TechQA.

JNCryptor: Why does my call to decryptData not produce the correct result?

270 views Asked by At

I need use the JNCryptor library in a project, so I am first trying to get a very simple example of encryption/decryption to work. My program just encrypts a short string, then decrypts it and displays the result. The problem is that I don't get the original text back. Here is the output when it runs:

C:\Java\JNCryptor_Test>java JNCryptorTest
Encrypted text: [B@2cfb4a64
Encrypted text back to plain text: [B@5474c6c

Can anyone tell me what I am doing wrong?

Here is the source code for my class JNCryptorTest:

import org.cryptonode.jncryptor.JNCryptor;
import org.cryptonode.jncryptor.AES256JNCryptor;
import org.cryptonode.jncryptor.CryptorException;


public class JNCryptorTest
{
    private static String plaintext = "Hello, World!";
    private static String password = "secretsquirrel";

    public static void main(String[] args)
    {
        AllowAes256BitKeys.fixKeyLength();
        byte[] encrypted = encrypt(plaintext);
        System.out.println("Encrypted text: " + encrypted.toString());
        String decrypted = decrypt(encrypted);
        System.out.println("Encrypted text back to plain text: " + decrypted);
    }

    private static byte[] encrypt(String s)
    {
        JNCryptor cryptor = new AES256JNCryptor();
        try
        {
            return cryptor.encryptData(s.getBytes(), password.toCharArray());
        }
        catch (CryptorException e)
        {
            // Something went wrong
            e.printStackTrace();
            return null;
        }
    }


    private static String decrypt(byte[] msg)
    {
        JNCryptor cryptor = new AES256JNCryptor();
        try
        {
            return (cryptor.decryptData(msg,
                                        password.toCharArray())).toString();
        }
        catch (CryptorException e)
        {
            // Something went wrong
            e.printStackTrace();
            return null;
        }
    }
}

Also, I had to create the class AllowAes256BitKeys to allow 256-bit keys. It was recommended to install the "unlimited strength jurisdiction files" into the JVM, but that is unacceptable at our site, so I found a way to do it without that (see Java Security: Illegal key size or default parameters?).

Here is the source code for my class AllowAes256BitKeys:

import javax.crypto.Cipher;
import java.lang.reflect.Constructor;
import java.lang.reflect.Field;
import java.lang.reflect.Modifier;
import java.util.Map;


public class AllowAes256BitKeys
{
    // From https://stackoverflow.com/questions/6481627/java-security-illegal-key-size-or-default-parameters

    public static void fixKeyLength()
    {
        String errorString =
            "Unable to manually override key-length permissions.";
        int newMaxKeyLength;
        try
        {
            if ((newMaxKeyLength = Cipher.getMaxAllowedKeyLength("AES")) < 256)
            {
                Class<?> c =
                    Class.forName("javax.crypto.CryptoAllPermissionCollection");
                Constructor con = c.getDeclaredConstructor();
                con.setAccessible(true);
                Object allPermissionCollection = con.newInstance();
                Field f = c.getDeclaredField("all_allowed");
                f.setAccessible(true);
                f.setBoolean(allPermissionCollection, true);

                c = Class.forName("javax.crypto.CryptoPermissions");
                con = c.getDeclaredConstructor();
                con.setAccessible(true);
                Object allPermissions = con.newInstance();
                f = c.getDeclaredField("perms");
                f.setAccessible(true);
                // Warnings suppressed because CryptoPermissions uses a raw Map
                @SuppressWarnings({"unchecked"})
                Object junk =  // Only need this so we can use @SuppressWarnings
                    ((Map) f.get(allPermissions)).put("*", allPermissionCollection);
//              ((Map) f.get(allPermissions)).put("*", allPermissionCollection);

                c = Class.forName("javax.crypto.JceSecurityManager");
                f = c.getDeclaredField("defaultPolicy");
                f.setAccessible(true);
                Field mf = Field.class.getDeclaredField("modifiers");
                mf.setAccessible(true);
                mf.setInt(f, f.getModifiers() & ~Modifier.FINAL);
                f.set(null, allPermissions);

                newMaxKeyLength = Cipher.getMaxAllowedKeyLength("AES");
            }
        }
        catch (Exception e)
        {
            throw new RuntimeException(errorString, e);
        }
    if (newMaxKeyLength < 256)
        throw new RuntimeException(errorString); // hack failed
    }
}

Thanks

java jncryptor
Original Q&A
1

There are 1 answers

0
Frank K. On

However, I was able to resolve this myself with some help from a more experienced Java developer. It turns out that there was no issue with JNCryptor; the problem is that I was converting the decrypted result (a byte array) into a String incorrectly. The toString method is not the correct way to do that; you have to create a new String object and pass the byte array to its constructor.

So I changed this line in my decrypt method

return (cryptor.decryptData(msg, password.toCharArray())).toString();

to this

return (new String(cryptor.decryptData(msg, password.toCharArray())));

and then I got the correct result:

Encrypted text: [B@2cfb4a64
Encrypted text back to plain text: Hello, World!

So actually, JNCryptor was working correctly the whole time- It was my code which displayed the result that was the problem.

Related Questions in JAVA

Related Questions in JNCRYPTOR

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions