Decrypting a byte-array who was encrypted by PBE
Hi,
I have a problem with the decryption of a Object encrypted with PBE...
Here is the encryption code:
private PBEKeySpec pbeKeySpec;
private PBEParameterSpec pbeParamSpec;
private SecretKeyFactory keyFac;
// Salt
privatebyte[] salt ={
(byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c, (byte) 0x7e,
(byte) 0xc8, (byte) 0xee, (byte) 0x99};
// Iteration count
privateint count = 20;
pbeParamSpec =new PBEParameterSpec(salt, count);
//...
// pw is a password-char[]
pbeKeySpec =new PBEKeySpec(pw);
keyFac = SecretKeyFactory.getInstance("PBEWITHSHA1ANDRC2_40");
SecretKey pbeKey = keyFac.generateSecret(pbeKeySpec);
Cipher pbeCipher = Cipher.getInstance("PBEWITHSHA1ANDRC2_40");
pbeCipher.init(Cipher.ENCRYPT_MODE, pbeKey, pbeParamSpec);
return pbeCipher.doFinal(confHashMapBArray);
this works...
For the decryption i use this code :
// the same password
pbeKeySpec =new PBEKeySpec(pw);
keyFac = SecretKeyFactory.getInstance("PBEWITHSHA1ANDRC2_40");
SecretKey pbeKey = keyFac.generateSecret(pbeKeySpec);
Cipher pbeCipher = Cipher.getInstance("PBEWITHSHA1ANDRC2_40");
pbeCipher.init(Cipher.DECRYPT_MODE, pbeKey, pbeParamSpec);
// the Object is a HashMap, inStat is a class who desrialize an byte-array to an object
return
(HashMap)inStat.deserializeObjectFromBytearray(pbeCipher.doFinal(eValue));
but this is not working...
Any ideas?
regards
Message was edited by:
Olek
Message was edited by:
Olek
[2626 byte] By [
Oleka] at [2007-11-27 9:35:46]
# 2
the stack trace is:
javax.crypto.IllegalBlockSizeException: Input length must be multiple of 8 when decrypting with padded cipher
at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
at com.sun.crypto.provider.PKCS12PBECipherCore.b(DashoA13*..)
at com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC2_40.engineDoFinal(DashoA13*..)
at javax.crypto.Cipher.doFinal(DashoA13*..)
at sec.SecurityStation.decodeConfidentialData(SecurityStation.java:109)
at gui.MainFrame.<init>(MainFrame.java:93)
at Start.main(Start.java:157)
i tryed to encode a HashMap... and later decode the byte-array to the original HashMap with PBE.
i wonder why the encoded HashMap is only 10 or 9 bytes long...
i guess i don't understand the algo in the right way.
Oleka at 2007-7-12 23:03:19 >
# 4
Ok i try to make a better explaination :
I want to store a HashMap with important Informations in a DB(MySQL).
Therefore i translate the hashmap into a byte-array.
This byte-array should encoded with PBE.
Then this encoded array should stored in the DB.
If new data is there the data should reveived from the DB(stored as medium clob).
Then the array should decrpyted to the original byte-array.
Last the array should convert into the HashMap to store something new.
The encrypted byte-array could probably converted to a String ...
I must do this cause of the Syntax of the DB-insertion.
to store the byte-array i use a code simillar to this :
storeValuesToDB(new Object[]{"'" + byteArrayHashMap + "'"};
The "'" are important for the "insert into table blabla values" - method, otherwise i get a SQL-Exception.
the encryptioncode and the decryptioncode is shown above.
I have took it from a tutorial from java of JCE.
The API is very thin.
First question :
When i should use cipher.doFinal() and when cipher.update()?
In a codebook i read somthing from first loop through the bytearray calling update in 8b-steps then call doFinal() when less as 8 bytes are left.
In many examples they only call doFinal with the whole byte-array.
The encrypted HashMap(an empty HashMap) have only 9 or 10Bytes ... is this a regular value?
thanks
Message was edited by:
Olek
Message was edited by:
Olek
Oleka at 2007-7-12 23:03:19 >
# 5
I'm sorry but your explanation of what you are trying to do does not help in sorting out the problem. You still are not showing the code that matters.
1) Create an encryption agent with sole responsibility that of encrypting and decrypting data. This can be tested without going anywhere near a database and can be posted here if you have problems. The testing will be to prove that a byte array (or InputStream/OutputStream) can be encrypted and then decrypted getting back the original array (or InputStream/OutputStream).
2) Create a database agent with sole responsibility that of putting a byte array (or maybe even an InputStream content) in a database and then getting back the data. Testing would be a matter of proving that you get back exactly what you put in.
3) Create an agent to serialize your HashMap into a form suitable for 1) and for deserializing the serialized HashMap. Testing can then be done very simply.
The common theme is that of creating agents to perform well defined independently testable transformation and inverse transformation tasks.
