Reputation: 19
Java encrypt files with password
Hi I'm a new user and this is my first question: I state that I have no extensive knowledge of cryptography. I'm trying to encrypt files with a user-supplied password and I have found this method:
fileProcessor(Cipher.ENCRYPT_MODE,key,inputFile,newFile);
static void fileProcessor(int cipherMode,String key,File inputFile,File outputFile) {
try {
Key secretKey = new SecretKeySpec(key.getBytes(), "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(cipherMode, secretKey);
FileInputStream inputStream = new FileInputStream(inputFile);
byte[] inputBytes = new byte[(int) inputFile.length()];
inputStream.read(inputBytes);
byte[] outputBytes = cipher.doFinal(inputBytes);
FileOutputStream outputStream = new FileOutputStream(outputFile);
outputStream.write(outputBytes);
inputStream.close();
outputStream.close();
} catch (NoSuchPaddingException | NoSuchAlgorithmException
| InvalidKeyException | BadPaddingException
| IllegalBlockSizeException | IOException e) {
e.printStackTrace();
}
}
The problem is that the program only works if I enter a 16 byte password (I think even a multiple of it is fine). How can I use a password that is not necessarily a multiple of 16 bytes?
Upvotes: 0
Views: 3036
Answers (2)
Reputation: 12075
I'm trying to encrypt files with a user-supplied password
How can I use a password that is not necessarily a multiple of 16 bytes?
To create an encryption key from a user provided password you may check some examples, generally search for "password based encryption"
Here is en example how to create an encryption key using a user password
private static final String PBKDF_ALG = "PBKDF2WithHmacSHA256";
private static final int PBKDF_INTERATIONS = 800000;
// create key from password
SecretKeyFactory secKeyFactory = SecretKeyFactory.getInstance(PBKDF_ALG);
KeySpec pbeSpec = new PBEKeySpec(password.toCharArray(), psswdSalt, PBKDF_INTERATIONS, SYMMETRIC_KEY.length*8);
SecretKey pbeSecretKey = secKeyFactory.generateSecret(pbeSpec);
SecretKey secKey = new SecretKeySpec(pbeSecretKey.getEncoded(), SYMMETRIC_KEY_ALG);
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(cipherMode, secKey) ;
Upvotes: 0
Reputation: 10315
A key (SecretKeySpec) is a cryptographic key and not a simple plaintext password supplied by user. AES standard specifies the following key sizes: 128, 192 or 256 bits.
A key can be created from a text password using a key derivation function, for example PBKDF2.
As Maarten-reinstateMonica mentioned in the comment, Cipher.getInstance("AES") results in AES encryption in ECB mode that is insecure. AES-GCM is strong approved authenticated encryption modes based on AES algorithm.
Also, you need to understand the following concepts before proceeding to the sample code:
- salting
- PBKDF2 password hasing algorithm
- what is confidentiality, integrity and authenticity in Information security
- password strength recommendations
Sample code:
// The number of times that the password is hashed during the derivation of the symmetric key
private static final int PBKDF2_ITERATION_COUNT = 300_000;
private static final int PBKDF2_SALT_LENGTH = 16; //128 bits
private static final int AES_KEY_LENGTH = 256; //in bits
// An initialization vector size
private static final int GCM_NONCE_LENGTH = 12; //96 bits
// An authentication tag size
private static final int GCM_TAG_LENGTH = 128; //in bits
private static byte[] encryptAES256(byte[] input, String password) {
try {
SecureRandom secureRandom = SecureRandom.getInstanceStrong();
// Derive the key, given password and salt
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA512");
// A salt is a unique, randomly generated string
// that is added to each password as part of the hashing process
