0

Inside Java code, I should decrypt a word encrypted as follows:

echo -n "secret" | openssl enc -aes-256-cbc -base64 -pass pass:password -md SHA1

I'm new to encryption, but I have found some sample how to encrypt/decrypt some AES/CBC with Java. But it requires Salt, Key and Iv. I have found that OpenSsl is deriving these values from the "password", but I don't have found how to do the same in Java in order to decrypt the encrypted value.

Does someone knows how it works ? Are the Salt, Key and/or Iv stored in the ecrypted value ? Thanks for your answers.

Dunedan
  • 1
  • For AES-256-CBC, a salt is not something necessary. In your context, password is the key. Padded with zeros to 32 bytes. Because you didn't specified the IV, the default 16-byte zeros (`0x0000000000000000`) was used. That's all. – Darkman Feb 21 '22 at 16:47
  • But when I'm using the "-p" ou "-P" option of openssl, I can see salt, Iv and Key values. I'm pretty sure that the salt is randomly generated by openssl and its value can be found in the result encrypted value (bytes 8 to 16). – Dunedan Feb 21 '22 at 16:51
  • My mains concern is how are Iv and Keys generated (derived) from the password ? – Dunedan Feb 21 '22 at 16:53
  • 1
    Does [my post here](https://stackoverflow.com/q/11783062/589259) answer your question? – Maarten Bodewes Feb 21 '22 at 16:57
  • Thanks Maarten, it looks like what I was looking for. I'm trying to implement it. – Dunedan Feb 21 '22 at 17:09
  • Well, openssl is probably enabled that by default; not sure. But as far as I know which I did wrote this in `awk`, IV has nothing to do with the password/keys. Just take a look at some java examples, and do something testings. – Darkman Feb 21 '22 at 17:09
  • @Maarten: It is working fine. I can recover "secret" using your code. Thanks you very much. – Dunedan Feb 21 '22 at 17:26

1 Answers1

-1

There are several libraries that support encryption and decryption that make it easy to implement in Java. I recommend you check out the BouncyCastle Lib. Here is a link Bouncy Castle Tutorial to a short tutorial.

hackbell
  • 31
  • 1
  • 6