0

crypto-js is used by javascript developers to encrypt text. Its simple to use. 

var CryptoJS = require("crypto-js");

// Encrypt
var ciphertext = CryptoJS.AES.encrypt('my message', 'secret key 123');

// Decrypt
var bytes  = CryptoJS.AES.decrypt(ciphertext.toString(), 'secret key 123');
var plaintext = bytes.toString(CryptoJS.enc.Utf8);

console.log(plaintext);

In this example encrypt function is taking only two arguments messageToEncrypt and salt. Rest of the configuration would be inside its definition. I am not a javascript guy so its difficult to find and understand encrypt definition.

I want to achieve same AES encryption using java. So for same input argument e.g. messageToEncrypt and salt I should get same encrypted text using crypto-js library and Java implementation.

I tried javax.crypto by exploring some links on google. 

String plainText = "messageToEncrypt";
String key = "mySalt";
SecretKey secKey = new SecretKeySpec(key.getBytes("UTF-8"), "AES");
Cipher aesCipher = Cipher.getInstance("AES");
aesCipher.init(Cipher.ENCRYPT_MODE, secKey);
byte[] x = aesCipher.doFinal(plainText.getBytes());
System.out.println(x);

But this is not working for me because I dont know exact parameters like keySize and iterationCount.

I tried to use https://github.com/mpetersen/aes-example/blob/master/src/main/java/org/cloudme/sample/aes/AesUtil.java also but again I am not sure about keySize and iterationCount.

How can I create simple exact implementation of crypto-js's AES encryption in java?

Alok
  • 7,734
  • 8
  • 55
  • 100
  • maybe have a look at https://stackoverflow.com/questions/992019/java-256-bit-aes-password-based-encryption – Lino Dec 28 '17 at 12:23

1 Answers1

-1

After some hit and trial I got working implementation in Java. 

import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Base64;

import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

public class TestAES {

    static String encrypt(String textToEncrypt, String myOwnSalt) throws Exception {
        final byte[] pass = textToEncrypt.getBytes(StandardCharsets.UTF_8);
        final byte[] salt = (new SecureRandom()).generateSeed(8);
        final byte[] inBytes = myOwnSalt.getBytes(StandardCharsets.UTF_8);

        final byte[] passAndSalt = array_concat(pass, salt);
        byte[] hash = new byte[0];
        byte[] keyAndIv = new byte[0];
        for (int i = 0; i < 3 && keyAndIv.length < 48; i++) {
            final byte[] hashData = array_concat(hash, passAndSalt);
            final MessageDigest md = MessageDigest.getInstance("MD5");
            hash = md.digest(hashData);
            keyAndIv = array_concat(keyAndIv, hash);
        }

        final byte[] keyValue = Arrays.copyOfRange(keyAndIv, 0, 32);
        final byte[] iv = Arrays.copyOfRange(keyAndIv, 32, 48);
        final SecretKeySpec key = new SecretKeySpec(keyValue, "AES");

        final Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(iv));
        byte[] data = cipher.doFinal(inBytes);
        data =  array_concat(array_concat("Salted__".getBytes(StandardCharsets.UTF_8), salt), data);
        return Base64.getEncoder().encodeToString( data );
    }

    private static byte[] array_concat(final byte[] a, final byte[] b) {
        final byte[] c = new byte[a.length + b.length];
        System.arraycopy(a, 0, c, 0, a.length);
        System.arraycopy(b, 0, c, a.length, b.length);
        return c;
    }

    public static void main(String[] args) throws Exception {
        String s = encrypt("myPassword", "2ErFG");
        System.out.println(s);
    }

}
Alok
  • 7,734
  • 8
  • 55
  • 100