Wednesday, September 21, 2011

JCE Exploration Part 2

As I explained in my prior post I'm trying to figure out how to use the Java Cryptography classes to encrypt a string using AES.

I have a little test that passes but doesn't actually do any encryption. How shall I proceed?

Since I know nothing about this space, I do a bit of searching on the web to find out what I need to do to get started. Let's just see what might come up. Hey! That stack overflow entry looks to be just the ticket. What can I do with that?

After copying the code fragment from the posting, it doesn't compile. IntelliJ is giving me warnings about exceptions. Here is what I have for my encrypt function after adding try/catch to the sample:

Running the test doesn't work. It is complaining about a 'Missing argument' in the SecretKeySpec constructor. Well, there are those caveats about we'll need a byte array for the key and the vector. I can make up a vector, but how should I initialize the key buffer (sessionKey) with something realistic? It looks like there is a KeyGenerator class. So, with initializing the vector and using the KeyGenerator class to set my byte array looks like:

When I run the test, however, I get a useful error message: Wrong IV length: must be 16 bytes long
That is easy enough to fix, I'll just add some more bytes to my array....
And, I get another good error message!
org.junit.ComparisonFailure: Expected :Original Plaintext Actual :[B@5e7808b9

Can it really be that easy? Do I just have to reverse the process in my decrypt and I'll have end to end decryption?
And the moment of truth--running the tests...
javax.crypto.IllegalBlockSizeException: Input length must be multiple of 16 when decrypting with padded cipher

Well, I guess I know what to do--another search!

And I see some things in this post. Hmm. UTF-8 and base64 encoding. That suggests another post from that search. (The one about Base64 on stack overflow).

OK. So at this point I'm closer but still have a problem. The decryption is not working. But that is enough for this post. I'll mull on it for a bit. I think first I should clean up the code some and that may make it easier to spot my issue.

Stay tuned.

No comments:

Post a Comment