I implemented data encryption/decryption with RSA. It works if I just encrypt/decrypt locally, however if I send my encrypted data I get BadPaddingException: Data must start with zero.
In order to send my data over network I need to change it from byte array to String (I'm sending it in a header) on the client side and then retrieve it and change it back to byte array on the server side.
Here's my code for local encryption/decryption (I'm using private key to encrypt and public key do decrypt):
// Encryption:
String message = "HELLO";
Cipher rsa = Cipher.getInstance("RSA");
rsa.init(Cipher.ENCRYPT_MODE, privateKey); // privateKey has type java.security.PrivateKey
byte [] encryptedBytes = rsa.doFinal(message.getBytes());
// Decryption:
rsa.init(Cipher.DECRYPT_MODE, publicKey); // type of publicKey: java.security.PublicKey
byte [] ciphertext = rsa.doFinal(encryptedBytes);
String decryptedString = new String(ciphertext, "UTF-8");
DecryptedString and message are the same and everything works fine.
Then I use the same code on the client side just for encryption plus I change ciphertext to a String using:
String encryptedString = new String(ciphertext, "UTF-8");
And on the server side I do:
String message = request.getHeader("Message");
byte [] msgBytes = message.getBytes("UTF-8");
Cipher rsa = Cipher.getInstance("RSA");
rsa.init(Cipher.DECRYPT_MODE, publicKey);
byte [] decryptedMsg = rsa.doFinal(msgBytes);
String decryptedString = new String(decryptedMsg, "UTF-8");
This doesn't work and I get BadPaddingException.
I have tried using different instance of cipher, e.g. "RSA/ECB/PKCS1Padding" or "RSA/ECB/NoPadding" but this didn't help. I also tried converting Strings using BASE64 but then I get a different exception: IllegalBlockSizeException.
I know I probably do sth wrong with converting Strings into byte arrays and vice versa, but I just can't figure out the correct way of doing that. Please help!
You can't just convert arbitrary binary data (the encrypted text) into a String. If you want to send the data as text, you need to use some sort of binary -> text encoding like Base64.
Related
I have below ASP code to encrypt and decrypt in asp. It works fine. I want string to be encrypted in asp and decrypt it in java.
set obj=Server.CreateObject("System.Security.Cryptography.RijndaelManaged")
Set endocde = Server.CreateObject("System.Text.endocdeEncoding")
un = endocde.GetBytes_4("Test Encryption")
obj.key = endocde.GetBytes_4("SomeRandomKey")
obj.iv = endocde.GetBytes_4("SomeRandomIv")
set enc=obj.CreateEncryptor()
uncUn=enc.TransformFinalBlock((un),0,lenb(un))
eUn=endocde.GetString((uncUn))
set dec=obj.CreateDecryptor()
byted=dec.TransformFinalBlock((uncUn),0,lenb(uncUn))
sd=endocde.GetString((byted))
I tried encrypted string to be decrypted using below code in java but doesnt work. I tried sending encrypted data in UTF8/Base64 but doesnt work. Please help.
String iv = "sameIVasASP";
String key = "sameKeyasASP";
IvParameterSpec iv = new IvParameterSpec(iv.getBytes("UTF-8"));
SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "Rijndael");
Cipher cipher = Cipher.getInstance("Rijndael/CBC/PKCS5PADDING");
cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv);
byte[] decode = Base64.getDecoder().decode(<encrpted string>);
System.out.println( new String(cipher.doFinal(decode)).getBytes("UTF-8"));
How to encode/decode UTF-8 string to base64 in c#:
byte[] bytes = Encoding.UTF8.GetBytes("string-to-encode");
string base64 = Convert.ToBase64String(bytes);
How to encode/decode UTF-8 string to base64 in Java
Java8 version:
byte[] decodedBytes = Base64.getDecoder().decode(base64encodedstring);
Pre-Java8 example (with Base64 class of Commons Codec):
byte[] decodedBytes = Base64.decodeBase64(encodedBytes);
(In Java you have many option to do that (not just these), if you are using at least Java8, there is a built in class for that, for previous versions I usually use the Base64 class in Apache Commons Codec)
I'm writing a program to encrypt and decrypt data.
for encrypting,
I created a symmetric key using keyGenerator.
I transferred the key to the cipher, and created a string version of the key:
String keyString = Base64.getEncoder().encodeToString(symmetricKey.getEncoded());
in order to store it in a configuration file (so I can retrieve the key in the decrypt function).
Now, in the decrypt function I need to get that string back to key format, so I can send it as a parameter to the cipher in dercypt mode.
I convert it back to key this way:
byte[] keyBytes = key.getBytes(Charset.forName("UTF-8"));
Key newkey = new SecretKeySpec(keyBytes,0,keyBytes.length, "AES");
And I transffer it to the cipher and write the output (the decrypted data) using CipherInputStream:
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, newkey, newiv, SecureRandom.getInstance("SHA1PRNG"));
CipherInputStream cipherInputStream = new CipherInputStream(
new ByteArrayInputStream(encryptedBytes), cipher);
ArrayList<Byte> decryptedVal = new ArrayList<>();
int nextByte;
while ((nextByte = cipherInputStream.read()) != -1) {
decryptedVal.add((byte) nextByte);
}
byte[] bytes = new byte[decryptedVal.size()];
for (int i = 0; i < bytes.length; i++) {
bytes[i] = decryptedVal.get(i);
}
String decryptedData = new String(bytes);
cipherInputStream.close();
System.out.println("decryptedData: " + decryptedData);
I get this error:
Exception in thread "main" java.io.IOException: javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.
So I suspect that there might be a problem with the way I treat the key.
Any suggestions? help would be appreciated!
I think you have not sent IV to decryption function. For decryption in CBC mode, you must provide an IV which is used in encryption process.
Update:
IV will affect only first block in CBC decryption mode. So my answer may affect the unpadding if your data is less than 1 block. It will just change the decrypted plaintext of the first block otherwise.
Of course you get this error: first you apply base 64 encoding:
String keyString = Base64.getEncoder().encodeToString(symmetricKey.getEncoded());
and then you use character-encoding to turn it back into bytes:
byte[] keyBytes = key.getBytes(Charset.forName("UTF-8"));
which just keeps be base64 encoding, probably expanding the key size from 16 bytes to 24 bytes which corresponds with a 192 bit key instead of a 128 bit key. Or 24 bytes key to a 32 bytes key of course - both seem to work.
To solve this you need to use Base64.getDecoder() and decode the key.
Currently you get a key with a different size and value. That means that each block of plaintext, including the last one containing the padding, will decrypt to random plaintext. As random plaintext is unlikely to contain valid padding, you will be greeted with a BadPaddingException.
Reminder:
encoding, e.g. base 64 or hex: encoding bytes to a text string
character-encoding, e.g. UTF-8 or ASCII: encoding a text string into bytes
They are not opposites, that would be decoding and character-decoding respectively.
Remarks:
yes, listen to Ashfin; you need to use a random IV during encryption and then use it during decryption, for instance by prefixing it to the ciphertext (unencrypted);
don't use ArrayList<Byte>; that stores a reference to each separate byte (!) - use ByteArrayOutputStream or any other OutputStream instead;
you can better use a byte buffer and use that to read / write to the streams (note that the read function may not fill the buffer, even if at the start or in the middle of the stream) - reading a single byte at the time is not performant;
lookup try-with-resources for Java;
using a KeyStore may be better than storing in a config file;
GCM mode (AES/GCM/NoPadding) also authenticates data and should be preferred over CBC mode.
I am receiving encrypted message from server. They are using the following code for encryption
public static String encrypt(String plaintext, String key) throws Exception {
byte[] pk = Hex.decodeHex(key.toCharArray());
X509EncodedKeySpec spec = new X509EncodedKeySpec(pk);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PublicKey pubKey = keyFactory.generatePublic(spec);
cipher.init(Cipher.ENCRYPT_MODE, pubKey);
byte[] encrypted = cipher.doFinal(plaintext.getBytes());
return Hex.encodeHexString(encrypted);
}
My doubt is, they are using Hex.encodeHexString(encrypted). why they are using this line of code? I know it converts an array of bytes into an array of characters representing the hexadecimal values of each byte in order. can't they send the encrypted text directly with out using Hex.encodeHexString? Can any one please give any idea?
Encrypted data is an array of arbitrary bytes. If it has to be passed by means supporting only printable strings such as XML or JSON this will be a problem. In order to deal with that binary data is encoded to form a printable string. However, Base64 encoding is used more often for this purpose.
Then prior to decrypting string has to be converted back to byte array with Hex.decode().
I have an Android app that uses a webservice in an asp.net web application. This web service requires a username and encrypted password.
The problem is that the password decrypted by the vb.net function is not the same that the original password encrypted by the java function.
