0

By referring this im able to implement file encryption in java. And after encryption im encoding the file with base64(note: I do not want to use other libraries, ex: Base64InputStream)

Content of original file is "hello".getBytes(UTF_8);

With below command im able to decrypt(without base64 data)

openssl enc -nosalt -aes-256-cbc -d -in file.crypt -out file.txt -k abcdefghijklmop -md sha1

But im unable to provide base64 encoded file to openssl, tried below commands:

openssl enc -nosalt -aes-256-cbc -d -base64 -in file.base64 -out file.txt -k abcdefghijklmop -md sha1

bad decrypt

base64 file.base64 | openssl enc -d -a -aes-256-cbc > decrypted -k abcdefghijklmop -md sha1

bad magic number

Encryption java code:

 static String password = "abcdefghijklmop";
 public static void encryptNew(String path) {
         try {
             Log.e("test", "encrypt start " + path);
             FileInputStream fis = new FileInputStream(path);
            FileOutputStream fos = new FileOutputStream(path.concat(".crypt"));

            byte[] hash = new byte[0];
         byte[] keyAndIv = new byte[0];
          for (int i = 0; i < 3 && keyAndIv.length < 48; i++) {
                final byte[] hashData = array_concat(hash, password.getBytes(UTF_8));
                final MessageDigest md = MessageDigest.getInstance("SHA-1");
                hash = md.digest(hashData);
                keyAndIv = array_concat(keyAndIv, hash);
           }
           final byte[] keyValue = Arrays.copyOfRange(keyAndIv, 0, 32);
           final byte[] iv = Arrays.copyOfRange(keyAndIv, 32, 48);
           final SecretKeySpec secretKeySpec = new SecretKeySpec(keyValue, "AES");
           IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);

           Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
           cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, ivParameterSpec);
           CipherOutputStream cos = new CipherOutputStream(fos, cipher);
              int b;
            byte[] d = new byte[8];
              while ((b = fis.read(d)) != -1) {
                  cos.write(d, 0, b);
              }
            cos.flush();
           cos.close();
             fis.close();
         } catch (Exception e) {
              e.printStackTrace();
        }
 encodeFile(path.concat(".crypt"));
     }

Encode file code:

public void encodeFile(String path) {
          FileOutputStream stream = null;
          FileReader fr = null;
          try {
              stream = new FileOutputStream(path.concat(".base64"),true);
              fr = new FileReader(path);
          } catch (FileNotFoundException e) {
             e.printStackTrace();
         }
         try {
              BufferedReader br=new BufferedReader(fr);
              String line;
             while((line=br.readLine())!=null)
              {
                 String encoded = android.util.Base64.encodeToString(line.getBytes(), android.util.Base64.DEFAULT);
                 stream.write(encoded.getBytes());
             }
         } catch (IOException e) { e.printStackTrace(); } finally { try { fr.close(); stream.close(); } catch (IOException e) {e.printStackTrace();}}}

Please suggest on correct openssl command to decrypt java(aes encrypted -> base64 encoded) file.

Anees U
  • 1,077
  • 1
  • 12
  • 20
  • In your linked question @Topaco informed you with his comment "The results delivered by encryptfile() and OpenSSL (with -base64 option) are incompatible." that this encryption method don't work with OpenSSL - clearly indicated by "bad magic number". – Michael Fehr Oct 28 '20 at 07:13
  • 1
    The `encodeFile` method does not work reliably, so it will probably not be possible to decrypt the result with OpenSSL (or any other tool). The correct way would be to fix the `encodeFile` method. Also note that deriving a key from a password without salt is a serious security risk. – Topaco Oct 28 '20 at 18:17

0 Answers0