1

I have a weird problem...

Basing my solution on Decrypting a hardcoded file as byte[]

So, I wrote a small Cypher class to help out with crypting/decrypting... It used to mock-up a key hardcoded at some place and another pre-crypted key stored somewhere else. But that's somewhat irrelevant atm.

the crypting process went like this:

  • retrieve the hardcoded byte array
  • use it to decrypt key2
  • use key2 to decrypt data
  • use key1 to further decrypt data
  • have decrypted data

I was storing the crypted data as a hex-string, used these two functions to get in-out of there

private static String byteArrayToHexString(byte[] b)
{
    StringBuffer sb = new StringBuffer(b.length * 2);
    for (int i = 0; i < b.length; i++)
    {
        int v = b[i] & 0xff;
        if (v < 16)
        {
            sb.append('0');
        }
        sb.append(Integer.toHexString(v));
    }
    return sb.toString().toUpperCase();
}

private static byte[] hexStringToByteArray(String s)
{
    byte[] b = new byte[s.length() / 2];
    for (int i = 0; i < b.length; i++)
    {
        int index = i * 2;
        int v = Integer.parseInt(s.substring(index, index + 2), 16); //THIS LINE
        b[i] = (byte) v;
    }
    return b;
}

That worked flawlessly; in fact it worked so good that I implemented it in my real project. The project failed to run due to the fact that i didn't thoroughly test.

Turns out it crypts/decrypts pretty much all files OK except one - that one doesn't want to decrypt.

I have pinpointed the issue however - THIS line throws an IllegalNumberFormat exception; at some point i got acquainted with this http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6259307 as well. I would and can revert to this method if someone describes a way to bypass a case when a string of length 2 is converted to four bytes which throw an IllegalNumberFormatException.

So, I figured that since I cannot decode a file (and obviously cannot share it here for you guys to try out) I needed to transform it somehow to make it transport-safe. Enter the Base64Coder class which encodes to base64 strings...

That seemed to have introduced a new issue - padding was getting effed up.

The question is simple - what am I doing wrong? I need to conform to this data and it has to be able to crypt/decrypt properly and equally. I'd like a proposal on the most light-weight solution possible with least copy/pasting... pseudocode won't do the trick here.

Here's what I'm doing now....

public static char[] encrypt2(byte[] value) throws GeneralSecurityException, IOException
{
    SecretKeySpec key1 = getSecretKeySpec(true);
    System.err.println("encrypt():\t" + key1.toString());
    Cipher cipher = Cipher.getInstance(CRYPTOSYS);
    cipher.init(Cipher.ENCRYPT_MODE, key1, cipher.getParameters());
    byte[] encrypted = cipher.doFinal(value);

    SecretKeySpec key2 = getSecretKeySpec(false);
    cipher = Cipher.getInstance(CRYPTOSYS);
    cipher.init(Cipher.ENCRYPT_MODE, key2, cipher.getParameters());
    byte[] encrypted2 = cipher.doFinal(encrypted);

    return Base64Coder.encode(encrypted2);
}

public static byte[] decrypt2(char[] message) throws GeneralSecurityException, IOException
{
    SecretKeySpec key1 = getSecretKeySpec(false);
    System.err.println("decrypt():\t" + key1.toString());
    Cipher cipher = Cipher.getInstance(CRYPTOSYS);
    cipher.init(Cipher.DECRYPT_MODE, key1);
    byte[] decrypted = cipher.doFinal(Base64Coder.decode(message));

    SecretKeySpec key2 = getSecretKeySpec(true);
    cipher = Cipher.getInstance(CRYPTOSYS);
    cipher.init(Cipher.DECRYPT_MODE, key2);
    byte[] decrypted2 = cipher.doFinal(decrypted);

    return decrypted2;
}

Note that keys are currently fully-exposed (hardcoded) for testing purposes.

Here's my test-case

public static void main(String... args) throws Exception
{
    //      byte[] data = "hello".getBytes();
    File PEM = new File(PATH_TO_FILES + SOURCE_PEM);
    File DER = new File(PATH_TO_FILES + SOURCE_DER);
    File cryptoPEM = new File(PATH_TO_FILES + "cryptopem");
    File cryptoDER = new File(PATH_TO_FILES + "cryptoder");

    byte[] cryptokey = encryptA(ASSET_KEY);
    System.out.println(new String(cryptokey));

    //pem key
    System.out.println("PEM");
    byte[] data = getBytesFromFile(PEM);
    char[] crypted = encrypt2(data);
    //      FileOutputStream fos = new FileOutputStream(cryptoPEM);
    FileWriter fw = new FileWriter(cryptoPEM);
    fw.write(crypted);
    fw.flush();

    //der key
    System.out.println("DER");
    data = getBytesFromFile(DER);
    crypted = encrypt2(data);
    fw = new FileWriter(cryptoDER);
    fw.write(crypted);
    fw.flush();

    //opentext
    System.out.println("checking PEM...");
    crypted = Base64Coder.encode(getBytesFromFile(cryptoPEM));
    byte[] decrypted = decrypt2(crypted,  false);
    byte[] decryptedData = decrypted;

    if (!Arrays.equals(getBytesFromFile(PEM), decryptedData)) { throw new Exception("PEM Data was not decrypted successfully"); }

    System.out.println("checking DER...");
    crypted = Base64Coder.encode(getBytesFromFile(cryptoDER));
    decrypted = decrypt2(crypted,  false);
    decryptedData = decrypted;

    if (!Arrays.equals(getBytesFromFile(DER), decryptedData)) { throw new Exception("DER Data was not decrypted successfully"); }
}

And I'm getting an InvalidBlockSizeException now.... Please, someone shed some light on this, I just want this to work...

Replacing 'key2' for an IV to be later used in a "AES/CBC/PKCS5Padding" is an option I'm considering right now. Essentially nothing will change except the second step of encrypting. Theoretically and metodically I'd keep things the same - unless of course a better solution is described.

At the end I'd like to point out that this is a programmer question, not a IT security-student question so proper code is valued more than a theoretical response that covers unlikely fringe cases.

EDIT: well, I can't give you the numbers that cause the IllegalNumberFormatException because I lost the code from this morning. I can't seem to replicate the issue so I guess trying to figure that part is of no use.

Here's the output from the sample test:

encrypt():  javax.crypto.spec.SecretKeySpec@15dd7
5@��_׵G�j��!�c;D�i�lR?z�j\
PEM
encrypt():  javax.crypto.spec.SecretKeySpec@15dd7
DER
encrypt():  javax.crypto.spec.SecretKeySpec@15dd7
checking PEM...
decrypt():  javax.crypto.spec.SecretKeySpec@15c78
Exception in thread "main" javax.crypto.IllegalBlockSizeException: Input length must be multiple of 16 when decrypting with padded cipher

which means that Base64 is kinda messing it up...

Community
  • 1
  • 1
Shark
  • 6,513
  • 3
  • 28
  • 50
  • What is the input value into `Integer.parseInt()` for which it throws the exception? That alone shouldn't contain any secret information but would be very useful for helping you. – Joachim Sauer Aug 30 '12 at 13:42
  • Yes, I have no trouble revealing that piece of information. It is encountered on the marked line at some point (as you can see, it should take two hex letters) until it hits on these bytes (two letters) - 0* with bytes [47, -61, -67, -65] I will update my answer when I catch them again, like I said - i can revert back. – Shark Aug 30 '12 at 14:06
  • Have you tried Byte.parseByte(stringRepresentationOfByte, 16) instead of Integer.parseInt(...)? – Buhb Aug 30 '12 at 14:50
  • Buhb, you didn't read my post - I referenced a known issue in Java that fails to parse my input because bytes are signed. That is why I have used Integer.parseInt() instead but it also fails because it encounters a character that is more than one byte long. I tried using getBytes("UTF-8") as well but to no avail. I tried alot of things really but none of them did the trick... Thats why I posted here to see if anything can be salvaged or if I should just rewrite the whole damn thing from scratch in hopes I don't make the same mistake :// – Shark Aug 30 '12 at 14:54
  • By my calculation, [47, -61, -67, -65] is [2F C3 BD BF]. Assuming it is UTF-8 that is '/' followed by U+3F7F, which is a Chinese character. How sure are you about the input to the system? If this happens at the end it might be a padding issue. – rossum Aug 30 '12 at 15:48
  • rossum, i'm encrypting a DER key, it's unreadable. the PEM key crypts fine as it's 'human readable' but I cannot change the content of the crypted data... The numbers are not definite as the string looks like "0&" which should represent a hex value. For some reason the & is some garbage character that weigts a few bytes. I know for sure that they both 'look' like valid hex values, it's just that for some reason they stick together or whatever. Maybe I need to transform to something else before crypting it because plain crypt-decrypt test fails on only that file. – Shark Aug 30 '12 at 15:56

3 Answers3

1

I think the problem is here:

//opentext
System.out.println("checking PEM...");
crypted = Base64Coder.encode(getBytesFromFile(cryptoPEM));

Previously, you wrote char[] to the file, but now you're reading a byte[] from the file and re-encoding in base64. The file's contents should already be base64-encoded!

You need a new function called getCharsFromFile that returns char[] or String and pass that directly to decrypt2.

Bill Brasky
  • 2,614
  • 2
  • 19
  • 20
0

Any reason why you dont use the Appache Commons for this?

http://commons.apache.org/codec/apidocs/org/apache/commons/codec/binary/Base64.html

Boris Horvat
  • 563
  • 2
  • 13
  • 28
0

After reviewing the code this morning and tweaking a little bit I got it to work.

public static byte[] encrypt2(byte[] value) throws GeneralSecurityException, IOException
{
    SecretKeySpec key1 = getSecretKeySpec(true);
    System.err.println("encrypt():\t" + key1.toString());
    Cipher cipher = Cipher.getInstance("AES");
    cipher.init(Cipher.ENCRYPT_MODE, key1, cipher.getParameters());
    byte[] encrypted = cipher.doFinal(value);

    SecretKeySpec key2 = getSecretKeySpec(false);
    System.err.println("encrypt():\t" + key2.toString());
    cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
    cipher.init(Cipher.ENCRYPT_MODE, key2, new IvParameterSpec(getIV()));
    byte[] encrypted2 = cipher.doFinal(encrypted);

    return encrypted2;//Base64Coder.encode(encrypted2);
}

public static byte[] decrypt2(byte[] message, boolean A) throws GeneralSecurityException, IOException
{
    SecretKeySpec key1 = getSecretKeySpec(false);
    System.err.println("decrypt():\t" + key1.toString());
    Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
    cipher.init(Cipher.DECRYPT_MODE, key1, new IvParameterSpec(getIV()));
    byte[] decrypted = cipher.doFinal(message);

    SecretKeySpec key2 = getSecretKeySpec(true);
    System.err.println("decrypt():\t" + key2.toString());
    cipher = Cipher.getInstance("AES");
    cipher.init(Cipher.DECRYPT_MODE, key2);
    byte[] decrypted2 = cipher.doFinal(decrypted);

    return decrypted2;
}
Shark
  • 6,513
  • 3
  • 28
  • 50