commons-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Quaroni...@invoke.com>
Subject Re: [crypto] Last 16 bytes not being consumed?
Date Sat, 11 Feb 2017 01:22:30 GMT
I'm found the problem and I'm kicking myself for not seeing it sooner.

I adapted the sample code from the Commons crypto page, including the asString() method which
I discovered truncated the output to the min of the byte array length or 50.....  I don't
know why it does that but I didn't think to look at it until I was tearing my hair out :)

 - Q

> On Feb 10, 2017, at 7:32 PM, Marcelo Vanzin <vanzin@cloudera.com> wrote:
> 
> I haven't had problems using the API like that. Can you share code
> that actually compiles? There are some missing parameters in the code
> you posted that might make a difference.
> 
> e.g. what's the size of the output buffer (decoded).
> 
>> On Thu, Feb 9, 2017 at 2:41 PM, Dan Quaroni <q@invoke.com> wrote:
>> I've posted this at SO as well where it has nicer formatting, but I'll
>> include the question here as well.  See
>> http://stackoverflow.com/questions/42147559/java-cryptocipher-doesnt-consume-all-input-bytes
>> 
>> I'm trying to convert from using Chilkat's proprietary decryption library
>> to Apache's commons codec.
>> 
>> I have 2 example encrypted inputs I'm working with. The first is 16 bytes
>> and the second is 96 bytes. The first one works great, but on the second
>> one the CryptoCipher doesn't appear to be consuming the last 16 bytes.
>> 
>> Here's some example code of the setup and decryption and the output:
>> 
>>   Properties properties = new Properties();
>>    CryptoCipher crypt =
>> CryptoCipherFactory.getCryptoCipher("AES/CBC/PKCS5Padding", properties);
>>    MessageDigest digest = MessageDigest.getInstance("SHA-256");
>> 
>>    byte[] hashedKeyBytes = digest.digest("SHARED_SECRET".getBytes(
>>            StandardCharsets.UTF_8));
>>    MessageDigest ivDigest = MessageDigest.getInstance("MD5");
>> 
>>    byte[] ivBytes =
>> ivDigest.digest("SHARED_SECRET".getBytes(StandardCharsets.UTF_8));
>>    final SecretKeySpec key = new SecretKeySpec(hashedKeyBytes, "AES");
>>    IvParameterSpec iv = new IvParameterSpec(ivBytes);
>> 
>>    crypt.init(Cipher.DECRYPT_MODE, key, iv);
>> 
>>    ByteBuffer encBuffer = ByteBuffer.allocateDirect(enc.length);
>>    System.out.println("--" + enc.length);
>>    encBuffer.put(enc);
>>    encBuffer.flip();
>>    System.out.println("encln " + encBuffer.limit());
>> 
>>    ByteBuffer decoded = ByteBuffer.allocateDirect(bufferSize);
>>    CryptoCipher crypt = init();
>> 
>>    System.out.println("consume " + crypt.update(encBuffer, decoded));
>>    System.out.println("finish " + crypt.doFinal(encBuffer, decoded));
>>    decoded.flip();
>>    return asString(decoded);
>> 
>> This produces these 2 outputs for the 2 inputs:
>> 
>> Short input:
>> 
>> --16
>> encln 16
>> consume 0
>> finish 13
>> Long input:
>> 
>> --96
>> encln 96
>> consume 80
>> finish 3
>> 
>> As you can see it's only consuming 80 bytes out of the input... Since the
>> shorter input produces the correct output as compared to what Chilkat
>> produced, I'm not sure where to approach this to get it to work with the
>> longer input.
>> 
>> When I print out the string representation of the decrypted contents, there
>> are 33 characters missing from the end that should be there.
> 
> 
> 
> -- 
> Marcelo
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@commons.apache.org
> For additional commands, e-mail: user-help@commons.apache.org
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@commons.apache.org
For additional commands, e-mail: user-help@commons.apache.org


Mime
View raw message