Hello all,
I wrote a program which performs AES (Rijndael) symmetric
encryption&decryption using openssl. And now I need to write another
program which should provide the same functionality in Java - it
should be able to decrypt/encrypt the result of openssl and
vise-versa.
For that purpose I choosed to use BouncyCastle provider for JCE.
The following parameters are used in openssl:
1) Cipher - aes-128-cbc
2) Default padding (is it PKCS5 in openssl ???)
3) Password-based (pw=hardcoded passphrase) routine is as follows:
EVP_BytesToKey (cipher, EVP_md5(), NULL, pw, strlen(pw), 1, key, iv);
* No salt (NULL pointer)
* The key and the IV are not initialized, and therefore are derived
from the given passphrase (which is hardcoded), as far as I
understand.
* MD5 message digest is used.
Basically the implementation in C provides the same result as
"openssl enc -aes-128-cbc -nosalt -in in.txt -base64 -pass
pass:somepassphrase"
Now the only problem is to set the same parameters for JCE. Please
assist - I'll really appreciate if someone can send a working example
(base64 is not needed), or at least how and where to specify all the
corresponding settings.
Thanks a lot in advance!
Vadim
|
|
0
|
|
|
|
Reply
|
 vadim
|
8/4/2004 10:45:56 AM |
|
Vadim Barshtak wrote:
> Hello all,
> I wrote a program which performs AES (Rijndael) symmetric
> encryption&decryption using openssl. And now I need to write another
> program which should provide the same functionality in Java - it
> should be able to decrypt/encrypt the result of openssl and
> vise-versa.
> For that purpose I choosed to use BouncyCastle provider for JCE.
> The following parameters are used in openssl:
>
> 1) Cipher - aes-128-cbc
>
> 2) Default padding (is it PKCS5 in openssl ???)
>
> 3) Password-based (pw=hardcoded passphrase) routine is as follows:
> EVP_BytesToKey (cipher, EVP_md5(), NULL, pw, strlen(pw), 1, key, iv);
>
> * No salt (NULL pointer)
> * The key and the IV are not initialized, and therefore are derived
> from the given passphrase (which is hardcoded), as far as I
> understand.
> * MD5 message digest is used.
Let's see.
Same key and IV for all messages.
Hardcoded passphrase.
You must be writing voting machine software, right?
--Mike Amling
|
|
|
0
|
|
|
|
Reply
|
Michael
|
8/4/2004 11:42:56 AM
|
|
As far as you understand, the question was howto implement the same
parameters in Java rather than choosing the correct ones from
cryptographic aspect. Believe me or not, we had to use password-based
encryption with hardcoded passphrase. Morever, it's sufficient to
fulfill our requirements. But again, it is not relevant.
>
> Let's see.
> Same key and IV for all messages.
> Hardcoded passphrase.
> You must be writing voting machine software, right?
>
> --Mike Amling
|
|
|
0
|
|
|
|
Reply
|
vadim
|
8/4/2004 6:35:53 PM
|
|
have a look at the samples in
file://localhost/j:/jdk1.4.2/docs/guide/security/jce/JCERefGuide.html#SimpleEncrEx
and
http://java.sun.com/j2se/1.4.2/docs/guide/security/jce/JCERefGuide.html#PBEEx.
i hope you are aware of the fact that your system may be insecure if you use
always the same IV for the same key. the IV should be a random value. the
salt value should also be a random value of sufficient length.
Karl
--
Karl Scheibelhofer, IAIK - Graz University of Technology
Inffeldgasse 16a, 8010 Graz, Austria
Fax: +43 316 873 5520
http://jce.iaik.tugraz.at/
"Vadim Barshtak" <vadim@xpert.com> wrote in message
news:6562b3ff.0408040245.23a641e0@posting.google.com...
> Hello all,
> I wrote a program which performs AES (Rijndael) symmetric
> encryption&decryption using openssl. And now I need to write another
> program which should provide the same functionality in Java - it
> should be able to decrypt/encrypt the result of openssl and
> vise-versa.
> For that purpose I choosed to use BouncyCastle provider for JCE.
> The following parameters are used in openssl:
>
> 1) Cipher - aes-128-cbc
>
> 2) Default padding (is it PKCS5 in openssl ???)
>
> 3) Password-based (pw=hardcoded passphrase) routine is as follows:
> EVP_BytesToKey (cipher, EVP_md5(), NULL, pw, strlen(pw), 1, key, iv);
>
> * No salt (NULL pointer)
> * The key and the IV are not initialized, and therefore are derived
> from the given passphrase (which is hardcoded), as far as I
> understand.
