Databases
StackOverflow2013
Postsdbo
POHow to implement Java 256-bit AES encryption with CBC
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POHow to implement Java 256-bit AES encryption with CBC
    text
    copied!<p>I've read the following threads and they've helped a little, but I'm looking for a little more info.</p> <p><a href="https://stackoverflow.com/questions/915786/how-to-write-aes-cbc-pkcs5padding-encryption-and-decryption-with-initialization-v">How to write AES/CBC/PKCS5Padding encryption and decryption with Initialization Vector Parameter for BlackBerry </a></p> <p><a href="https://stackoverflow.com/questions/992019/java-256bit-aes-encryption">Java 256bit AES Encryption</a></p> <p>Basically, what I am doing is writing a program that will encrypt a request to be sent over TCP/IP, and then decrypted by a server program. The encryption will need to be AES, and doing some research I found out I need to use CBC and PKCS5Padding. So basically I need a secret key and an IV as well. </p> <p>The application I'm developing is for a phone, so I want to use the java security packages to keep the size down. I've got the design done, but unsure of the implementation of the IV and the shared key.</p> <p>Here's some code:</p> <pre><code>// My user name byte[] loginId = "login".getBytes(); byte[] preSharedKey128 = "ACME-1234AC".getBytes(); byte[] preSharedKey192 = "ACME-1234ACME-1234A".getBytes(); // 256 bit key byte[] preSharedKey256 = "ACME-1234ACME-1234ACME-1234".getBytes(); byte[] preSharedKey = preSharedKey256; // Initialization Vector // Required for CBC byte[] iv ={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}; IvParameterSpec ips = new IvParameterSpec(iv); byte[] encodedKey = new byte[loginId.length + preSharedKey.length]; System.arraycopy(loginId, 0, encodedKey, 0, loginId.length); System.arraycopy(preSharedKey, 0, encodedKey, loginId.length, preSharedKey.length); // The SecretKeySpec provides a mechanism for application-specific generation // of cryptography keys for consumption by the Java Crypto classes. // Create a key specification first, based on our key input. SecretKey aesKey = new SecretKeySpec(encodedKey, "AES"); // Create a Cipher for encrypting the data using the key we created. Cipher encryptCipher; encryptCipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); // Initialize the Cipher with key and parameters encryptCipher.init(Cipher.ENCRYPT_MODE, aesKey, ips); // Our cleartext String clearString = "33,8244000,9999,411,5012022517,0.00,0,1,V330"; byte[] cleartext = clearString.getBytes(); // Encrypt the cleartext byte[] ciphertext = encryptCipher.doFinal(cleartext); // Now decrypt back again... // Decryption cipher Cipher decryptCipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); // Initialize PBE Cipher with key and parameters decryptCipher.init(Cipher.DECRYPT_MODE, aesKey, ips); // Decrypt the cleartext byte[] deciphertext = decryptCipher.doFinal(ciphertext); </code></pre> <p>In a nutshell what it should do is encrypt some message that can decrypted by the server without the server needing to get a key or IV from the phone. Is there a way I could do this where I could secure the IV and key on the phone, and still have the key and IV known by the server as well? Feel free to tell me to make things more clear if they're not.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload