KEY_STRING = "DpiA4l0gvb7biWZtiN6Vjg==";
private SecretKeySpec createKeySpec() {
byte[] keyBytes = new Base64().decode(KEY_STRING.getBytes());
return EncryptionUtils.createAesKeySpec(keyBytes);
}
public void testAesEncryptString() throws EncryptionException {
String encryptedData = EncryptionUtils.aesEncrypt("A normal string", createKeySpec());
System.out.println(encryptedData); //outputs 3XLwlSHWLm98teIoIS6QTA==
}
public void testAesEncryptStringFile() throws EncryptionException, IOException {
File newFile = new File(FilenameUtils.concat(System.getProperty("java.io.tmpdir"), "myFile.txt"));
FileUtils.writeStringToFile(newFile, "A string in a file");
File encryptedFile = new File(FilenameUtils.concat(System.getProperty("java.io.tmpdir"), "myFile_encrypted.txt"));
EncryptionUtils.aesEncryptFile(newFile, encryptedFile, createKeySpec());
}
I now need to implement decryption in javascript.
I have managed to successfully decrypt the plain string using crypto-js, however, I just cant get the file part working, and I cant quite see what is wrong
var base64Key = "DpiA4l0gvb7biWZtiN6Vjg==";
var key = CryptoJS.enc.Base64.parse(base64Key);
var aesOptions = {
mode: CryptoJS.mode.ECB,
padding: CryptoJS.pad.Pkcs7
};
var decryptedData = CryptoJS.AES.decrypt( "3XLwlSHWLm98teIoIS6QTA==", key, aesOptions);
var decryptedText = decryptedData.toString( CryptoJS.enc.Utf8 );
console.log( "decryptedText = " + decryptedText ); //CORRECT outputs "A normal string"
var encryptedFilename = "https://dl.dropboxusercontent.com/u/30823828/myFile_encrypted.txt";
$.get(encryptedFilename, function(data){
console.log("encrypted file content", data);
var encryptedData = CryptoJS.enc.Base64.parse(data);
var decryptedData = CryptoJS.AES.decrypt( encryptedData, key, aesOptions);
var decryptedText = decryptedData.toString( CryptoJS.enc.Utf8 );
console.log( "decrypted file content = " + decryptedText ); //INCORRECT outputs "" SHOULD output "A string in a file"
});
link to jsfiddle - http://jsfiddle.net/pKNzV/46/
after a lot of trial and error, I was able to get this working.
the function base64ArrayBuffer comes from the following - https://gist.github.com/jonleighton/958841
var base64Key = "DpiA4l0gvb7biWZtiN6Vjg==";
var key = CryptoJS.enc.Base64.parse(base64Key);
var aesOptions = {
mode: CryptoJS.mode.ECB,
padding: CryptoJS.pad.Pkcs7
};
var encryptedFilename = "https://dl.dropboxusercontent.com/u/30823828/myFile_encrypted.txt";
var oReq = new XMLHttpRequest();
oReq.open("GET", encryptedFilename, true);
oReq.responseType = "arraybuffer";
oReq.onload = function (oEvent) {
var data = oReq.response;
if (data) {
encodedData = base64ArrayBuffer(data);
var decryptedData = CryptoJS.AES.decrypt( encodedData, key, aesOptions);
var decryptedText = decryptedData.toString( CryptoJS.enc.Utf8 );
console.log( "decryptedText = " + decryptedText );
console.log("file decrypt successful: ", "A string in a file" === decryptedText);
}
};
oReq.send(null);
Related
Here is my AES Library in Java:
public class AESUtil {
private SecretKeySpec secretKey;
public static void main(String[] args) {
String str = args[1];
String salt = args[2];
AESUtil aesUtil = new AESUtil();
if (args[0].equals("D")) {
//Going to Decrypt
System.out.println(aesUtil.decrypt(str, salt));
} else {
//Going to Encrypt
System.out.println(aesUtil.encrypt(str, salt));
}
}
public String encrypt(final String strToEncrypt, final String secret) {
try {
setKey(secret);
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
return Base64.getEncoder()
.encodeToString(cipher.doFinal(strToEncrypt.getBytes(StandardCharsets.UTF_8)));
} catch (Exception e) {
System.out.println("Error while encrypting: " + e.toString());
}
return null;
}
public String decrypt(final String strToDecrypt, final String secret) {
try {
setKey(secret);
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5PADDING");
cipher.init(Cipher.DECRYPT_MODE, secretKey);
return new String(cipher.doFinal(Base64.getDecoder()
.decode(strToDecrypt)));
} catch (Exception e) {
System.out.println("Error while decrypting: " + e.toString());
}
return null;
}
private void setKey(final String myKey) {
MessageDigest sha = null;
