Java implementation of C++ encrypt decrypt function(Cryptix toolbox)

Question

Hi I am trying to encrypt and decrypt data that is used in 2 systems( The one is C++ and the other Java) I found a Demo project from code project : Encryption this is the c++ encrypt decrypt functions and it works when I implement the code using the functions :

void main()
{
    try
    {
        CRijndael oRijndael;
        oRijndael.MakeKey("abcdefghabcdefgh", "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", 16, 16);
        char szDataIn[] = "Password12345678";

        char szDataOut[17] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";

        oRijndael.EncryptBlock(szDataIn, szDataOut);

        cout << "[" << szDataIn << "]" << endl;
        cout << "[" << szDataOut << "]" << endl;
        memset(szDataIn, 0, 16);

        oRijndael.DecryptBlock(szDataOut, szDataIn);
        cout << "[" <<  szDataIn << "]"  << endl;

    }
    catch(exception& roException)
    {
        cout << roException.what() << endl;
    }
}

This gives me the following output in the console :

The data is encrypted end decrypted..

Could any one please help me or point me in the right direction for the Java implementation to encrypt and decrypt the same data getting the same results ( encrypt in C++ and then decrypt in Java and encrypt in java decrypt in c++)? In the post they talk about Cryptix toolkit?

Thanks in advance.

Answer 1

This Java code will encrypt/decrypt and produce the same output as your example encoded to hex. The output appears to be identical (and should be), but to be 100% sure you'll need to hex encode the output in your C++ example.

Do note though that your example will only encrypt and decrypt a single block (16 bytes). If you want more than that you'll need to use the CRijndael Encrypt and Decrypt methods (instead of EncryptBlock and DecryptBlock). The Java code below will work with both, no need to modify it.

public static void main(String[] args) throws DecoderException, InvalidKeyException,
        NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException,
        IllegalBlockSizeException, BadPaddingException {
    //Hex encoding/decoding done with Apache Codec
    byte[] key = "abcdefghabcdefgh".getBytes();
    String text = "Password12345678";

    byte[] encrypted = encrypt(key, text.getBytes());
    byte[] decrypted = decrypt(key, encrypted);

    System.out.println("Text: " + text);
    System.out.println("Encrypted: " + Hex.encodeHexString(encrypted));
    System.out.println("Decrypted: " + new String(decrypted));
}

public static byte[] encrypt(byte[] key, byte[] unencrypted) throws NoSuchAlgorithmException,
        NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException,
        IllegalBlockSizeException, BadPaddingException{
    //Set up the cipher and encrypt
    Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding");
    cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(key, "AES"));
    byte[] encrypted = cipher.doFinal(unencrypted);

    return encrypted;
    }

public static byte[] decrypt(byte[] key, byte[] encrypted) throws NoSuchAlgorithmException,
        NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException,
        IllegalBlockSizeException, BadPaddingException{
    //Decrypt the encrypted text
    Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding");
    cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(key, "AES"));
    byte[] decrypted = cipher.doFinal(encrypted);

    return decrypted;
}

Output

Text: Password12345678
Encrypted: 6c7d800fad2bb8593db92847bbbdbeff
Decrypted: Password12345678

A big word of warning to you though, this encryption (ECB, no padding) is highly insecure and you should never use it in a real system. You should really be using CBC with an Initialization Vector and PKCS5 padding.

Answer 2

Be sure not to export encrypted data from char array directly. Either use fixed size output or use byte buffer. It's mandatory because in encrypted string you may have byte combinations that could be interpreted as controll characters, f.e. \0 mark. If that, printing output to file using ...<< szDataOut; may corrupt your encrypted string and unable to full read it by second application (no matter if java or c++).