Return-Path: <user-return-30653-archive-asf-public=cust-asf.ponee.io@commons.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id C6428200C26
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Sat, 11 Feb 2017 01:33:08 +0100 (CET)
Received: by cust-asf.ponee.io (Postfix)
	id C4B90160B6F; Sat, 11 Feb 2017 00:33:08 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id 189DB160B5C
	for <archive-asf-public@cust-asf.ponee.io>; Sat, 11 Feb 2017 01:33:07 +0100 (CET)
Received: (qmail 7712 invoked by uid 500); 11 Feb 2017 00:33:02 -0000
Mailing-List: contact user-help@commons.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:user-help@commons.apache.org>
List-Unsubscribe: <mailto:user-unsubscribe@commons.apache.org>
List-Post: <mailto:user@commons.apache.org>
List-Id: <user.commons.apache.org>
Reply-To: "Commons Users List" <user@commons.apache.org>
Delivered-To: mailing list user@commons.apache.org
Received: (qmail 7700 invoked by uid 99); 11 Feb 2017 00:33:01 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 11 Feb 2017 00:33:01 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id 389B218612B
	for <user@commons.apache.org>; Sat, 11 Feb 2017 00:33:01 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: -0.201
X-Spam-Level: 
X-Spam-Status: No, score=-0.201 tagged_above=-999 required=6.31
	tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7,
	RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_SORBS_SPAM=0.5, SPF_PASS=-0.001,
	URIBL_BLOCKED=0.001] autolearn=disabled
Authentication-Results: spamd3-us-west.apache.org (amavisd-new);
	dkim=pass (2048-bit key) header.d=cloudera-com.20150623.gappssmtp.com
Received: from mx1-lw-us.apache.org ([10.40.0.8])
	by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024)
	with ESMTP id 0BLGqHgD0Lqp for <user@commons.apache.org>;
	Sat, 11 Feb 2017 00:33:00 +0000 (UTC)
Received: from mail-io0-f169.google.com (mail-io0-f169.google.com [209.85.223.169])
	by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTPS id EC42B5F1B3
	for <user@commons.apache.org>; Sat, 11 Feb 2017 00:32:59 +0000 (UTC)
Received: by mail-io0-f169.google.com with SMTP id v96so63328020ioi.0
        for <user@commons.apache.org>; Fri, 10 Feb 2017 16:32:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=cloudera-com.20150623.gappssmtp.com; s=20150623;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to;
        bh=AVK9cu18h1Y+OBIYhiasxECNWe4T3FKxY75T5dySrRU=;
        b=T4C8wqkO3YvBpVP169/zgcCw/iVwgMtTGDnLjYQK+aGGk49eObuJODRYSScYHtA5g0
         vYWqwqaEG2Rn0imO6wLbfigxyPc7BxBA3vqgH3JFEHLzJWvjMz2N/5+LbpR4QkgVtX11
         S0TyluLKEZ12PpXQJkUWDbWcathQGnfiwDm/bDX/m+dgdl9hqt//mqqTJ0croQPtNEwr
         1mS0dieV19dKx0tYGzYpjcWd4tdHGprI2JkKVZx2MWMgzqu0oiK8yFgEpVW4/cebhE56
         tCYQ+hZRMFB5elTLxM8d54GoiEF5UtFkAo73dtN+lwO9awFAlLlOIWct1HGxT1xWBKoG
         Eb/Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to;
        bh=AVK9cu18h1Y+OBIYhiasxECNWe4T3FKxY75T5dySrRU=;
        b=RETpYL882pGld7hyv0CfHTppJsznBjHPLayaZz2OP+CygJiqP/g6tBb06yKPlfaNWQ
         jWKxK1Z7Zww7YMVHpgm5p9eA4jbfK+KwOwjUoyCiSbYUSnq0BeG24HOdrJof37l3CCiX
         UG6wLjOYNJm6VpudPSH5yy+VWXXcY/g8knQKUPQrNz2I9E0lpn3syHmFfwM0AUPJDUsG
         Qh05rxvEXkWg4MU7Qkme4yjC/O7pe3eGvc6T+D4IdDhvih9ognBnKykvAxdPM9zg7RoD
         TQ9LXzOMA3ZePcVEq/y3ok6OKL/BdhojmlknJWarrUmNeuh6sb65GCthjmHUaZSTKsNn
         W+FQ==
X-Gm-Message-State: AMke39lDLxB5xxTTdtFj4jCh20wfFlbYYL/owMgm2NzcRrN2VB+ZWETbmt5uFgbF0oYz1Jw80f4yJCOufT8GIhOP
X-Received: by 10.107.3.18 with SMTP id 18mr10828303iod.234.1486773179013;
 Fri, 10 Feb 2017 16:32:59 -0800 (PST)
MIME-Version: 1.0
Received: by 10.36.164.65 with HTTP; Fri, 10 Feb 2017 16:32:58 -0800 (PST)
In-Reply-To: <CAP1s-NVM=KX_GQymR-mtdU+bc6-SBhV_4gR99YVoT0vu-MTJTQ@mail.gmail.com>
References: <CAP1s-NVM=KX_GQymR-mtdU+bc6-SBhV_4gR99YVoT0vu-MTJTQ@mail.gmail.com>
From: Marcelo Vanzin <vanzin@cloudera.com>
Date: Fri, 10 Feb 2017 16:32:58 -0800
Message-ID: <CAAOnQ7tKxWgAZys9uu=YZRgzz_McwWS9iLqubd3n6SW7MPfSSw@mail.gmail.com>
Subject: Re: [crypto] Last 16 bytes not being consumed?
To: Commons Users List <user@commons.apache.org>
Content-Type: text/plain; charset=UTF-8
archived-at: Sat, 11 Feb 2017 00:33:09 -0000

