I am developing a code in Java, in which when a user enters the key, the Initialization Vector and the ciphertext, the program returns the deciphered text, according to the AES / CBC / PKCS5Padding Mode. This code is NOT working, and I would like someone to help me correct it, or to present a better code, please. This Key, this Initialization Vector and this ciphertext were got from this website: https://www.di-mgt.com.au/properpassword.html That is, the plain text must return a simple "Hello World" message. If you know of any Java code that does this, can you please post?
My code, which is experiencing a NullPointerException error:
package encryptdecryptvideo;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.ShortBufferException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
//import javax.crypto.*;
public class EncryptDecryptVideo {
byte[] input;
String inputString;
byte[] keyBytes = "9008873522F55634679EF64CC25E73354".getBytes();
byte[] ivBytes = "B8A112A270D9634EFF3818F6CCBDF5EC".getBytes();
SecretKeySpec key = new SecretKeySpec(keyBytes, "DES");
IvParameterSpec ivSpec = new IvParameterSpec(ivBytes);
Cipher cipher;
byte[] cipherText = "625F094A1FB1677521B6014321A807EC".getBytes();
int ctLength;
public static void main(String args[]) throws InvalidKeyException, InvalidAlgorithmParameterException, ShortBufferException, IllegalBlockSizeException, BadPaddingException {
EncryptDecryptVideo decryptionobject = new EncryptDecryptVideo();
decryptionobject.decrypt();
}
public void decrypt() throws InvalidKeyException, InvalidAlgorithmParameterException, ShortBufferException, IllegalBlockSizeException, BadPaddingException {
cipher.init(Cipher.DECRYPT_MODE, key, ivSpec);
byte[] plainText = new byte[cipher.getOutputSize(ctLength)];
int ptLength = cipher.update(cipherText, 0, ctLength, plainText);
ptLength+= cipher.doFinal(plainText, ptLength);
System.out.println("Plain: "+new String(plainText));
}
}```
Some points that are obvious without deep in further:
First: there is no Cipher instantiation like ("AES/CBC/PKCS5Padding").
Second: Your "SecretKeySpec" will transform the input to a DES-key (and not "AES" as you are asking for in the title).
Third: the "cipher.doFinal" call usually returns a byte array and not any integer value.
Fourth: All of your input data seem to be a hexstring that should be converted to a byte array by something like "hexStringToByteArray" and not by ".getBytes" directly.
Fifth: the webpage you linked to does not use the "password" as direct input to the cipher but performs a password derivation (like PBKDF2) that needs to get replicated in Java code as well.
Sixth: please do not use "DES" anymore as it is broken and UNSECURE.
My recommendation is to use another source for your encryption/decryption than https://www.di-mgt.com.au/properpassword.html.