byte[] salt = new byte[PBKDF2_SALT_LENGTH];
secureRandom.nextBytes(salt);
KeySpec keySpec =
new PBEKeySpec(password.toCharArray(), salt, PBKDF2_ITERATION_COUNT, AES_KEY_LENGTH);
byte[] secret = factory.generateSecret(keySpec).getEncoded();
SecretKey key = new SecretKeySpec(secret, "AES");
// AES-GCM encryption
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
// A nonce or an initialization vector is a random value chosen at encryption time
// and meant to be used only once
byte[] nonce = new byte[GCM_NONCE_LENGTH];
secureRandom.nextBytes(nonce);
// An authentication tag
GCMParameterSpec gcmParameterSpec = new GCMParameterSpec(GCM_TAG_LENGTH, nonce);
cipher.init(Cipher.ENCRYPT_MODE, key, gcmParameterSpec);
byte[] encrypted = cipher.doFinal(input);
// Salt and nonce can be stored together with the encrypted data
// Both salt and nonce have fixed length, so can be prefixed to the encrypted data
ByteBuffer byteBuffer = ByteBuffer.allocate(salt.length + nonce.length + encrypted.length);
byteBuffer.put(salt);
byteBuffer.put(nonce);
byteBuffer.put(encrypted);
return byteBuffer.array();
} catch (Exception e) {
throw new RuntimeException(e);
}
}
private static byte[] decryptAES256(byte[] encrypted, String password) {
try {
// Salt and nonce have to be extracted
ByteBuffer byteBuffer = ByteBuffer.wrap(encrypted);
byte[] salt = new byte[PBKDF2_SALT_LENGTH];
byteBuffer.get(salt);
byte[] nonce = new byte[GCM_NONCE_LENGTH];
byteBuffer.get(nonce);
byte[] cipherBytes = new byte[byteBuffer.remaining()];
byteBuffer.get(cipherBytes);
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA512");
KeySpec keySpec =
new PBEKeySpec(password.toCharArray(), salt, PBKDF2_ITERATION_COUNT, AES_KEY_LENGTH);
byte[] secret = factory.generateSecret(keySpec).getEncoded();
SecretKey key = new SecretKeySpec(secret, "AES");
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
// If encrypted data is altered, during decryption authentication tag verification will fail
// resulting in AEADBadTagException
GCMParameterSpec gcmParameterSpec = new GCMParameterSpec(GCM_TAG_LENGTH, nonce);
cipher.init(Cipher.DECRYPT_MODE, key, gcmParameterSpec);
return cipher.doFinal(cipherBytes);
} catch (Exception e) {
throw new RuntimeException(e);
}
}
public static void main(String[] args) throws Exception {
String password = "Q8yRrM^AvV5r8Yx+"; //Password still has to be strong ehough
String input = "Sample text to encrypt";
byte[] encrypted = encryptAES256(input.getBytes(UTF_8), password);
System.out.println(Base64.getEncoder().encodeToString(encrypted));
//s+AwwowLdSb3rFZ6jJlxSXBvzGz7uB6+g2e97QXGRKUY5sHPgf94AOoybkzuR3rNREMj56Ik1+Co682s4vT2sAQ/
byte[] decrypted = decryptAES256(encrypted, password);
System.out.println(new String(decrypted, UTF_8));
//Sample text to encrypt
}
A few more words about random nonces. If only a few records are encrypted with the same key, then a random nonce does not pose a risk. However, if a large number of records is encrypted with the same key, the risk may become relevant.
A single repeated nonce is usually enough to fully recover the connection’s authentication key. In such faulty implementations, authenticity is lost and an attacker is able to manipulate TLS-protected content.
For safety reasons random nonces should be avoided and a counter should be used.
Upvotes: 4
Related Questions
- Encrypt file in java and decrypt in openssl with key aes
- Using password-based encryption on a file in Java
- encrypt files with AES , with shared password
- File Encryption Decryption with AES
- Encrypting/Decrypting files in Java
- How to encrypt/decrypt a file in Java?
- Encrypting file in java
- Decrypt AES encrypted file in java
- Effectively encrypting files using AES in java
- How to encrypt files other than .txt usin AES in java?