0

I have been looking into this for a while now but just cant seem to spot the problem. I have included the method in question, and the given output. No errors exist, just simply an inaccurate result returned from the decrypting back of encrypted/encoded data.

Can anyone spot the mis-coding?

METHOD

public static void register(){

    try{
        // CREATE KEY AND CIPHER
        byte[] key = username.getBytes();
        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
        SecretKeySpec secretKey = new SecretKeySpec(key, "AES");

        // ENCRYPT DATA
        cipher.init(Cipher.ENCRYPT_MODE, secretKey);
        byte[] cipherText = cipher.doFinal(password.getBytes("UTF8"));

        // ENCODE DATA
        String encodedString = new String(Base64.encodeBase64(cipherText), "UTF-8");

        // SAVE VARIABLE
        p = new String(encodedString);

        // PRINT DATA
        System.out.println("PLAINTEXT KEY:      " + username);
        System.out.println("MODIFIED PASSWORD:  " + password);
        System.out.println("ENCRYPTED PASSWORD: " + new String(cipherText));
        System.out.println("ENCODED PASSWORD:   " + encodedString);
        System.out.println("P (ENCODED):        " + p);
        System.out.println("");

        // SAVE TO DISK
        try {
            File file = new File("C://Welcome/License.txt");
            file.getParentFile().mkdirs();
            FileWriter fw = new FileWriter(file);
            BufferedWriter bw = new BufferedWriter(fw);

            bw.write(new String(p));
            bw.close();
        }
        catch(FileNotFoundException ex){
            ex.printStackTrace();
        }
        catch(IOException ex){
            ex.printStackTrace();
        }
        p = "";

        // CREATE A FOLDER FOR FILES
        try {
            File dir = new File("C://IronFortress/Files");
            dir.mkdir();
        }
        catch(Exception e){
            e.printStackTrace();
        }


        // READ DATA FROM DISK
        String fileName = "C:/Welcome/License.txt";
        String line0 = null;

        try {
            FileReader fr = new FileReader(fileName);
            BufferedReader br = new BufferedReader(fr);

            if((line0 = br.readLine()) != null){
                p = (line0);
            }

            br.close();
        }
        catch(FileNotFoundException e) {
            e.printStackTrace();
        }
        catch (IOException e) {
            e.printStackTrace();
        }

        // DECODE PASSWORD
        String decodedString = new String(Base64.decodeBase64(p));

        // CREATE KEY AND CIPHER
        key = username.getBytes();
        Cipher cipher2 = Cipher.getInstance("AES/ECB/PKCS5Padding");
        SecretKeySpec secretKey2 = new SecretKeySpec(key, "AES");

        // DECRYPT PASSWORD
        cipher2.init(Cipher.DECRYPT_MODE, secretKey2);
        byte[] cipherText2 = cipher.doFinal(decodedString.getBytes("UTF8"));

        // PRINT DATA
        System.out.println("P (DECODED):        " + p);
        System.out.println("ENCODED PASSWORD:   " + decodedString);
        System.out.println("DECRYPTED PASSWORD: " + new String(cipherText2));
    }
    catch (Exception e){
        e.printStackTrace();
    }
}

OUTPUT

KEY:                mmmmmmmmmmmmmmmm
PASSWORD:           mxxxxxxxxxxxxxxx
ENCRYPTED PASSWORD: CvsoR—:bÜjçÆä†wÖ×_uK)¼i">ŠÏMrE
ENCODED PASSWORD:   Q3Zzb1KXOmLc58bkhnfW1191SwQpvGkiPhmKz01yRQc=
P (ENCODED):        Q3Zzb1KXOmLc58bkhnfW1191SwQpvGkiPhmKz01yRQc=

P (DECODED):        Q3Zzb1KXOmLc58bkhnfW1191SwQpvGkiPhmKz01yRQc=
ENCODED PASSWORD:   CvsoR—:bÜçÆä†wÖ×_uK)¼i">ŠÏMrE
DECRYPTED PASSWORD: ƒÑjQ:y¯€n»×l¬JÍœ£,cá±ß…c}˜àzð`{úÀØ…¢1vŸlЩÚ
seenukarthi
  • 8,241
  • 10
  • 47
  • 68
user4163554
  • 51
  • 10
  • Ahhh, I have been under the assumption that to save cipherText to disk, the cipherText needs to be encoded. Ha, I really do hope its not that simple. Let me give this a try a mo... – user4163554 Aug 23 '15 at 12:08
  • possible duplicate of [Error with AES decryption method](http://stackoverflow.com/questions/32156380/error-with-aes-decryption-method) – Artjom B. Aug 23 '15 at 12:26
  • Why do you keep calling `new String`? Just to use up a little more memory? – Boris the Spider Aug 23 '15 at 12:39

1 Answers1

1

The problem is as with the previous question:

String decodedString = new String(Base64.decodeBase64(p));

p is the Base64-encoded ciphertext. If you decode it, you get a ciphertext with arbitrary bytes. When you make a string out of the bytes, you silently throw away some bytes which makes the plaintext unrecoverable.

Try:

byte[] decoded = Base64.decodeBase64(p);
byte[] cipherText2 = cipher.doFinal(decoded); // this isn't ciphertext, but plaintext
Artjom B.
  • 61,146
  • 24
  • 125
  • 222