3

I'm trying to encrypt a string in C and java to look if the result is the same on both sides and later try to decrypt that result in each one of them, but when I run my code the result looks very different on each one

This is my C code:

#include <string.h>
#include <openssl/aes.h>

char key[] = "thisisasecretkey";

 int main(){
 unsigned char text[]="hello world";
 unsigned char enc_out[80];
 unsigned char dec_out[80];

 AES_KEY enc_key, dec_key;

 AES_set_encrypt_key(key, 128, &enc_key);
 AES_encrypt(text, enc_out, &enc_key);

 printf("original:%s\t",text);
 printf("\nencrypted:%s\t",enc_out);
 printf("\n");

 return 0;
}

This is my java code:

package com.caja.utilidades;

import java.security.Key;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;

public class MainClass {

private static final String ALGORITHM = "AES";
private static final String keyValue = "thisisasecretkey";

public static void main(String[] args) throws Exception {
    System.out.println(encrypt("hello world"));
}

public static String encrypt(String valueToEnc) throws Exception {
  Key key = generateKey();
  Cipher cipher = Cipher.getInstance(ALGORITHM);
  cipher.init(Cipher.ENCRYPT_MODE, key);
  byte[] encValue = cipher.doFinal(valueToEnc.getBytes());
  return new String(encValue);
}

private static Key generateKey() throws Exception {
  Key key = new SecretKeySpec(keyValue.getBytes(), ALGORITHM);
  return key;
}


}

In C I'm using openssl library, for C and java I'm using eclipse, thanks in advance.

I made some changes in my code to compare the result in the two programs

New code

C code:

#include <string.h>
#include <openssl/aes.h>

char key[] = "thisisasecretkey";

int main(){
unsigned char text[]="hello world";
unsigned char enc_out[80];
unsigned char dec_out[80];

AES_KEY enc_key, dec_key;

AES_set_encrypt_key(key, 128, &enc_key);
AES_encrypt(text, enc_out, &enc_key);

int i;

printf("original:\t");
for(i=0;*(text+i)!=0x00;i++)
    printf("%02X ",*(text+i));
printf("\nencrypted:\t");
for(i=0;*(enc_out+i)!=0x00;i++)
    printf("%02X ",*(enc_out+i));
printf("\n");

printf("original:%s\t",text);
printf("\nencrypted:%s\t",enc_out);
printf("\ndecrypted:%s\t",dec_out);
printf("\n");

return 0;
}

java code:

import java.security.Key;
import java.security.MessageDigest;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;

public class MainClass {

private static final String ALGORITHM = "AES";
private static final String keyValue = "thisisasecretkey";
final protected static char[] hexArray = "0123456789ABCDEF".toCharArray();

public static void main(String[] args) throws Exception {
    System.out.println(encrypt("hello world"));
}

public static String encrypt(String valueToEnc) throws Exception {
  Key key = generateKey();
  Cipher cipher = Cipher.getInstance(ALGORITHM);
  cipher.init(Cipher.ENCRYPT_MODE, key);
  byte[] encValue = cipher.doFinal(valueToEnc.getBytes());
  System.out.println(bytesToHex(encValue));
  return new String(encValue);
}

private static Key generateKey() throws Exception {
  byte[] key2 = keyValue.getBytes("UTF-8");
  MessageDigest sha = MessageDigest.getInstance("SHA-1");
  key2 = sha.digest(key2);
  key2 = Arrays.copyOf(key2, 16);

  Key key = new SecretKeySpec(key2, ALGORITHM);
  return key;
}

public static String bytesToHex(byte[] bytes) {
    char[] hexChars = new char[bytes.length * 2];
    for ( int j = 0; j < bytes.length; j++ ) {
        int v = bytes[j] & 0xFF;
        hexChars[j * 2] = hexArray[v >>> 4];
        hexChars[j * 2 + 1] = hexArray[v & 0x0F];
    }
    return new String(hexChars);
 }

}

C result:

original:   68 65 6C 6C 6F 20 77 6F 72 6C 64 
encrypted:  17 EF AC E9 35 B1 81 67 EA 7D BB 99 E2 4F D1 E8 70 35 62 BD 
original:hello world    
encrypted:ï¬é5±?gê}»™âOÑèp5b½   
decrypted:hello world

Java result:

encrypted: 764AA3D074EE1399858ECD7076957D21
encrypted: vJ£Ðtî™…ŽÍpv•}!
Alan Gaytan
  • 852
  • 4
  • 14
  • 33
  • What is the Key size in the Java version? – yeyo Oct 07 '15 at 15:43
  • What do you mean for Key size?, I'm sorry, I'm new about this topic – Alan Gaytan Oct 07 '15 at 16:39
  • I'm not an expert either, but in the C version I see you specified the size of the key, `AES_set_encrypt_key(key, 128, &enc_key);` 128. But in Java I can't see where you specified the same key size. – yeyo Oct 07 '15 at 16:45
  • I add code to set key size to 128 on generateKey method, but still have different results – Alan Gaytan Oct 07 '15 at 17:49
  • Please, check this link http://aesencryption.net/, there you can make some test and evaluate your results. Also at the bottom they have an implementation in Java. To decode base64 you can use this link. http://tomeko.net/online_tools/base64.php?lang=en – yeyo Oct 07 '15 at 21:03
  • Thanks for the example, but I still having different result, the output was D?????a????9 String to Encrypt: hello world Encrypted: dkqj0HTuE5mFjs1wdpV9IQ== String To Decrypt : dkqj0HTuE5mFjs1wdpV9IQ== Decrypted : hello world – Alan Gaytan Oct 08 '15 at 14:09

1 Answers1

1

I will speak to the Java side; I believe the same comments apply to the C version as well.

You do NOT want to take your encrypted byte array and convert it to a String. In particular, here:

byte[] encValue = cipher.doFinal(valueToEnc.getBytes());
return new String(encValue);

The problem is that new String(byte[] b) is going to interpret the byte array as a string that is encoded with the default encoding. Of course, the byte array is not an encoded string, so this isn't particularly useful.

If you want to get a string that you can use to compare the encrypted byte arrays (visually), the typical approach is to hex-encode the byte array. See How to convert a byte array to a hex string in Java? and How do you convert buffer (byte array) to hex string in C? for more information. There are, of course, many libraries that support this functionality.

Community
  • 1
  • 1
Rob
  • 6,247
  • 2
  • 25
  • 33