2

I have one application which is in PHP encrypting text using openssl_encrypt with following method. (Using same value for salt and iv as '239422ae7940144f')

function encrypt_password($password) {
    define('AES_256_CBC', 'aes-256-cbc');
    $sessionId = $password;
    //random number for encrtyption(salt)
    $salt = '239422ae7940144f';
    $iv = $salt; //cipher length
    $encryptedSession = openssl_encrypt($sessionId, AES_256_CBC, $salt, 0, $iv);
    return array('encryptedPassword' => $encryptedSession, 'salt' => $salt);
}

function decrypt_password($result) {
    define('AES_256_CBC', 'aes-256-cbc');
    $vPassword = 'xUP9PwhcXm5xbKIfiSxMCA==';
    //random number for descrypt(salt)
    $salt = '239422ae7940144f';
    $iv = $salt; //cipher length.
    $decrypted = openssl_decrypt($vPassword, AES_256_CBC, $salt, 0, $iv);
    return $decrypted;
}

Encrypt of password 'abc123' provides 'xUP9PwhcXm5xbKIfiSxMCA==' and decrypting it gives back 'abc123'.

How to find equivalent java program which would do the same. I tried using the example on Using Java to decrypt openssl aes-256-cbc using provided key and iv, but it fails with

java.lang.IllegalArgumentException: IV buffer too short for given offset/length combination.

Following are the secretKey and initVector lines in java program I am using.

    final byte[] secretKey = javax.xml.bind.DatatypeConverter.parseHexBinary("239422ae7940144f");
    final byte[] initVector = javax.xml.bind.DatatypeConverter.parseHexBinary("239422ae7940144f");
Community
  • 1
  • 1
V. Patel
  • 43
  • 1
  • 10
  • You're requesting AES-256, but only providing a 128 bit key (`$salt`). – Artjom B. Jul 27 '16 at 05:26
  • You should never encrypt your user's passwords. You need to use hashing instead with some strong ones being PBKDF2, bcrypt, scrypt and Argon2. Since hash functions are one-way function, you won't be able to "decrypt" the hashes. In order to authenticate your user, you can run the password through the hash function again in order to compare with the hash that is stored in the database. See more: [How to securely hash passwords?](http://security.stackexchange.com/q/211/45523) – Artjom B. Jul 27 '16 at 05:27
  • The IV must be unpredictable (read: random). Don't use a static IV, because that makes the cipher deterministic and therefore not semantically secure. An attacker who observes ciphertexts can determine when the same message prefix was sent before. The IV is not secret, so you can send it along with the ciphertext. Usually, it is simply prepended to the ciphertext and sliced off before decryption. – Artjom B. Jul 27 '16 at 05:27
  • I use openssl_random_pseudo_bytes(8) to generate Salt and IV, so they are random. The issue is, encryption/decryption is working in PHP, but not in Java with same salt and IV. Is there any equivalent java routine which will work with same salt and IV? – V. Patel Jul 27 '16 at 11:58
  • Well, you're using the `$salt` string directly in PHP, but in Java you're assuming that it is Hex. You should assume that the string is simply ASCII or UTF-8 encoded (`"239422ae7940144f".getBytes("UTF-8")`). – Artjom B. Jul 27 '16 at 18:07
  • Ok. I used "239422ae7940144f".getBytes("UTF-8"). Now I am getting this error. java.io.IOException: javax.crypto.IllegalBlockSizeException: Input length not multiple of 16 bytes at javax.crypto.CipherInputStream.getMoreData(CipherInputStream.java:115) – V. Patel Jul 28 '16 at 03:02
  • You haven't shown how you transport the ciphertext from PHP to Java and back. Just as a reminder think about what the exception is saying. It is pretty clear what is wrong. – Artjom B. Jul 28 '16 at 05:18
  • I understand what exception is saying, but cant figure out what is wrong – V. Patel Jul 28 '16 at 23:56

0 Answers0