try {
byte[] key = myKey.getBytes(StandardCharsets.UTF_8);
sha = MessageDigest.getInstance("SHA-1");
key = sha.digest(key);
key = Arrays.copyOf(key, 16);
secretKey = new SecretKeySpec(key, "AES");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
}
}
Here is my Decryption Logic in Javascript using CryptoJS lib:
function decrypt() {
var hashedKey = CryptoJS.SHA1(CryptoJS.enc.Utf8.parse(document.getElementById("pass").value));
console.log(hashedKey)
var encryptedCipherText = document.getElementById("text").value;
console.log(encryptedCipherText)
var decryptedData = CryptoJS.AES.decrypt(encryptedCipherText, hashedKey,
{
mode: CryptoJS.mode.ECB,
padding: CryptoJS.pad.Pkcs7
})
console.log(decryptedData)
var decryptedText = decryptedData.toString(CryptoJS.enc.Utf8);
console.log(decryptedText)
document.getElementById("decrypted").innerHTML = decryptedText;
document.getElementById("result").innerHTML = '';
}
In Java:
For:
Plain Text: This Value is to Encrypt
Secret: shh!
Encrypted Value: i8DHmeHuoQWv3rwZ+cybgSdSkyUX7MAcU54NUf2iyxU=
However when putting the same value in Javascript:
I have a high suspect on SHA1 logic i have in Java, that might be causing the issue. But not sure on how to validate that.
For encrypting files I use PKCS # 7 and the Javascript bundle forge.pki.
var forge = require('node-forge');
var contentBuffer = forge.util.createBuffer( forge.util.decode64( "fasdasd asdasdasda" ));
var cert = forge.pki.certificateFromPem(certPem);
var p7 = forge.pkcs7.createEnvelopedData();
p7.addRecipient(cert);
p7.content = contentBuffer;
console.log("Encrypt...");
p7.encrypt();
var asn1Cert = p7.toAsn1();
var derBuffer = forge.asn1.toDer(asn1Cert);
var p7mContent = derBuffer.toHex();
console.log(p7mContent);
I copy the hex value into my Java class as a string constant. Java saves then converts this into a .p7m file and stores it locally for me.
public void writeDocumentContent(String filename) throws Exception {
byte[] encryptedMessage = getP7MBytes(hex);
InputStream inputStream = new ByteArrayInputStream(encryptedMessage);
handleTransfer(inputStream, TransferKanal.HTML5);
}
private static byte[] getP7MBytes(String p7m) {
int len = p7m.length();
byte[] data = new byte[len / 2];
for (int i = 0; i < len; i += 2) {
data[i / 2] = (byte) ((Character.digit(p7m.charAt(i), 16) << 4) + Character.digit(p7m.charAt(i + 1), 16));
}
return data;
}
private void handleTransfer(InputStream inputStream, TransferKanal kanal) throws Exception {
String path = "C:TEMP/padline";
createDirectory(path);
String filename = "example." + kanal.getFileExtension();
File targetFile = new File(path, filename);
provideTransferData(inputStream, targetFile);
}
private void provideTransferData(InputStream inputStream, File targetFile) throws Exception {
try (InputStream bInputStream = new BufferedInputStream(inputStream, 20 * 8192)) {
provide(bInputStream, targetFile);
} catch (IOException e) {
throw new Exception("error while reading/writing transfer data", e);
}
}
private boolean createDirectory(String directory) {
File file = new File(directory);
if (!file.exists()) {
file.mkdirs();
return true;
}
return false;
}
private void provide(InputStream is, File finalFile) throws Exception {
try {
File destFile = new File(finalFile.getAbsolutePath());
FileOutputStream buffer = null;
try {
buffer = new FileOutputStream(destFile);
int nRead;
byte[] buf = new byte[2 * 16384];
while ((nRead = is.read(buf, 0, buf.length)) != -1) {
buffer.write(buf, 0, nRead);
}
} catch (Exception e) {
throw new Exception("provision location corrupted", e);
} finally {
if (buffer != null) {
buffer.close();
}
}
} catch (IOException e) {
throw new Exception("error copying file", e);
}
}
Before, I create a bundle of the certificate and the private key via openSSL with following command:
openssl pkcs12 -export -inkey private.key -in public.cert -out certificate.pfx
and imported it into Kleopatra as a .pfx file. Then I have the generated (encrypted) p7m file to decrypt in Cleopatra and pushed the following error message:
Decryption failed: invalid data
I'm very new in programming with Javascript and stuck in encoding my data.
