AES encrypt/decrypt with Bouncy Castle provider

java cryptography aes bouncycastle
43,936

You would either use

Security.addProvider(new BouncyCastleProvider());
Cipher cipher = Cipher.getInstance("AES", "BC");

or else

Cipher cipher = Cipher.getInstance("AES", new BouncyCastleProvider());

That said, Cipher.getInstance("AES") uses Electronic Codebook, which is insecure. You either want Cipher Block Chaining (Cipher.getInstance("AES/CBC/PKCS5Padding")) or Counter (Cipher.getInstance("AES/CTR/NoPadding")) modes; they are both secure, the primary difference being that CBC requires padding while CTR does not.

Share:
43,936
fikouRaf
Author by

fikouRaf

Java and J2EE ;=)

Updated on April 11, 2020

Comments

  • fikouRaf
    fikouRaf about 4 years

    Here is my implementation of a AES 256 encrypt and decrypt, developed with the native library of JDK 5: 

    public static String encrypt(String key, String toEncrypt) throws Exception {
    Key skeySpec = generateKeySpec(key);
    Cipher cipher = Cipher.getInstance("AES");
    cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
    byte[] encrypted = cipher.doFinal(toEncrypt.getBytes());
    byte[] encryptedValue = Base64.encodeBase64(encrypted);
    return new String(encryptedValue);
}

public static String decrypt(String key, String encrypted) throws Exception {
    Key skeySpec = generateKeySpec(key);
    Cipher cipher = Cipher.getInstance("AES");
    cipher.init(Cipher.DECRYPT_MODE, skeySpec);
    byte[] decodedBytes = Base64.decodeBase64(encrypted.getBytes());
    byte[] original = cipher.doFinal(decodedBytes);
    return new String(original);
}

    I want to implement the same methods with the Boucy Castle API (Java): I've searched a lot, tested a lot, without results ... can someone help me?

    Thanks

    • Perception
      Perception about 11 years
      You do realize that you will be using the same API, but just a different provider right? Anyways, read here.
    • Robert
      Robert about 11 years
      Note that AES256 is by default disabled in all Java versions from Oracle. You have to install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for Java 5. BTW: Java 5 is outdated and insecure. Don't use it anymore.
    • fikouRaf
      fikouRaf about 11 years
      I know that Robert, thanks. Perception, i want to use Boucny Castle because it's more portable thant the native lib of Java (only from JDK 6+)
    • LateralFractal
      LateralFractal over 10 years
      Yes, this is a duplicate but the original has dreadfully sparse answers.
    • ArifMustafa
      ArifMustafa about 6 years
      Sure, it is duplicate but the scenario is different.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

PBEWITHSHA256AND128BITAES-CBC-BC creating java.security.NoSuchAlgorithmException on RedHat 6.4
256bit AES/CBC/PKCS5Padding with Bouncy Castle
How to verify if the private key matches with the certificate..?
AES rijndael encrypt between c and java
AES/CBC/PKCS5Padding issue
What kind of padding should AES use?
Generating 128-bit keys with keytool
java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: IOException : DER input, Integer tag error
Java AES encryption/decryption procedure and usage of Initialization Vector
Can org.bouncycastle.openssl.PEMReader read java.security.PrivateKey?