These are the functions:
java
public String encrypt(String password, String key, String VecI) throws GeneralSecurityException, UnsupportedEncodingException{
byte[] sessionKey = key.getBytes();
byte[] iv = VecI.getBytes() ;
byte[] plaintext = password.getBytes();
Cipher cipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(sessionKey, "DES"), new IvParameterSpec(iv));
byte[] ciphertext = cipher.doFinal(plaintext);
String resp = ciphertext.toString();
return resp;
}
vb.net
Public Shared Function decrypt(Byval encrypted_password As String, ByVal key As String, ByVal VecI As String) As String
Dim plaintext() As Byte= Convert.FromBase64String(encrypted_password)
Dim keys() As Byte = Encoding.ASCII.GetBytes(key)
Dim memdata As New MemoryStream
Dim transforma As ICryptoTransform
Dim des As New DESCryptoServiceProvider
des.Mode = CipherMode.CBC
transforma = des.CreateEncryptor(keys, Encoding.ASCII.GetBytes(VecI))
Dim encstream As New CryptoStream(memdata, transforma, CryptoStreamMode.Write)
encstream.Write(plaintext, 0, plaintext.Length)
encstream.FlushFinalBlock()
encstream.Close()
Return Encoding.ASCII.GetString(memdata.ToArray)
End Function
Please, help me.
Thank`s.
Server side you're expecting a Base64 encoded string, which you're then converting to a byte array:
Dim plaintext() As Byte= Convert.FromBase64String(encrypted_password)
You should be doing the opposite of this on Android (converting the byte array to a Base64 string). Instead you're just calling toString on a byte[], which definitely won't give you what you want.
You can get the Base64 encoded string from your byte array as follows:
String resp = Base64.encode(cipherText, Base64.DEFAULT);
You can have a look at the Base64 docs for more information. You may have to play around with the flags supplied.
Another thing to consider is the fact that you're expecting everything to be in ASCII encoding. String.getBytes() returns characters encoded using the systems default charset. Passwords may be input using non-ASCII characters, such as é or ¥, and this could introduce subtle bugs. I'd recommend switching everything over to UTF-8 - server-side and client side (that means changing getBytes() to getBytes("UTF-8"), and Encoding.ASCII to Encoding.UTF8).
As an aside, creating a String from a byte array in Java is done using new String(someByteArray, "UTF-8") - or whatever the encoding you're using is.
I am trying to encrypt and decrypt a message as mentioned in the below code. Basically I want to encrypt a message with a public key and convert that encrypted message from byte array to String. And decrypt this string into original text. Here are the both methods. Here encryption works fine but decryption fails (error is "Data must start with zero"). I think this is causing because I convert encrypted byte array into String.
How do I solve this? (I want to have encrypted byte array as string and use it for decryption) Is there any other approach (with public and private keys)
public static String getEncryptedMessage(String publicKeyFilePath,
String plainMessage) {
byte[] encryptedBytes;
try {
Cipher cipher = Cipher.getInstance("RSA");
byte[] publicKeyContentsAsByteArray = getBytesFromFile(publicKeyFilePath);
PublicKey publicKey = getPublicKey(publicKeyContentsAsByteArray);
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
encryptedBytes = cipher.doFinal(plainMessage.getBytes());
return new String(encryptedBytes);
} catch (Throwable t) {
}
}
public static String getDecryptedMessage(
String privateKeyFilePath, String encryptedMessage)
{
byte[] decryptedMessage;
try {
Cipher cipher = Cipher.getInstance("RSA");
byte[] privateKeyContentsAsByteArray = getBytesFromFile(privateKeyFilePath);
PrivateKey privateKey = getPrivateKey(privateKeyContentsAsByteArray);
cipher.init(Cipher.DECRYPT_MODE, privateKey);
decryptedMessage = cipher.doFinal(encryptedMessage.getBytes());
return new String(decryptedMessage);
} catch (Throwable t) {
}
If you look at this page (http://www.wikijava.org/wiki/Secret_Key_Cryptography_Tutorial) you will need to do base-64 encoding to turn the bytes into a string, then to decrypt it you would just decode it then decrypt.
Base-64 encoding uses the first 7 bits of a byte, to make something that is printable or emailable, for example.
UPDATE:
I made a mistake, there are 64 characters that it would be encoded in, again, in order to make it easier to use as something printable.
Why don't you treat the message as byte array from encryption to decryption? Why changing it to String in the middle? (I know it seems like a question, but it's actually an answer...)
Using RSA directly on unformatted data may leave your application vulnerable to an adaptive chosen ciphertext attack. For details please see Chapter 8, pages 288-289, of the Handbook of Applied Cryptography, a freely-available book from CRC Press. (It's well worth buying the bound edition, if you're really interested in cryptography -- you'll be stunned at the quality for the price.)
Because of this attack, most protocols that integrate RSA use RSA for encrypting randomly-generated session keys or signing hash functions with outputs that ought to be indistinguishable from random, OR using very carefully formatted messages that will fail to be correctly interpreted. (See Note 8.63 in HAC for details.)