I have done this as per need in my Android App, but could not able to do the same in JavaScript for my web portal.
The code which I'm using in Android App:
public void encryptdata(byte[] data) {
Encrypter encrypter = new Encrypter();
HashGenerator hashGenerator = new HashGenerator();
try {
byte[] e = encrypter.generateSessionKey();
byte[] encryptedData = encrypter.encryptUsingSessionKey(e, data);
byte[] hmac = hashGenerator.generateSha256Hash(data);
byte[] encryptedHmacBytes = encrypter.encryptUsingSessionKey(e, hmac);
this.encodedSessionKey = encodeBase64(e);
this.encodedHmac = encodeBase64(encryptedHmacBytes);
this.encodedData = encodeBase64(encryptedData);
} catch (Exception var6) {
var6.printStackTrace();
throw new RuntimeException(var6);
}
}
Encrypter.java
class Encrypter {
private static final String JCE_PROVIDER = "BC";
private static final int SYMMETRIC_KEY_SIZE = 256;
Encrypter() {
}
public byte[] generateSessionKey() throws NoSuchAlgorithmException, NoSuchProviderException {
KeyGenerator kgen = KeyGenerator.getInstance("AES", "BC");
kgen.init(256);
SecretKey key = kgen.generateKey();
byte[] symmKey = key.getEncoded();
return symmKey;
}
public byte[] encryptUsingSessionKey(byte[] skey, byte[] data) throws InvalidCipherTextException {
PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new AESEngine(), new PKCS7Padding());
cipher.init(true, new KeyParameter(skey));
int outputSize = cipher.getOutputSize(data.length);
byte[] tempOP = new byte[outputSize];
int processLen = cipher.processBytes(data, 0, data.length, tempOP, 0);
int outputLen = cipher.doFinal(tempOP, processLen);
byte[] result = new byte[processLen + outputLen];
System.arraycopy(tempOP, 0, result, 0, result.length);
return result;
}
static {
Security.addProvider(new BouncyCastleProvider());
}
}
HashGenerator.java
class HashGenerator {
public HashGenerator() {
}
public byte[] generateSha256Hash(byte[] message) {
String var2 = "SHA-256";
String var3 = "BC";
byte[] var4 = null;
try {
MessageDigest var7 = MessageDigest.getInstance(var2, var3);
var7.reset();
var4 = var7.digest(message);
} catch (Exception var6) {
var6.printStackTrace();
}
return var4;
}
}
These piece of code encoding the data and giving me HMAC as per my need, but I am not able to do same with JavaScript.
Can anyone give any reference or code on for JavaScript client.
Any help will be appreciated.
