Databases
StackOverflow2013
Postsdbo
POJava decryption and encryption compatible with SJCL?
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POJava decryption and encryption compatible with SJCL?
    primarykey
    data
    text
    <p>I need to encrypt &amp; decrypt data with both Java (on Android) and <a href="http://crypto.stanford.edu/sjcl/" rel="noreferrer">SJCL</a> (I could plausibly switch to another JS crypto library, but am familiar with SJCL so would prefer to stick with it if possible).</p> <p>I have the SJCL end working fine, but at the Java end I'm not really sure what parameters I need to use to set up the key generator and cipher. The code I have so far for decryption is:</p> <pre><code>SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256"); KeySpec spec = new PBEKeySpec(password.toCharArray(), salt, 1024, 256); SecretKey tmp = factory.generateSecret(spec); SecretKey secret = new SecretKeySpec(tmp.getEncoded(), "AES"); Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); cipher.init(Cipher.DECRYPT_MODE, secret, new IvParameterSpec(iv)); String plaintext = new String(cipher.doFinal(ciphertext), "UTF-8"); return plaintext; </code></pre> <p>Where salt, iv and ciphertext are extracted as strings from the JSON object produced by SJCL and then decoded using a Base64 decoder to byte arrays.</p> <p>Unfortunately, I have a few problems with this and the code above doesn't work.</p> <p>The first problem I have is that PBKDF2WithHmacSHA256 doesn't seem to be a recognised key generation algorithm. I'm not entirely sure that this is what I want, but it appears to be right based on reading the SJCL documentation? Java does recognise PBKDF2WithHmacSHA1, but this doesn't seem to be the same algorithm SJCL implements.</p> <p>Secondly, if I try using the SHA1 key algorithm, I get an error about invalid key size. Do I need to install something to enable AES with 256-bit keys? Telling the key factory to produce a 128-bit key works OK (although obviously is not compatible with SJCL, which is using a 256-bit key).</p> <p>Thirdly, what cipher mode should I be using? I'm pretty sure CBC isn't right... SJCL's documentation mentions both CCM and OCB, but Java doesn't seem to support either of these out of the box -- again, do I need to install something to make this work? And which one does SJCL default to?</p> <p>And finally, even if I pick parameters that make Java not complain about missing algorithms, it complains that the IV provided by decoding the SJCL output is the wrong length, which it certainly appears to be: there are 17 bytes in the resulting output, not 16 as is apparently required by AES. Do I just ignore the last byte?</p>
    singulars
    1. PO
      singulars
      1. PTAnswer
    1. This table or related slice is empty.
    1. PTQuestion
    1. This table or related slice is empty.
    1. USJules
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PO
      singulars
      1. PTAnswer
    2. PO
      singulars
      1. PTAnswer
    1. VO
      singulars
      1. POJava decryption and encryption compatible with SJCL?
      1. This table or related slice is empty.
      1. VTUpMod
    2. VO
      singulars
      1. POJava decryption and encryption compatible with SJCL?
      1. USJustin Zealand
      1. VTFavorite
    3. VO
      singulars
      1. POJava decryption and encryption compatible with SJCL?
      1. This table or related slice is empty.
      1. VTUpMod
    1. CORe: *enable AES with 256-bit keys* You need to have "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files" installed to generate 256 bit keys.
      singulars
      1. POJava decryption and encryption compatible with SJCL?
      1. USLeigh
    2. COI've got everything working for decryption except for the authenticated data & OCB2 (patented algorithm), as I was interested in the solution myself. Got a question standing out on the encoding of the "adata". I've used Jackson to retrieve the JSON parameters and ciphertext, but it's not a library yet, just test code. Do you need the additional plain authenticated data or OCB2?
      singulars
      1. POJava decryption and encryption compatible with SJCL?
      1. USMaarten Bodewes
    3. COFrom the SJCL team: "Patched in latest to use UTF-8. I'll send out an advisory immediately."
      singulars
      1. POJava decryption and encryption compatible with SJCL?
      1. USMaarten Bodewes
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload