0

What I am trying to do is encrypt a string into a byte[] with javax.crypto, send it through a DatagramSocket, then on the receiving side, decrypt it.

public static final String UNICODE = "UTF-8";

private SecretKey key;
private Cipher cipher;

public StringHandler() {
    try {
        key = generateKey("AES");
        cipher = Cipher.getInstance("AES");
    } catch (Exception e) {
        e.printStackTrace();
    }
}

private SecretKey generateKey(String type) throws Exception {
    KeyGenerator gen = KeyGenerator.getInstance(type);
    SecretKey key = gen.generateKey();
    return key;
}

public byte[] encrypt(String msg) {
    try {
        byte[] data = msg.getBytes(UNICODE);
        cipher.init(Cipher.ENCRYPT_MODE, key);
        return cipher.doFinal(data);
    } catch (Exception e) {
        e.printStackTrace();
        return null;
    }
}

public String decrypt(byte[] data) {
    try {
        cipher.init(Cipher.DECRYPT_MODE, key);
        return new String(cipher.doFinal(data), UNICODE);
    } catch (Exception e) {
        e.printStackTrace();
        return null;
    }
}

I read on a website how to encrypt and decrypt data, and I wrote this class. From what I can tell, the security key has to be the same on both sides for it to decrypt properly. Is there any way to convert it to a string or something, then get it from a string on the server side? Currently I have no idea how decrypt it on a different program.

Spencer Nold
  • 41
  • 1
  • 7
  • Well either you have the key distrbution problem or you need to use a fixed key encoded into the programs. – user207421 Aug 14 '20 at 03:13
  • In fact, it seems that you are really just asking how to convert from a SecretKey to a String and back. See https://stackoverflow.com/questions/5355466/converting-secret-key-into-a-string-and-vice-versa – Stephen C Aug 14 '20 at 04:18

1 Answers1

1

You can turn a key represented as an array of bytes into a form that can be sent as "text". Base64 encoding is a common way to do that.

But that doesn't solve your real problem:

Is there any way to convert it to a string or something, then get it from a string on the server side?

The real problem is how to send the string that represents to secret key to the server securely; i.e. without someone else being able to steal the key while it is in transit.

And the answer is that you can't ... without using another encryption mechanism:

  • One possibility to encrypt the secret key with a different secret key that both the client and server already know.
  • A second possibility is to use public key encryption.
  • A third possibility is to use a secure communication system to transmit the secret key. For example a network based on quantum cryptography.

This is far too large a topic to cover here. If you want to understand the "key distribution problem" and its solutions, find a good textbook. Or start with these Wikipedia articles:

Stephen C
  • 698,415
  • 94
  • 811
  • 1,216
  • I understand the key distribution problem, I don't plan on sending the key back and forth. For example, with enigma, there are previously laid out configurations that both sides know for encoding and decoding. I'm trying to do something similar, where I can have a key that is the same on both sides like hard coded in. All I really need is how to get the security keys byte[] and how to get the security key from the byte[]. Thank you for the other help though, I'll almost certainly need it at some later point. – Spencer Nold Aug 14 '20 at 04:09
  • If that is all you are asking: https://stackoverflow.com/questions/5355466/converting-secret-key-into-a-string-and-vice-versa – Stephen C Aug 14 '20 at 04:17
  • You can use ByteBuffer and append the key with the message, on the other side you extract the key part from the byte[] and use it to decrypt the message. – J.Adler Aug 14 '20 at 04:24
  • @J.Adler - Technically, yes. In practice ... that is horribly insecure, unless you have taken steps to encrypt the secret key first. But as it turns out, the OP is not actually asking about transmitting the key at all. (Read his comment above!) – Stephen C Aug 14 '20 at 04:26
  • I seem to have run into another issue. When I make an instance of a DatagramPacket, I use a blank byte[1024], and all of the extra unused bytes mess up the decryption. Is there any easy solution to this? – Spencer Nold Aug 14 '20 at 04:53