StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POCannot Decrypt AES on Android?
text
Body
copied!<p>I'm a newbie to android dev, right now I implemented an AES on Android and it could encrypt strings with user input passwords. The encryption seems fine and it could omit Base64/Hex encoded strings.</p> <p>But When I try to decrypt it, the problem comes: With the decryption, the omission always showing me a load of messy characters.</p> <p>In order to get rid of it, I've tried debugging it by define a charset (Like UTF-8) while casting from string to byte[], but no hit, and also tried to encode the omit with base 64 or Hex, but both of them failed. </p> <p>I've also tried to define AES/CBC/PKCS5Padding or just AES while using cipher.getInstance method, but still no go.</p> <p>It is quite irritating, could you guys help me please?</p> <p>Forgot to mention that I once asked a similar question <a href="https://stackoverflow.com/questions/6727255/aes-decryption-on-android-not-correct">https://stackoverflow.com/questions/6727255/aes-decryption-on-android-not-correct</a> , the grammer problem there have been corrected.</p> <p>And Here's the code:</p> <p>For Encryption</p> <pre><code>public String AESEncrypt(String sKey, String PlainMsg) throws Exception { //Try use some Android based alert dialog to catch this exception. if (sKey == null) { Log.e("SecureChat", "IllegalArgumentException Catched"); throw new IllegalArgumentException ("NULL Secret NOT ALLOWED!"); } /*Old Method //byte[] rawKey = getRawKey(sKey.getBytes("UTF-8")); byte[] rawKey = getRawKey(sKey.getBytes()); //Encrypt start SecretKeySpec keySpec = new SecretKeySpec(rawKey, "AES"); Cipher cipher = Cipher.getInstance("AES"); cipher.init(Cipher.ENCRYPT_MODE, keySpec); //byte[] cipherText = cipher.doFinal(PlainMsg.getBytes("UTF-8")); byte[] cipherText = cipher.doFinal(PlainMsg.getBytes()); return Base64Encoded(cipherText); */ //New Method byte[] salt = getSalt(); SecretKeyFactory factory = SecretKeyFactory.getInstance("PBEWITHSHA256AND256BITAES-CBC-BC"); KeySpec spec = new PBEKeySpec(sKey.toCharArray(), salt, 1024, 256); SecretKey tmp = factory.generateSecret(spec); SecretKey secret = new SecretKeySpec(tmp.getEncoded(), "AES"); //Encryption Process Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, secret); byte[] cipherText = cipher.doFinal(PlainMsg.getBytes()); //return Base64Encoded(cipherText); //Hex return toHex(cipherText); } </code></pre> <p>For Decryption</p> <pre><code>public String AESDecrypt(String sKey, String EncryptMsg) throws Exception { /*Old Method //byte[] rawKey = getRawKey(sKey.getBytes("UTF-8")); byte[] rawKey = getRawKey(sKey.getBytes()); SecretKeySpec keySpec = new SecretKeySpec(rawKey, "AES"); Cipher cipher = Cipher.getInstance("AES"); cipher.init(Cipher.DECRYPT_MODE, keySpec); //byte[] plainText = Base64Decoded(EncryptMsg.getBytes("UTF-8")); byte[] plainText = Base64Decoded(EncryptMsg); cipher.doFinal(plainText); return new String(plainText, "UTF-8"); */ //New Method byte[] salt = getSalt(); SecretKeyFactory factory = SecretKeyFactory.getInstance("PBEWITHSHA256AND256BITAES-CBC-BC"); KeySpec spec = new PBEKeySpec(sKey.toCharArray(), salt, 1024, 256); SecretKey tmp = factory.generateSecret(spec); SecretKey secret = new SecretKeySpec(tmp.getEncoded(), "AES"); //byte[] bCipherText = Base64Decoded(EncryptMsg); //Hex byte[] bCipherText = toByte(EncryptMsg); Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, secret); cipher.doFinal(bCipherText); return new String(bCipherText); } private byte[] getSalt() throws NoSuchAlgorithmException { /*Mark for old key method //Initialize the KeyGenerator KeyGenerator kgen = KeyGenerator.getInstance("AES"); SecureRandom sr = SecureRandom.getInstance("SHA1PRNG"); sr.setSeed(seed); //Init for 256bit AES key kgen.init(Constants.AES_KEY_SIZE, sr);; SecretKey secret = kgen.generateKey(); //Get secret raw key byte[] rawKey = secret.getEncoded(); return rawKey; */ //New key method with some salt SecureRandom random = SecureRandom.getInstance("SHA1PRNG"); byte[] ransalt = new byte[20]; random.nextBytes(ransalt); return ransalt; } @Override public byte[] getRawKey(byte[] seed) throws Exception { /*Old Method //Initialize the KeyGenerator KeyGenerator kgen = KeyGenerator.getInstance("AES"); SecureRandom sr = SecureRandom.getInstance("SHA1PRNG"); sr.setSeed(seed); //Init for 256bit AES key kgen.init(Constants.AES_KEY_SIZE, sr); SecretKey secret = kgen.generateKey(); //Get secret raw key byte[] rawKey = secret.getEncoded(); return rawKey; */ return null; } /** * * @param toBeDecoded * @return */ public byte[] Base64Decoded(String toBeDecoded) { byte[] decoded = Base64.decode(toBeDecoded, 0); return decoded; } //Hex Mode public String toHex(String txt) { return toHex(txt.getBytes()); } public String fromHex(String hex) { return new String(toByte(hex)); } public byte[] toByte(String hexString) { int len = hexString.length()/2; byte[] result = new byte[len]; for (int i = 0; i < len; i++) result[i] = Integer.valueOf(hexString.substring(2*i, 2*i+2), 16).byteValue(); return result; } public String toHex(byte[] buf) { if (buf == null) return ""; StringBuffer result = new StringBuffer(2*buf.length); for (int i = 0; i < buf.length; i++) { appendHex(result, buf[i]); } return result.toString(); } private final String HEX = "0123456789ABCDEF"; private void appendHex(StringBuffer sb, byte b) { sb.append(HEX.charAt((b>>4)&0x0f)).append(HEX.charAt(b&0x0f)); } } </code></pre> <p>I've referenced/compared with these code on Stackoverflow: <a href="https://stackoverflow.com/questions/5636521/android-aes-encryption-pad-block-corrupted">Android aes encryption pad block corrupted</a> and <a href="https://stackoverflow.com/questions/5279652/incorrect-decryption-using-aes-cbc-pkcs5padding-in-android">incorrect decryption using AES/CBC/PKCS5Padding in Android</a></p> <p>Seems that my problem lies on the charset encoding, but I cannot find out where the problem is.</p> <p>Any comments/answers are very appreciated! Thank you for helping me!</p>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload