0

I encrypt/decrypt a message like the following: Encrypt string -> base64 encode bytes -> serialize string -> deserialize string -> decode b64 -> decrypt bytes.

The encryption looks like this:

PublicKey pubKey = readPublicKey();
Cipher cipher;
cipher = Cipher.getInstance(CRYPTO_ALG);
cipher.init(Cipher.ENCRYPT_MODE, pubKey);
byte[] cipherData;
cipherData = cipher.doFinal(message.getBytes());
return cipherData;

Decryption is done like so:

PrivateKey pk = readPrivateKey();
Cipher cipher = Cipher.getInstance(CRYPTO_ALG);
cipher.init(Cipher.DECRYPT_MODE, pk);

return new String(cipher.doFinal(data));

The keys are read like this:

ObjectInputStream oin =
   new ObjectInputStream(new BufferedInputStream(is));
BigInteger m = (BigInteger) oin.readObject();
BigInteger e = (BigInteger) oin.readObject();

RSAPrivateKeySpec keySpec = new RSAPrivateKeySpec(m, e);
KeyFactory fact = KeyFactory.getInstance("RSA");
PrivateKey privKey = fact.generatePrivate(keySpec);

return privKey;

I have omitted the b64 stuff here, but I have verified that the problem does not affect that code.

What happens now is that I actually get the correct answer, but it is prepended with binary gibberish. If I encrypt "TESTDATA", I will get TESTDATA. The code works fine in plain Java, but fails in Android. Does anyone know how to fix this?

EDIT: Encrypting/decrypting using RSA/NONE/NoPadding does not seem to help. I also use org.bouncycastle in the plain JRE.

anders
  • 772
  • 1
  • 10
  • 17
  • Can this help? http://stackoverflow.com/questions/10306560/android-jvm-difference-in-rsa-decryption – Milos Cuculovic Jan 08 '13 at 11:14
  • http://stackoverflow.com/questions/7787328/rsa-encrypt-and-decrypt-strings-on-android – Ali Imran Jan 08 '13 at 11:17
  • @Milos: That seems very plausible, however when I encrypt/decrypt using "RSA/NONE/NoPadding" it does not work. The output is all gibberish. Am I missing something? Do I have to change something when generating the keys? – anders Jan 08 '13 at 12:49
  • @navlelo, try printing out the generated key to se if everything is fint with this. – Milos Cuculovic Jan 08 '13 at 13:20
  • 1
    @navlelo: There must be 200 questions on this site and others where the problem is programmers using defaults without knowing what they mean. Don't use defaults. What does `message.getBytes()` do? It uses the *platform* default character set. What does the `new String(byte[])` constructor do? It also uses the default platform character set. And what are you doing? You are trying to run your code on different platforms! Always specify the charset. You can always use "UTF-8". The same goes for `Cipher.getInstance("RSA")`. Why leave off the mode and padding? You are just asking for trouble. – President James K. Polk Jan 09 '13 at 00:05
  • @GregS: You are correct. This was a first for me using the PKI stuff, so I didn't consider these things. If you post this as an answer, I'll verify it. – anders Jan 09 '13 at 11:36

1 Answers1

1

In my experience, defaults are a tremendous and never-ending source of hard-to-find bugs in Java crypto. They can bite anybody but they prey on beginners. A beginner is most likely to choose defaults because, by their very nature, they are confused and are looking to simplify. And they are hard to spot, indeed almost invisible, because they are not there. When you look at String.getBytes() it looks completely innocent. Why would a beginner suspect that new String(s.getBytes()) is ever not equal to s? Worst of all, testing seems to indicate it is true. It is only when you transport the byte[] from s.getBytes() to another platform with a different platform default character set that you notice the bug.

Never use String.getBytes(), always use String.getBytes(Charset). Never use the String(byte[]) constructor, always use String(byte [], Charset) constructor. You can always use the UTF-8 charset (Charset.forName("UTF-8")). I use it exclusively.

Similarly, always specify all three components algorithm/mode/padding in the Cipher.getInstance(String) factory method.

President James K. Polk
  • 40,516
  • 21
  • 95
  • 125