> * MD5 message digest is used.
>
> Basically the implementation in C provides the same result as
> "openssl enc -aes-128-cbc -nosalt -in in.txt -base64 -pass
> pass:somepassphrase"
>
> Now the only problem is to set the same parameters for JCE. Please
> assist - I'll really appreciate if someone can send a working example
> (base64 is not needed), or at least how and where to specify all the
> corresponding settings.
>
> Thanks a lot in advance!
> Vadim
|
|
|
0
|
|
|
|
Reply
|
Karl
|
8/6/2004 6:28:39 AM
|
|
Karl Scheibelhofer wrote:
> have a look at the samples in
> file://localhost/j:/jdk1.4.2/docs/guide/security/jce/JCERefGuide.html#SimpleEncrEx
A file: URL?
> and
> http://java.sun.com/j2se/1.4.2/docs/guide/security/jce/JCERefGuide.html#PBEEx.
> i hope you are aware of the fact that your system may be insecure if you use
> always the same IV for the same key. the IV should be a random value. the
> salt value should also be a random value of sufficient length.
--Mike Amling
|
|
|
0
|
|
|
|
Reply
|
Michael
|
8/6/2004 2:04:25 PM
|
|
Karl,
As far as I understand, PBE is the answer - I'll try to overwrite
these examples.
And about IV and salt - of course, I know that both should be random.
However it is not so important in our case - this code was written by
someone else and sutisfied the customer's needs (who asked to avoid
clear-text passwords in configuration files...).
Thanks a lot,
Vadim
"Karl Scheibelhofer" <karl.scheibelhofer@iaik.tugraz.at> wrote in message news:<41132518$0$16036$3b214f66@aconews.univie.ac.at>...
> have a look at the samples in
> file://localhost/j:/jdk1.4.2/docs/guide/security/jce/JCERefGuide.html#SimpleEncrEx
> and
> http://java.sun.com/j2se/1.4.2/docs/guide/security/jce/JCERefGuide.html#PBEEx.
> i hope you are aware of the fact that your system may be insecure if you use
> always the same IV for the same key. the IV should be a random value. the
> salt value should also be a random value of sufficient length.
>
> Karl
>
> --
>
> Karl Scheibelhofer, IAIK - Graz University of Technology
> Inffeldgasse 16a, 8010 Graz, Austria
> Fax: +43 316 873 5520
> http://jce.iaik.tugraz.at/
>
|
|
|
0
|
|
|
|
Reply
|
vadim
|
8/8/2004 10:55:07 AM
|
|
And what's wrong with that? Read RFC 1738, section 3.10.
Michael Amling <nospam@nospam.com> wrote in message news:<JdMQc.3578$r_1.450746@newssvr28.news.prodigy.com>...
> Karl Scheibelhofer wrote:
>
> > have a look at the samples in
> > file://localhost/j:/jdk1.4.2/docs/guide/security/jce/JCERefGuide.html#SimpleEncrEx
>
> A file: URL?
>
> > and
> > http://java.sun.com/j2se/1.4.2/docs/guide/security/jce/JCERefGuide.html#PBEEx.
> > i hope you are aware of the fact that your system may be insecure if you use
> > always the same IV for the same key. the IV should be a random value. the
> > salt value should also be a random value of sufficient length.
>
> --Mike Amling
|
|
|
0
|
|
|
|
Reply
|
vadim
|
8/8/2004 10:56:48 AM
|
|
Vadim Barshtak wrote:
> And what's wrong with that? Read RFC 1738, section 3.10.
Have you succeeded in reading that file from Karl Scheibelhofer's j:
drive?
> Michael Amling <nospam@nospam.com> wrote in message news:<JdMQc.3578$r_1.450746@newssvr28.news.prodigy.com>...
>
>>Karl Scheibelhofer wrote:
>>
>>
>>>have a look at the samples in
>>>file://localhost/j:/jdk1.4.2/docs/guide/security/jce/JCERefGuide.html#SimpleEncrEx
>>
>> A file: URL?
--Mike Amling
|
|
|
0
|
|
|
|
Reply
|
Michael
|
8/8/2004 7:13:42 PM
|
|
|
7 Replies
370 Views
(page loaded in 0.127 seconds)
|
Search |
Post Question |
Groups |
Stream |
About |
Register
1258 articles. 
2 followers. 