Quantcast

[crypto] Last 16 bytes not being consumed?

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[crypto] Last 16 bytes not being consumed?

Dan Quaroni
I've posted this at SO as well where it has nicer formatting, but I'll
include the question here as well.  See
http://stackoverflow.com/questions/42147559/java-cryptocipher-doesnt-consume-all-input-bytes

I'm trying to convert from using Chilkat's proprietary decryption library
to Apache's commons codec.

I have 2 example encrypted inputs I'm working with. The first is 16 bytes
and the second is 96 bytes. The first one works great, but on the second
one the CryptoCipher doesn't appear to be consuming the last 16 bytes.

Here's some example code of the setup and decryption and the output:

   Properties properties = new Properties();
    CryptoCipher crypt =
CryptoCipherFactory.getCryptoCipher("AES/CBC/PKCS5Padding", properties);
    MessageDigest digest = MessageDigest.getInstance("SHA-256");

    byte[] hashedKeyBytes = digest.digest("SHARED_SECRET".getBytes(
            StandardCharsets.UTF_8));
    MessageDigest ivDigest = MessageDigest.getInstance("MD5");

    byte[] ivBytes =
ivDigest.digest("SHARED_SECRET".getBytes(StandardCharsets.UTF_8));
    final SecretKeySpec key = new SecretKeySpec(hashedKeyBytes, "AES");
    IvParameterSpec iv = new IvParameterSpec(ivBytes);

    crypt.init(Cipher.DECRYPT_MODE, key, iv);

    ByteBuffer encBuffer = ByteBuffer.allocateDirect(enc.length);
    System.out.println("--" + enc.length);
    encBuffer.put(enc);
    encBuffer.flip();
    System.out.println("encln " + encBuffer.limit());

    ByteBuffer decoded = ByteBuffer.allocateDirect(bufferSize);
    CryptoCipher crypt = init();

    System.out.println("consume " + crypt.update(encBuffer, decoded));
    System.out.println("finish " + crypt.doFinal(encBuffer, decoded));
    decoded.flip();
    return asString(decoded);

This produces these 2 outputs for the 2 inputs:

Short input:

--16
encln 16
consume 0
finish 13
Long input:

--96
encln 96
consume 80
finish 3

As you can see it's only consuming 80 bytes out of the input... Since the
shorter input produces the correct output as compared to what Chilkat
produced, I'm not sure where to approach this to get it to work with the
longer input.

When I print out the string representation of the decrypted contents, there
are 33 characters missing from the end that should be there.
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [crypto] Last 16 bytes not being consumed?

Marcelo Vanzin
I haven't had problems using the API like that. Can you share code
that actually compiles? There are some missing parameters in the code
you posted that might make a difference.

e.g. what's the size of the output buffer (decoded).

On Thu, Feb 9, 2017 at 2:41 PM, Dan Quaroni <[hidden email]> wrote:

> I've posted this at SO as well where it has nicer formatting, but I'll
> include the question here as well.  See
> http://stackoverflow.com/questions/42147559/java-cryptocipher-doesnt-consume-all-input-bytes
>
> I'm trying to convert from using Chilkat's proprietary decryption library
> to Apache's commons codec.
>
> I have 2 example encrypted inputs I'm working with. The first is 16 bytes
> and the second is 96 bytes. The first one works great, but on the second
> one the CryptoCipher doesn't appear to be consuming the last 16 bytes.
>
> Here's some example code of the setup and decryption and the output:
>
>    Properties properties = new Properties();
>     CryptoCipher crypt =
> CryptoCipherFactory.getCryptoCipher("AES/CBC/PKCS5Padding", properties);
>     MessageDigest digest = MessageDigest.getInstance("SHA-256");
>
>     byte[] hashedKeyBytes = digest.digest("SHARED_SECRET".getBytes(
>             StandardCharsets.UTF_8));
>     MessageDigest ivDigest = MessageDigest.getInstance("MD5");
>
>     byte[] ivBytes =
> ivDigest.digest("SHARED_SECRET".getBytes(StandardCharsets.UTF_8));
>     final SecretKeySpec key = new SecretKeySpec(hashedKeyBytes, "AES");
>     IvParameterSpec iv = new IvParameterSpec(ivBytes);
>
>     crypt.init(Cipher.DECRYPT_MODE, key, iv);
>
>     ByteBuffer encBuffer = ByteBuffer.allocateDirect(enc.length);
>     System.out.println("--" + enc.length);
>     encBuffer.put(enc);
>     encBuffer.flip();
>     System.out.println("encln " + encBuffer.limit());
>
>     ByteBuffer decoded = ByteBuffer.allocateDirect(bufferSize);
>     CryptoCipher crypt = init();
>
>     System.out.println("consume " + crypt.update(encBuffer, decoded));
>     System.out.println("finish " + crypt.doFinal(encBuffer, decoded));
>     decoded.flip();
>     return asString(decoded);
>
> This produces these 2 outputs for the 2 inputs:
>
> Short input:
>
> --16
> encln 16
> consume 0
> finish 13
> Long input:
>
> --96
> encln 96
> consume 80
> finish 3
>
> As you can see it's only consuming 80 bytes out of the input... Since the
> shorter input produces the correct output as compared to what Chilkat
> produced, I'm not sure where to approach this to get it to work with the
> longer input.
>
> When I print out the string representation of the decrypted contents, there
> are 33 characters missing from the end that should be there.