Thanks for down-voting the question, may be a not great question, but here I done it myself
this.doEncryption = function (data) {
var key = btoa(this.generateRandomString());
var Encryptionkey = CryptoJS.enc.Base64.parse(key);
var encryptedPid = CryptoJS.AES.encrypt(data,Encryptionkey,{ mode: CryptoJS.mode.ECB, padding: CryptoJS.pad.Pkcs7});
var sha256 = CryptoJS.SHA256(data);
var encryptedHmac = CryptoJS.AES.encrypt(sha256,Encryptionkey,{ mode: CryptoJS.mode.ECB, padding: CryptoJS.pad.Pkcs7});
return {
encryptionKey : key,
encryptedPid : encryptedPid.toString(),
encryptedHmac : encryptedHmac.toString()
};
The Full code of my Java Encryption/Decryption algorithm:
public class AESEncryptUtil {
private static AESEncryptUtil instance = new AESEncryptUtil();
private String password = "123456";
private Key key;
private Cipher cipher;
public AESEncryptUtil(){
try {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128, new SecureRandom(password.getBytes()));
SecretKey secretKey = kgen.generateKey();
byte[] enCodeFormat = secretKey.getEncoded();
key = new SecretKeySpec(enCodeFormat, "AES");
cipher = Cipher.getInstance("AES");
} catch (Exception e) {
e.printStackTrace();
}
}
public static byte[] encrypt(String content) throws Exception {
byte[] byteContent = content.getBytes("utf-8");
instance.cipher.init(Cipher.ENCRYPT_MODE, instance.key);
byte[] result = instance.cipher.doFinal(byteContent);
return result;
}
public static byte[] decrypt(byte[] content) throws Exception {
instance.cipher.init(Cipher.DECRYPT_MODE, instance.key);
byte[] result = instance.cipher.doFinal(content);
return result;
}
public static String parseByte2HexStr(byte buf[]) {
StringBuffer sb = new StringBuffer();
for (int i = 0; i < buf.length; i++) {
String hex = Integer.toHexString(buf[i] & 0xFF);
if (hex.length() == 1) {
hex = '0' + hex;
}
sb.append(hex.toUpperCase());
}
return sb.toString();
}
public static byte[] parseHexStr2Byte(String hexStr) {
if (hexStr.length() < 1)
return null;
byte[] result = new byte[hexStr.length() / 2];
for (int i = 0; i < hexStr.length() / 2; i++) {
int high = Integer.parseInt(hexStr.substring(i * 2, i * 2 + 1), 16);
int low = Integer.parseInt(hexStr.substring(i * 2 + 1, i * 2 + 2),
16);
result[i] = (byte) (high * 16 + low);
}
return result;
}
public static String getNonce() {
String base = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
Random random = new Random();
StringBuffer sb = new StringBuffer();
for (int i = 0; i < 16; i++) {
int number = random.nextInt(base.length());
sb.append(base.charAt(number));
}
return sb.toString();
}
public static void main(String[] args) throws Exception {
String content = "test";
System.out.println("content: " + content);
byte[] encryptResult = encrypt(content);
String encryptResultStr = parseByte2HexStr(encryptResult);
System.out.println("encryptResultStr: " + encryptResultStr);
byte[] decryptFrom = parseHexStr2Byte(encryptResultStr);
byte[] decryptResult = decrypt(decryptFrom);
System.out.println("decryptResult: " + new String(decryptResult));
}
}
I've tried many times and many ways to match the Java algorithm, but the result are always different. Which module should I use to do this ? Can anyone help me to deal it ? Thanks a lot !