I haven't had problems using the API like that. Can you share code
that actually compiles? There are some missing parameters in the code
you posted that might make a difference.

e.g. what's the size of the output buffer (decoded).

On Thu, Feb 9, 2017 at 2:41 PM, Dan Quaroni <q@invoke.com> wrote:
> I've posted this at SO as well where it has nicer formatting, but I'll
> include the question here as well.  See
> http://stackoverflow.com/questions/42147559/java-cryptocipher-doesnt-consume-all-input-bytes
>
> I'm trying to convert from using Chilkat's proprietary decryption library
> to Apache's commons codec.
>
> I have 2 example encrypted inputs I'm working with. The first is 16 bytes
> and the second is 96 bytes. The first one works great, but on the second
> one the CryptoCipher doesn't appear to be consuming the last 16 bytes.
>
> Here's some example code of the setup and decryption and the output:
>
>    Properties properties = new Properties();
>     CryptoCipher crypt =
> CryptoCipherFactory.getCryptoCipher("AES/CBC/PKCS5Padding", properties);
>     MessageDigest digest = MessageDigest.getInstance("SHA-256");
>
>     byte[] hashedKeyBytes = digest.digest("SHARED_SECRET".getBytes(
>             StandardCharsets.UTF_8));
>     MessageDigest ivDigest = MessageDigest.getInstance("MD5");
>
>     byte[] ivBytes =
> ivDigest.digest("SHARED_SECRET".getBytes(StandardCharsets.UTF_8));
>     final SecretKeySpec key = new SecretKeySpec(hashedKeyBytes, "AES");
>     IvParameterSpec iv = new IvParameterSpec(ivBytes);
>
>     crypt.init(Cipher.DECRYPT_MODE, key, iv);
>
>     ByteBuffer encBuffer = ByteBuffer.allocateDirect(enc.length);
>     System.out.println("--" + enc.length);
>     encBuffer.put(enc);
>     encBuffer.flip();
>     System.out.println("encln " + encBuffer.limit());
>
>     ByteBuffer decoded = ByteBuffer.allocateDirect(bufferSize);
>     CryptoCipher crypt = init();
>
>     System.out.println("consume " + crypt.update(encBuffer, decoded));
>     System.out.println("finish " + crypt.doFinal(encBuffer, decoded));
>     decoded.flip();
>     return asString(decoded);
>
> This produces these 2 outputs for the 2 inputs:
>
> Short input:
>
> --16
> encln 16
> consume 0
> finish 13
> Long input:
>
> --96
> encln 96
> consume 80
> finish 3
>
> As you can see it's only consuming 80 bytes out of the input... Since the
> shorter input produces the correct output as compared to what Chilkat
> produced, I'm not sure where to approach this to get it to work with the
> longer input.
>
> When I print out the string representation of the decrypted contents, there
> are 33 characters missing from the end that should be there.



-- 
Marcelo

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@commons.apache.org
For additional commands, e-mail: user-help@commons.apache.org