Home.... | log in.... | Pub my question! | Sign-up....
Java-index >> Security >> Cryptography

Need Help with Error: DES PBE without Salt?

I know nothing about encryption or how it works.

I found this code online and would like to make one minor change.

Is it possible to use the same code but without a Salt?

All I editted (and the problem) is in the

public DesEncrypter(String passPhrase){} method.

When I edit the code I get the following error:

ERROR: INIT

java.security.InvalidKeyException: requires PBE parameters

at com.sun.crypto.provider.PBEWithMD5AndDESCipher.engineInit(DashoA13*..)

at javax.crypto.Cipher.a(DashoA13*..)

at javax.crypto.Cipher.a(DashoA13*..)

at javax.crypto.Cipher.init(DashoA13*..)

at javax.crypto.Cipher.init(DashoA13*..)

at DesEncrypter.<init>(DesEncrypter.java:73)

at DesEncrypter.main(DesEncrypter.java:28)

Caused by: java.security.InvalidAlgorithmParameterException: Parameters missing

at com.sun.crypto.provider.SunJCE_ab.a(DashoA13*..)

at com.sun.crypto.provider.PBEWithMD5AndDESCipher.engineInit(DashoA13*..)

... 7 more

ERROR: DECRYPT

java.lang.IllegalStateException: Cipher not initialized

at javax.crypto.Cipher.c(DashoA13*..)

at javax.crypto.Cipher.doFinal(DashoA13*..)

at DesEncrypter.decrypt(DesEncrypter.java:113)

at DesEncrypter.main(DesEncrypter.java:31)

Text: Don't tell anybody!

Password: password

Encrypt: 80p+Wip2eyVFnmSOwOSAPbHXy00MCsKx

Decrypt:null

Press any key tocontinue . . .

Here is the code (I commented out the original working piece

of code which is followed by the non-salt version):

/*

http://www.exampledepot.com/egs/javax.crypto/DesString.html

*/

import javax.crypto.*;

import javax.crypto.spec.*;

import java.io.*;

import java.security.spec.*;

publicclass DesEncrypter{

publicstaticvoid main(String[] args){

try{

String text ="Don't tell anybody!";

String password ="password";

// Generate a temporary key. In practice, you would save this key.

// See also e464 Encrypting with DES Using a Pass Phrase.

SecretKey key = KeyGenerator.getInstance("DES").generateKey();

// Create encrypter/decrypter class

//DesEncrypter encrypter = new DesEncrypter(key);

DesEncrypter encrypter =new DesEncrypter(password);

String encrypted = encrypter.encrypt(text);

String decrypted = encrypter.decrypt(encrypted);

System.out.println("Text: " + text);

System.out.println("Password: " + password);

System.out.println("Encrypt: " + encrypted);

System.out.println("Decrypt: " + decrypted);

}catch(Exception e){

System.out.println("\nERROR: MAIN");

e.printStackTrace();

}

}

public DesEncrypter(String passPhrase){

try{

/*

// Create the key

KeySpec keySpec = new PBEKeySpec(passPhrase.toCharArray(), salt, iterationCount);

SecretKey key = SecretKeyFactory.getInstance("PBEWithMD5AndDES").generateSecret(keySpec);

ecipher = Cipher.getInstance(key.getAlgorithm());

dcipher = Cipher.getInstance(key.getAlgorithm());

// Prepare the parameter to the ciphers

AlgorithmParameterSpec paramSpec = new PBEParameterSpec(salt, iterationCount);

// Create the ciphers

ecipher.init(Cipher.ENCRYPT_MODE, key, paramSpec);

dcipher.init(Cipher.DECRYPT_MODE, key, paramSpec);

*/

KeySpec keySpec =new PBEKeySpec(passPhrase.toCharArray());

SecretKey key = SecretKeyFactory.getInstance("PBEWithMD5AndDES").generateSecret(keySpec);

ecipher = Cipher.getInstance(key.getAlgorithm());

dcipher = Cipher.getInstance(key.getAlgorithm());

ecipher.init(Cipher.ENCRYPT_MODE, key);

dcipher.init(Cipher.DECRYPT_MODE, key);

}catch(Exception e){

System.out.println("\nERROR: INIT");

e.printStackTrace();

}

}

public String encrypt(String str){

try{

// Encode the string into bytes using utf-8

byte[] utf8 = str.getBytes("UTF8");

// Encrypt

byte[] enc = ecipher.doFinal(utf8);

// Encode bytes to base64 to get a string

returnnew sun.misc.BASE64Encoder().encode(enc);

}catch(Exception e){

System.out.println("\nERROR: ENCRYPT");

e.printStackTrace();

}

returnnull;

}

public String decrypt(String str){

try{

// Decode base64 to get bytes

byte[] dec =new sun.misc.BASE64Decoder().decodeBuffer(str);

// Decrypt

byte[] utf8 = dcipher.doFinal(dec);

// Decode using utf-8

returnnew String(utf8,"UTF8");

}catch(Exception e){

System.out.println("\nERROR: DECRYPT");

e.printStackTrace();

}

returnnull;

}

Cipher ecipher;

Cipher dcipher;

byte[] salt ={(byte)0xA9, (byte)0x9B, (byte)0xC8, (byte)0x32,

(byte)0x56, (byte)0x35, (byte)0xE3, (byte)0x03};

int iterationCount = 19;

}

[8028 byte] By [TuringPesta] at [2007-11-26 21:47:13]
«« client server connection only allows 1 client
»» can't run java automatic runtime environment 10 update
# 1

Holy cr@p, I think I fixed it.

I have no idea what Im doing but just by guessing now the code works.

Is this the correct solution or did i stumble into something that works but that I shouldnt do?

I changed:

ecipher.init(Cipher.ENCRYPT_MODE, key);

dcipher.init(Cipher.DECRYPT_MODE, key);

into:

ecipher.init(Cipher.ENCRYPT_MODE, key);

AlgorithmParameters ap = ecipher.getParameters();

dcipher.init(Cipher.DECRYPT_MODE, key, ap);

TuringPesta at 2007-7-10 3:37:22 > top of Java-index,Security,Cryptography...
Security
Cryptography

Security New Topic

Security Hot Topic

Security

All Classified