How to encrypt an InputStream with JNCryptor

Question

I'm developing an iPad app and using RNCryptor for the encryption and decryption on the device. There is a Java version of this encryption format available in the form of JNCryptor.

I now have data to be read from an InputStream, but I want to encrypt the data before it is read. I found a class called CipherInputStream, which seems to do exactly what I'm looking for. Only thing is, I need a Cipher (and Provider) to specify the encryption method, and I don't know how to do that. Is it even possible to define a custom Provider?

Does anyone have suggestions on alternative ways to use JNCryptor for the encryption of an InputStream?

I will, thanks :) For now I've written my own code, but it would be nice if there was like an "update" method I could call, instead of having to do everything. I think the only method from the library that I can use now is for keygeneration, haha. I've posted my solution in an answer to this question, you might be able to use it :) — Johanneke, Apr 16 '13 at 13:11

Johanneke · Accepted Answer · 2013-04-16T13:30:29.397

In the end I ended up writing a class to read the InputStream, encrypt the data parts at a time, and write to a PipedOutputStream. This PipedOutputStream I then connected to a PipedInputStream, which I eventually returned. The encryption and writing to the PipedOutputStream happens on a separate thread to avoid deadlock.

PipedInputStream pin = new PipedInputStream();
PipedOutputStream pout = new PipedOutputStream(pin);
EncryptionPipe pipe = new EncryptionPipe(5, pout, in, cipher, mac, metaData);
//EncryptionPipe(int interval, OutputStream out, InputStream in
//              ,Cipher cipher, Mac mac, byte[] metaData)
pipe.start();
return pin;

And in EncryptionPipe:

public class EncryptionPipe extends Thread {
    ...
    @Override
    public void run() {
        try {
            mac.update(metaData);
            out.write(metaData);

            byte[] buf = new byte[1024];
            int bytesRead = 0;
            byte[] crypted;
            byte[] hmac;
            while ((bytesRead = in.read(buf)) != -1) {
                if (bytesRead < buf.length) {
                    //the doFinal methods add padding if necessary, important detail!
                    crypted = cipher.doFinal(buf, 0, bytesRead);
                    hmac = mac.doFinal(crypted);

                    ByteArrayOutputStream bytes = new ByteArrayOutputStream();
                    bytes.write(crypted);
                    bytes.write(hmac);
                    crypted = bytes.toByteArray();
                    bytesRead = crypted.length;
                    bytes.close();
                } else {
                    crypted = cipher.update(buf, 0, bytesRead);
                    mac.update(crypted, 0, bytesRead);
                }
                out.write(crypted, 0, bytesRead);
                synchronized (this) {
                    this.wait(interval);
                }
            }
            out.close();
            ...
        }
    }
}

Duncan Jones · Answer 2 · 2014-08-25T13:41:45.650

1

JNCryptor v1.1.0 was released yesterday and provides support for streaming encryption and decryption.

Use AES256JNCryptorInputStream to decrypt and AES256JNCryptorOutputStream to encrypt.

edited Aug 25 '14 at 13:41

answered Aug 24 '14 at 13:41

Duncan Jones

67,400
29
193
254

score 0 · Answer 3 · answered Apr 09 '13 at 15:26

0

You can use the default Java provider. To instantiate a cipher you would use

Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding")

This uses AES and Cipher Block Chaining mode. CBC only works on multiples of 16 bytes, so you're also specifying a way to pad your input to multiples of 16 bytes.

Here is some more sample AES code to get you started

answered Apr 09 '13 at 15:26

Zim-Zam O'Pootertoot

17,888
4
41
69

So is that the same method of encryption as RNCryptor? Because I will need to decrypt the data on the iPad with that library. – Johanneke Apr 10 '13 at 07:29
I looked into it, and I think I should be able to mimic the encryption method of RNCryptor with a Cipher, but I need a specific format for RNCryptor to decrypt it client side. I'm starting to think I might need to read the data into memory and output encrypted data to a piped outputstream or something... – Johanneke Apr 10 '13 at 08:10
Or maybe I should just use SSL, doh – Johanneke Apr 10 '13 at 09:23
I ended up writing code for streaming encryption based on JNCryptor, since SSL wasn't the solution after all. – Johanneke Apr 16 '13 at 13:25

How to encrypt an InputStream with JNCryptor

3 Answers3