AES Encryption using 256 bit Encryption key and IV spec parameter


Introduction:

AES is a strong algorithm to encrypt or decrypt the data. Java, .NET and C++ provide different implementation to achieve this kind of encryption. Java has provided certain API's by which data can be encrypted using AES algorithm.

Steps to encrypt the data using AES algorithm , 256 bit encryption key and IV spec:

  1. Create the instance of javax.crypto.Cipher.
    Cipher CIPHER_ENCODER =Cipher.getInstance("AES/CBC/PKCS5Padding");
     
  2. Create the instance of sun.misc.BASE64Decoder.

    BASE64Decoder d64 = new BASE64Decoder();
     
  3. Decode encryption key using decodeBuffer(Encryption Key) method of sun.misc.BASE64Decoder which will return a byte array.

    byte[] b = d64.decodeBuffer(ENCRYPTION_KEY);
     
  4. Copy this byte array into another byte array having size of 32.

    int len = b.length;
    byte[] keyBytes = new byte[32];
    if (len > keyBytes.length) {
    len = keyBytes.length;
    }
    System.arraycopy(b, 0, keyBytes, 0, len);
     
  5. Now create javax.crypto.spec.SecretKeySpec object using this key byte array and "AES" (Type of algorithm).

    SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "AES");
     
  6. Now create javax.crypto.spec.IvParameterSpec object using your IV spec.

    byte[] ivSpec= new byte[]
    {
    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00
    };
    IvParameterSpec ivSpec = new IvParameterSpec(ivSpec);
     
  7. Call the init method of Cipher Instance using encryption mode , key spec(created at step 3), IVParameter Spec (Created at step 6).

    CIPHER_ENCODER.init(Cipher.ENCRYPT_MODE, keySpec ivSpec);
     
  8. Call doFinal method of Cipher by ing the byte array of data which needs to be encrypted .
    String msg = "Message To Encrypt"
    byte[] encrypt = CIPHER_ENCODER .doFinal(msg.getBytes("UTF-8"));
     
  9. Now encode the encrypted data using sun.misc.BASE64Encoder.

    encryptedMsg = ENCODER_64.encode(encrypt);
     
  10. Don't forgot to download policy jar and import in your jre's security folder.

Consolidated Code to encrypt Data:

package com.socialnetwork.controller;
 
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;

public class TestFinal {

       private static final String ALGORITHM = "AES";

       private static final String CIPHER_GETINSTANCE = "AES/CBC/PKCS5Padding";

       private static final BASE64Encoder ENCODER_64 = new BASE64Encoder();

       private static final BASE64Decoder DECODER_64 = new BASE64Decoder();
      
private static final String ENCRYPTION_KEY = "tvIJgJdjAyVmSQuZKGLFh0M4cAF4VDQrWVag0fLBv+o=";      

       static byte[] ivSpec1 = new byte[]
                            {
                                   0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00
                            };

       private static Cipher CIPHER_ENCODER;
      
private static Cipher CIPHER_DECODER;

       private static synchronized Cipher getCipherInstance(boolean encoder)
                    
throws NoSuchAlgorithmException, NoSuchPaddingException,
                     IOException, InvalidKeyException,
                     InvalidAlgorithmParameterException {
             
synchronized (ALGORITHM) {
                    
if (CIPHER_ENCODER == null
                                  || CIPHER_DECODER == null) {
                          
CIPHER_ENCODER = Cipher
                                         .getInstance(
CIPHER_GETINSTANCE);
                          
CIPHER_DECODER = Cipher
                                         .getInstance(
CIPHER_GETINSTANCE);
                          
byte[] keyBytes = new byte[32];
                           BASE64Decoder d64 =
new BASE64Decoder();
                          
byte[] b = d64.decodeBuffer(ENCRYPTION_KEY);
                          
int len = b.length;
                          
if (len > keyBytes.length) {
                                  len = keyBytes.
length;
                           }
                           System.arraycopy(b, 0, keyBytes, 0, len);
                           SecretKeySpec keySpec =
new SecretKeySpec(keyBytes, ALGORITHM);
                           IvParameterSpec ivSpec =
new IvParameterSpec(ivSpec1);
                          
CIPHER_ENCODER.init(Cipher.ENCRYPT_MODE, keySpec,
                                         ivSpec);
                          
CIPHER_DECODER.init(Cipher.DECRYPT_MODE, keySpec,
                                         ivSpec);
                           System.
out.println("Here is key ....>"+keySpec);
                     }
              }
             
if (encoder) {
                    
return CIPHER_ENCODER;
              }
else {
                    
return CIPHER_DECODER;
              }

       }      

       public static String encrypt(final String msg) throws IOException,
                     NoSuchAlgorithmException, GeneralSecurityException {
              String encryptedMsg =
"";
             
byte[] encrypt = getCipherInstance(true).doFinal(msg.getBytes("UTF-8"));
              encryptedMsg =
ENCODER_64.encode(encrypt);
             
return encryptedMsg;
       }

       public static void main(String[] arg) {
             
try
                     String en = encrypt(arg[0]);
                     System.
out.println(en);
              } catch (Exception ex) {
                     ex.printStackTrace();
              }
       }      

}

Next Recommended Readings