AES string encryption/decryption in C and java

Question

I'm trying to encrypt a string in C and java to look if the result is the same on both sides and later try to decrypt that result in each one of them, but when I run my code the result looks very different on each one

This is my C code:

#include <string.h>
#include <openssl/aes.h>

char key[] = "thisisasecretkey";

 int main(){
 unsigned char text[]="hello world";
 unsigned char enc_out[80];
 unsigned char dec_out[80];

 AES_KEY enc_key, dec_key;

 AES_set_encrypt_key(key, 128, &enc_key);
 AES_encrypt(text, enc_out, &enc_key);

 printf("original:%s\t",text);
 printf("\nencrypted:%s\t",enc_out);
 printf("\n");

 return 0;
}

This is my java code:

package com.caja.utilidades;

import java.security.Key;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;

public class MainClass {

private static final String ALGORITHM = "AES";
private static final String keyValue = "thisisasecretkey";

public static void main(String[] args) throws Exception {
    System.out.println(encrypt("hello world"));
}

public static String encrypt(String valueToEnc) throws Exception {
  Key key = generateKey();
  Cipher cipher = Cipher.getInstance(ALGORITHM);
  cipher.init(Cipher.ENCRYPT_MODE, key);
  byte[] encValue = cipher.doFinal(valueToEnc.getBytes());
  return new String(encValue);
}

private static Key generateKey() throws Exception {
  Key key = new SecretKeySpec(keyValue.getBytes(), ALGORITHM);
  return key;
}


}

In C I'm using openssl library, for C and java I'm using eclipse, thanks in advance.

I made some changes in my code to compare the result in the two programs

New code

C code:

#include <string.h>
#include <openssl/aes.h>

char key[] = "thisisasecretkey";

int main(){
unsigned char text[]="hello world";
unsigned char enc_out[80];
unsigned char dec_out[80];

AES_KEY enc_key, dec_key;

AES_set_encrypt_key(key, 128, &enc_key);
AES_encrypt(text, enc_out, &enc_key);

int i;

printf("original:\t");
for(i=0;*(text+i)!=0x00;i++)
    printf("%02X ",*(text+i));
printf("\nencrypted:\t");
for(i=0;*(enc_out+i)!=0x00;i++)
    printf("%02X ",*(enc_out+i));
printf("\n");

printf("original:%s\t",text);
printf("\nencrypted:%s\t",enc_out);
printf("\ndecrypted:%s\t",dec_out);
printf("\n");

return 0;
}

java code:

import java.security.Key;
import java.security.MessageDigest;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;

public class MainClass {

private static final String ALGORITHM = "AES";
private static final String keyValue = "thisisasecretkey";
final protected static char[] hexArray = "0123456789ABCDEF".toCharArray();

public static void main(String[] args) throws Exception {
    System.out.println(encrypt("hello world"));
}

public static String encrypt(String valueToEnc) throws Exception {
  Key key = generateKey();
  Cipher cipher = Cipher.getInstance(ALGORITHM);
  cipher.init(Cipher.ENCRYPT_MODE, key);
  byte[] encValue = cipher.doFinal(valueToEnc.getBytes());
  System.out.println(bytesToHex(encValue));
  return new String(encValue);
}

private static Key generateKey() throws Exception {
  byte[] key2 = keyValue.getBytes("UTF-8");
  MessageDigest sha = MessageDigest.getInstance("SHA-1");
  key2 = sha.digest(key2);
  key2 = Arrays.copyOf(key2, 16);

  Key key = new SecretKeySpec(key2, ALGORITHM);
  return key;
}

public static String bytesToHex(byte[] bytes) {
    char[] hexChars = new char[bytes.length * 2];
    for ( int j = 0; j < bytes.length; j++ ) {
        int v = bytes[j] & 0xFF;
        hexChars[j * 2] = hexArray[v >>> 4];
        hexChars[j * 2 + 1] = hexArray[v & 0x0F];
    }
    return new String(hexChars);
 }

}

C result:

original:   68 65 6C 6C 6F 20 77 6F 72 6C 64 
encrypted:  17 EF AC E9 35 B1 81 67 EA 7D BB 99 E2 4F D1 E8 70 35 62 BD 
original:hello world    
encrypted:ï¬é5±?gê}»™âOÑèp5b½   
decrypted:hello world   

Java result:

encrypted: 764AA3D074EE1399858ECD7076957D21
encrypted: vJ£Ðtî™…ŽÍpv•}!

Answer 1

I will speak to the Java side; I believe the same comments apply to the C version as well.

You do NOT want to take your encrypted byte array and convert it to a String. In particular, here:

byte[] encValue = cipher.doFinal(valueToEnc.getBytes());
return new String(encValue);

The problem is that new String(byte[] b) is going to interpret the byte array as a string that is encoded with the default encoding. Of course, the byte array is not an encoded string, so this isn't particularly useful.

If you want to get a string that you can use to compare the encrypted byte arrays (visually), the typical approach is to hex-encode the byte array. See How to convert a byte array to a hex string in Java? and How do you convert buffer (byte array) to hex string in C? for more information. There are, of course, many libraries that support this functionality.