I found the right way to match two algorithm:
Java part:
public static String encrypt() throws Exception {
try {
String data = "123456";
String key = "1234567812345678";
String iv = "1234567812345678";
Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
int blockSize = cipher.getBlockSize();
byte[] dataBytes = data.getBytes();
int plaintextLength = dataBytes.length;
if (plaintextLength % blockSize != 0) {
plaintextLength = plaintextLength + (blockSize - (plaintextLength % blockSize));
}
byte[] plaintext = new byte[plaintextLength];
System.arraycopy(dataBytes, 0, plaintext, 0, dataBytes.length);
SecretKeySpec keyspec = new SecretKeySpec(key.getBytes(), "AES");
IvParameterSpec ivspec = new IvParameterSpec(iv.getBytes());
cipher.init(Cipher.ENCRYPT_MODE, keyspec, ivspec);
byte[] encrypted = cipher.doFinal(plaintext);
return new sun.misc.BASE64Encoder().encode(encrypted);
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
public static String desEncrypt() throws Exception {
String encrypted = encrypt() ;
try
{
String data = encrypted ;
String key = "1234567812345678";
String iv = "1234567812345678";
byte[] encrypted1 = new BASE64Decoder().decodeBuffer(data);
Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
SecretKeySpec keyspec = new SecretKeySpec(key.getBytes(), "AES");
IvParameterSpec ivspec = new IvParameterSpec(iv.getBytes());
cipher.init(Cipher.DECRYPT_MODE, keyspec, ivspec);
byte[] original = cipher.doFinal(encrypted1);
String originalString = new String(original);
return originalString;
}
catch (Exception e) {
e.printStackTrace();
return null;
}
}
React native part:
pre coding: npm install crypto-js
import CryptoJS from 'crypto-js' ;
encryptFun() {
var data = "123456";
var key = CryptoJS.enc.Latin1.parse('1234567812345678');
var iv = CryptoJS.enc.Latin1.parse('1234567812345678');
var encrypted = CryptoJS.AES.encrypt(
data,
key,
{iv:iv,mode:CryptoJS.mode.CBC,padding:CryptoJS.pad.ZeroPadding
});
console.log('encrypted: ' + encrypted) ;
var decrypted = CryptoJS.AES.decrypt(encrypted,key,{iv:iv,padding:CryptoJS.pad.ZeroPadding});
console.log('decrypted: '+decrypted.toString(CryptoJS.enc.Utf8));
}
the result :
encrypted: aK7+UX24ttBgfTnAndz9aQ==
decrypted: 123456
I hope my code would help someone:)
I am trying to encrypt/decrypt using AES256 using Java for encryption and CryptoJS for decryption. Encryption is tested in Java is working fine but the decryption method in JavaScript is returning an empty string. Please note in order to test JavaScript I printed out in tmp file the values for data, IV and salt and then hardcoded in JS. (Note: format in file is: data (byte[] base64) , Iv(string base64) and salt(string base64) ).
Here is the code in java:
public byte[] encrypt(String plainText) throws Exception {
//get salt
salt = generateSalt();
byte[] saltBytes = salt.getBytes("UTF-8");
// Derive the key
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
PBEKeySpec spec = new PBEKeySpec(
password.toCharArray(),
saltBytes,
pswdIterations,
keySize
);
SecretKey secretKey = factory.generateSecret(spec);
SecretKeySpec secret = new SecretKeySpec(secretKey.getEncoded(), "AES");
//encrypt the message
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, secret);
AlgorithmParameters params = cipher.getParameters();
ivBytes = params.getParameterSpec(IvParameterSpec.class).getIV();
byte[] encryptedTextBytes = cipher.doFinal(plainText.getBytes("UTF-8"));
return Base64.encode(encryptedTextBytes);
}
what is wrong with the decryption code in JavaScript below?
// the password that user provides
var userPass = document.getElementById("password").value;
console.log("user pass : " + userPass);
// hash contains 5 bytes
var hashedPass = CryptoJS.SHA1(userPass);
console.log("hashed pass : " + hashedPass.toString(CryptoJS.enc.Base64) + " | array length " + hashedPass.words.length + " | " + typeof(hashedPass));
// use only 4 bytes (128 bits) from the hashed pass
// (same as used in java when encrypting)
/////////////////////////var hashed4bytes = CryptoJS.lib.WordArray.create(hashedPass.words.slice(0,4));
//console.log( "hashed4bytes encoded 64 = " + hashed4bytes.toString(CryptoJS.enc.Base64));
// get the encrypted msg
var encMsg64 = document.getElementById("themessage").innerHTML;
encMsg64 = encMsg64.toString( CryptoJS.enc.Base64);
//var encMsg = CryptoJS.enc.Base64.parse(encMsg64);
var salt =CryptoJS.enc.Base64.parse("EAWnOgxUDuvhWqrSUsugq1umMpI=");
var iv =CryptoJS.enc.Base64.parse("xWpmXNbmbFjmWBUajuWYXQ==");
//var salt = "EAWnOgxUDuvhWqrSUsugq1umMpI=";
//var iv = "xWpmXNbmbFjmWBUajuWYXQ==";
console.log('salt '+ salt );
console.log('iv '+ iv );
var key = CryptoJS.PBKDF2(hashedPass, salt, { keySize: 256/32, iterations: 1000 });
console.log( 'key '+ key);
var decText = '';
var ok = true;
try {
debugger;
var decMsg = CryptoJS.AES.decrypt( encMsg64, key, {
iv:iv,
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.Pkcs7
} );
console.log( "decryptedData = " + decMsg );
// convert to UTF8 string
decText = decMsg.toString( CryptoJS.enc.Utf8 );
console.log( "decryptedText = " + decText );
if (decText == '') {
ok = false;
}
}
catch (e) {
//console.log("Error when decrypting: " + e.message)
ok = false;
}
after mafe the changed issue still persists
Here is complete code after the change
JAVA
public class AES256EncryptionServiceBean implements EncryptionService {
private static final Logger LOGGER = LoggerFactory
.getLogger(AES256EncryptionServiceBean.class);
private String salt = null; //get bytes out of UTF-8 for decryption
private static final int PSWDITERATIONS = 1000;//65536;
private static final int KEYSIZE = 256;
private static final String AES_ALGO = "AES";
private static final String SHA1_ALGO = "PBKDF2WithHmacSHA1";
private static final String AES_CBC_PKCS5_TRANSFORM = "AES/CBC/PKCS5Padding";
private byte[] Iv;
/**
* Encrypts the data with AES-256 algorithm Encrypted data will be encoded
* with base64 algorithm and the returned. Initial vector is being used
* during encryption along with CBC encryption mode.
*
* output format: [algo indicator(1char)][Initialization vector()][salt()][encoded data(variable size)]
*/
#Override
public byte[] encrypt(String password, byte[] data) throws PibException {
byte[] encodedData = null;
try {
byte[] encryptedData = encryptCBC256Bits(password, data);
encodedData = Base64.encodeBase64(encryptedData);
/*String finalStr=null;
String algo256 = "2";
String datastr = Base64.encodeBase64String(encryptedData);
String ivstr = new String(Iv);
finalStr = algo256 +ivstr+salt+datastr;
encodedData = finalStr.getBytes();
*/
} catch (Exception e) {
throw ExceptionFactory.createPibException(
MessageCodes.PIB_ENCRYPTION_FAILED, e, LOGGER);
}
return encodedData;
}
/**
* Encrypts the input data with AES CBC transformation using 256 bits (32
* bytes) Key is generated based on the provided password and random salt.
* Salt is the extra bits added to the password to ensure every key is
* unique SHA1 hashing is also participate in key generation.
*
* #throws PibException
*
*/
private byte[] encryptCBC256Bits(String password, byte[] data)
throws PibException {
salt = generateSalt();
byte[] saltBytes = salt.getBytes(StandardCharsets.UTF_8);
byte[] encryptedTextBytes = null;
// Derive the key
try {
SecretKeyFactory factory = SecretKeyFactory.getInstance(SHA1_ALGO);
// Password based key specification
PBEKeySpec spec = new PBEKeySpec(password.toCharArray(), saltBytes,
PSWDITERATIONS, KEYSIZE);
SecretKey secretKey = factory.generateSecret(spec);
SecretKeySpec secret = new SecretKeySpec(secretKey.getEncoded(),
AES_ALGO);
// encrypt the data
Cipher cipher = Cipher.getInstance(AES_CBC_PKCS5_TRANSFORM);
// SecureRandom random = new SecureRandom();
// byte[] ivTemp = new byte[16];
// random.nextBytes(ivTemp);
cipher.init(Cipher.ENCRYPT_MODE, secret);
AlgorithmParameters params = cipher.getParameters();
