0

I've got a tricky situation at the moment.

I need to create an android method that will decrypt an encrypted file that has been encrypted like this:

  • AES256 (Rijndael)
  • Cipher-Block-Chaining (CBC) using an initialization vector of 16 bytes that look like:

{ 0, 1, 1, 2, 3, 5, 8, 13, 21, 34, 55, 89, 144, 233, 122, 100 }

I also know the encryption key to the file, but for now let's say it's: "Boat"

I've been searching around on Google but I could not find a online that used this combination of encryption. Some involved the Rijndael algorithm but didn't let me choose an initialization vector, while others did not support AES256 at all.

Can someone point me into the right direction where to find an example or post some sample code that does the above?

N.B. I don't know if it's important to mention but the output file is always .pdf

Pieter888
  • 4,882
  • 13
  • 53
  • 74

1 Answers1

1

This is a very standard configuration, hard to believe you didn't find any samples. All you need to do is create an IvParameterSpec from your IV bytes and initialize the Cipher with it. Something like this: 

SecretKey key = getEncryptionKey(); 
byte[] iv = new byte[] { 0, 1, 1, 2, 3, 5, 8, 13, 21, 34, 55, 89, (byte)144, (byte)233, 122, 100 };
byte[] cipherBytes = readEncryptedFile();
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
IvParameterSpec ivParams = new IvParameterSpec(iv);
cipher.init(Cipher.DECRYPT_MODE, key, ivParams);
byte[] plaintext = cipher.doFinal(cipherBytes);

BTW, 'Rijndael' is the same as AES, so you'd get better results if you just search for 'AES'.

Nikolay Elenkov
  • 52,576
  • 10
  • 84
  • 84
  • Thanks, but how can I fill `key` with my own key? – Pieter888 Jun 01 '12 at 08:51
  • OK, getting there. What sort string format? Hexadecimal? Base64 encoded? Not actually a key, but a password? Replace characters and post a sample if you are not sure. – Nikolay Elenkov Jun 01 '12 at 09:19
  • It looks like this: `$0rEoS5uAkNk5ovovVWPXsW2buwUy0TU` As far as I know this is not encoded at all. This IS the encryption key. – Pieter888 Jun 01 '12 at 09:23
  • If it is a string, it mean is is encoded. A key is a sequence of bytes. You have to check with whoever produced this key about the actual format. If you assume that each character is a byte (unlikely, unless you have a really weak key), you can convert to a `SecretKey` like this: `SecretKey = new SecretKeySpec("$0rEoS5uAkNk5ovovVWPXsW2buwUy0TU".getBytes("ASCII"));` – Nikolay Elenkov Jun 01 '12 at 09:26
  • Ahh I get it now, I didn't realize I had to create the `SecretKey` using `SecretKeySpec`. Thanks for your help! – Pieter888 Jun 01 '12 at 09:30
  • Buggers the mind. First choose AES-256 encryption, and then more than half the key size by allowing ASCII characters only. Keys should be specified in bytes, and *if* they are needed as String, hex or base64 encode them. – Maarten Bodewes Jun 01 '12 at 13:30
  • @owlstead Sad but true. If it were only this one case... Some people even pad the string with zeros if it's shorter than the 128/256 bits needed. – Nikolay Elenkov Jun 01 '12 at 13:39