11

I have a bash script that uses the openssl tool to encrypt.

#!/bin/bash

key128="1234567890123456"
iv="1234567890123456"
openssl enc -aes-128-cbc -in test -out test.enc -K $key128 -iv $iv

And Java code that tries to decrypt the file produced by the script.

public class crypto {

    public static void main( String[] args )
    {
        try {
            File f = new File("test.enc");
            Cipher c;
            Key k;
            String secretString = "01020304050607080900010203040506";
            String ivString = "01020304050607080900010203040506";
            byte[] secret = hexStringToByteArray(secretString);
            byte[] iv = hexStringToByteArray(ivString);

            c = Cipher.getInstance("AES/CBC/PKCS5Padding");
            k = new SecretKeySpec(secret, "AES");
            c.init(Cipher.DECRYPT_MODE, k, new IvParameterSpec(iv));

            CipherInputStream cis = new CipherInputStream(new FileInputStream(f), c);
            BufferedReader br = new BufferedReader(new InputStreamReader(cis));

            String line;
            while ((line = br.readLine()) != null) {
                System.out.println(line);
            }
            br.close();
        } catch (IOException e) {
            System.out.println(e.getMessage());
        } catch (NoSuchAlgorithmException e) {
            System.out.println(e.getMessage());
        } catch (NoSuchPaddingException e) {
            System.out.println(e.getMessage());
        } catch (InvalidKeyException e) {
            System.out.println(e.getMessage());
        } catch (InvalidAlgorithmParameterException e) {
            System.out.println(e.getMessage());
        }

    }

    public static byte[] hexStringToByteArray(String s) {
        int len = s.length();
        byte[] data = new byte[len / 2];
        for (int i = 0; i < len; i += 2) {
            data[i / 2] = (byte) ((Character.digit(s.charAt(i), 16) << 4)
                                 + Character.digit(s.charAt(i+1), 16));
        }
        return data;
    }
}
                                                            33,1          71%

When I run the Java code, it doesn't print anything. Is there a mismatch between the script and Java code?

A secondary question is whether I can rewrite this to use password instead of key/iv. In order to do that, is there a way to know the iv that openssl uses for a given password?

Ravi
  • 3,718
  • 7
  • 39
  • 57
  • 4
    For a start, `1234567890123456` isn't the same as `0x01020304050607080900010203040506`. Same goes for your IV. – Polynomial Dec 01 '11 at 15:35
  • openssl treats each character as a hex value, whereas the Java code is looking at a pair of characters. – Ravi Dec 01 '11 at 15:37
  • Yes, and 0x12 isn't the same as 0x0102. – Polynomial Dec 01 '11 at 16:04
  • You're correct, thanks. I'm surprised that openssl didn't complain I was using only 64 bits for the key and iv. – Ravi Dec 01 '11 at 16:35
  • It would be interesting to see if you were so lucky that you did get a valid PKCS#5 padding after encrypting with that wrong key/iv. Do you get any output if you change the plain text (such as a padding related exception wrapped in an IOException?) Use something that provides integrity/authenticity to get rid of these kind of issues! – Maarten Bodewes Dec 01 '11 at 23:33
  • Answer is here: https://stackoverflow.com/a/55884564/2873507 – Vic Seedoubleyew Apr 27 '19 at 21:12

1 Answers1

16

As @Polynomial mentioned above, the keys and iv's don't match between the bash script and Java code. Changing the bash script to the following solves the problem.

#!/bin/bash

key128="01020304050607080900010203040506"
iv="01020304050607080900010203040506"
openssl enc -aes-128-cbc -in test -out test.enc -K $key128 -iv $iv

If openssl is executed in the following way, it will use a password, and print the key and iv used. That key and iv can be substituted in the Java program above.

openssl enc -nosalt -aes-128-cbc -in test -out test.enc -p
Ravi
  • 3,718
  • 7
  • 39
  • 57
  • Great post, thanks. I was struggling to get openssl blowfish encrypt working then doing a decrypt in Java, this really helps. – Will777 Apr 06 '16 at 06:17
  • Perhaps I haven't got something right but isn't the key too big for the specific version aes? Does the key get truncated? I used different key sizes and i receive different cipher text. – dr.doom Jun 14 '17 at 14:28