--
Marcelo

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [crypto] Last 16 bytes not being consumed?

Dan Quaroni
I'm found the problem and I'm kicking myself for not seeing it sooner.

I adapted the sample code from the Commons crypto page, including the asString() method which I discovered truncated the output to the min of the byte array length or 50.....  I don't know why it does that but I didn't think to look at it until I was tearing my hair out :)

 - Q

> On Feb 10, 2017, at 7:32 PM, Marcelo Vanzin <[hidden email]> wrote:
>
> I haven't had problems using the API like that. Can you share code
> that actually compiles? There are some missing parameters in the code
> you posted that might make a difference.
>
> e.g. what's the size of the output buffer (decoded).
>
>> On Thu, Feb 9, 2017 at 2:41 PM, Dan Quaroni <[hidden email]> wrote:
>> I've posted this at SO as well where it has nicer formatting, but I'll
>> include the question here as well.  See
>> http://stackoverflow.com/questions/42147559/java-cryptocipher-doesnt-consume-all-input-bytes
>>
>> I'm trying to convert from using Chilkat's proprietary decryption library
>> to Apache's commons codec.
>>
>> I have 2 example encrypted inputs I'm working with. The first is 16 bytes
>> and the second is 96 bytes. The first one works great, but on the second
>> one the CryptoCipher doesn't appear to be consuming the last 16 bytes.
>>
>> Here's some example code of the setup and decryption and the output:
>>
>>   Properties properties = new Properties();
>>    CryptoCipher crypt =
>> CryptoCipherFactory.getCryptoCipher("AES/CBC/PKCS5Padding", properties);
>>    MessageDigest digest = MessageDigest.getInstance("SHA-256");
>>
>>    byte[] hashedKeyBytes = digest.digest("SHARED_SECRET".getBytes(
>>            StandardCharsets.UTF_8));
>>    MessageDigest ivDigest = MessageDigest.getInstance("MD5");
>>
>>    byte[] ivBytes =
>> ivDigest.digest("SHARED_SECRET".getBytes(StandardCharsets.UTF_8));
>>    final SecretKeySpec key = new SecretKeySpec(hashedKeyBytes, "AES");
>>    IvParameterSpec iv = new IvParameterSpec(ivBytes);
>>
>>    crypt.init(Cipher.DECRYPT_MODE, key, iv);
>>
>>    ByteBuffer encBuffer = ByteBuffer.allocateDirect(enc.length);
>>    System.out.println("--" + enc.length);
>>    encBuffer.put(enc);
>>    encBuffer.flip();
>>    System.out.println("encln " + encBuffer.limit());
>>
>>    ByteBuffer decoded = ByteBuffer.allocateDirect(bufferSize);
>>    CryptoCipher crypt = init();
>>
>>    System.out.println("consume " + crypt.update(encBuffer, decoded));
>>    System.out.println("finish " + crypt.doFinal(encBuffer, decoded));
>>    decoded.flip();
>>    return asString(decoded);
>>
>> This produces these 2 outputs for the 2 inputs:
>>
>> Short input:
>>
>> --16
>> encln 16
>> consume 0
>> finish 13
>> Long input:
>>
>> --96
>> encln 96
>> consume 80
>> finish 3
>>
>> As you can see it's only consuming 80 bytes out of the input... Since the
>> shorter input produces the correct output as compared to what Chilkat
>> produced, I'm not sure where to approach this to get it to work with the
>> longer input.
>>
>> When I print out the string representation of the decrypted contents, there
>> are 33 characters missing from the end that should be there.
>
>
>
> --
> Marcelo
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Loading...