Iv = params.getParameterSpec(IvParameterSpec.class).getIV();
encryptedTextBytes = cipher.doFinal(data);
} catch (NoSuchAlgorithmException | InvalidKeySpecException
| NoSuchPaddingException | InvalidKeyException
| InvalidParameterSpecException | IllegalBlockSizeException
| BadPaddingException e) {
throw ExceptionFactory.createPibException(
MessageCodes.PIB_ENCRYPTION_FAILED, e, LOGGER);
}
return encryptedTextBytes;
}
private String generateSalt() {
SecureRandom random = new SecureRandom();
byte bytes[] = new byte[20];
random.nextBytes(bytes);
String s = new String(bytes);
return s;
}
public String getSalt() {
return salt;
}
public byte[] getIv() {
return Iv;
}
}
Javascript
function decryptMsg256() {
// the password that user provides
var userPass = document.getElementById("password").value;
console.log("user pass : " + userPass);
// get the encrypted msg
var encMsg64 = document.getElementById("themessage").innerHTML;
var encMsg = CryptoJS.enc.Base64.parse(encMsg64);
var salt =CryptoJS.enc.Utf8.parse("?E€O5?…°®I^y??O:n");
var iv =CryptoJS.enc.Utf8.parse("S;Ui?¨=ENzI—$");
console.log('salt '+ salt );
console.log('iv '+ iv );
var key = CryptoJS.PBKDF2("password", salt, { keySize: 256/32, iterations: 1000 });
console.log( 'key '+ key);
var decText = '';
var ok = true;
try {
debugger;
var decMsg = CryptoJS.AES.decrypt( encMsg, key, {
iv:iv,
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.Pkcs7
} );
console.log( "decryptedData = " + decMsg );
// convert to UTF8 string
decText = decMsg.toString( CryptoJS.enc.Utf8 );
console.log( "decryptedText = " + decText );
if (decText == '') {
ok = false;
}
}
catch (e) {
//console.log("Error when decrypting: " + e.message)
ok = false;
}
I can not understands what is wrong please help
CipherText,Salt and Iv is retrieved as follows:
public void testEncryption_WriteToFile() throws Exception {
byte[] data = IOUtils.toByteArray(this.getClass().getClassLoader()
.getResourceAsStream(SOME_FILE_NAME));
byte[] encryptedData = this.encryptionService.encrypt(PASSWORD, data);
byte[] initial_vector = ((AES256EncryptionServiceBean) encryptionService)
.getIv();
String salt = ((AES256EncryptionServiceBean) encryptionService)
.getSalt();
IOUtils.write(encryptedData, new FileOutputStream(
"C:\\Temp\\data.encrypted"));
/*IOUtils.write(new String(encryptedData), new FileOutputStream(
"C:\\Temp\\data[byte32string].encrypted"));
*/
IOUtils.write(Base64.encodeBase64String(salt.getBytes(StandardCharsets.UTF_8)), new FileOutputStream(
"C:\\Temp\\salt.encrypted"));
/*IOUtils.write(salt.getBytes(StandardCharsets.UTF_8), new FileOutputStream(
"C:\\Temp\\salt.encrypted"));
*/
IOUtils.write(Base64.encodeBase64String(initial_vector), new FileOutputStream(
"C:\\Temp\\iv.encrypted"));
/*IOUtils.write(initial_vector, new FileOutputStream(
"C:\\Temp\\iv.encrypted"));*/
}
CryptoJS.PBKDF2 uses SHA1 by default. So as long as the same password, salt, keysize and iteration count is supplied, it will produce the same key. The problem is that in JavaScript you additionally hash the password with SHA1. Don't do that and pass the password directly into PBKDF2 in the same way you do this in Java.
The second problem is that the ciphertext should be in the native format of CryptoJS when trying to decrypt. Since you get the base 64 encoded ciphertext from Java, you have to decode it as such. Uncomment the line:
var encMsg = CryptoJS.enc.Base64.parse(encMsg64);
and don't do encMsg64 = encMsg64.toString( CryptoJS.enc.Base64); since this will encode the already encoded ciphertext again.
For the updated code, you cannot print your key and salt simply as a string and expect it to work in JavaScript. Those are byte[] for a reason. They contain unprintable characters which will be lost when you try to parse it in JavaScript. You have to encode all the byte[] values that you want to transport from Java to JavaScript as Base64 and then decode them in JavaScript.