Page 2 of 2 First 12
  • Jump to page:
    #16
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2013
    Location
    Dallas, TX
    Posts
    50
    Rep Power
    2
    Originally Posted by 0w1
    Back to Password Based Encryption Using AES, just have to figure out how to convert an object to a string and back.
    Hmm well in your custom object, you can override the toString() method to form your own way of doing so. Then you would have control over the translation back into the object. I can help with this if you don't mind posting the entire LoanAccount object file
  2. #17
  3. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2013
    Posts
    37
    Rep Power
    2
    Originally Posted by BlastPort
    Hmm well in your custom object, you can override the toString() method to form your own way of doing so. Then you would have control over the translation back into the object. I can help with this if you don't mind posting the entire LoanAccount object file
    I was thinking about that but was confused. LoanAccount is the subclass of BankAccount, I'll post their code now. Thanks for your support.
  4. #18
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2013
    Posts
    37
    Rep Power
    2
    I'm just going to encrypt/decrypt the external serialized file.
  6. #19
  7. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2013
    Posts
    37
    Rep Power
    2
    How would I use:
    http://nakkaya.com/2009/10/16/password-based-encryption-using-aes/

    for these parameters:
    int AccRefNo, String Name, String Address, double Balance, double Limit
  8. #20
  9. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2013
    Location
    Dallas, TX
    Posts
    50
    Rep Power
    2
    Originally Posted by 0w1
    How would I use:
    http://nakkaya.com/2009/10/16/password-based-encryption-using-aes/

    for these parameters:
    int AccRefNo, String Name, String Address, double Balance, double Limit
    My apologies for being out of pocket yesterday. I'm going to setup this object on my side today to see if I can get it working with that particular post's help. We'll get this figured out, don't worry!
  10. #21
  11. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2013
    Location
    Dallas, TX
    Posts
    50
    Rep Power
    2
    I was able to get this up and working with your custom object by overriding the toString() method and implementing a constructor that forms an object based on that String. See below for the code. Feel free to change any of the Encryption values and/or the salt, and you can change the delimiter string as well if desired.

    I'm not 100% happy with this approach, since it involves two different places you have to keep track of which fields are in which order (and two places you have to update when you have to add a field to the LoanAccount object). But this should at least get things going in the right direction. Let me know if this helps. Thanks!

    MAIN METHOD (or wherever you're creating and encrypting/decrypting the object):
    Code:
            try {
                // setup a new loan account object
                LoanAccount loanAccount = new LoanAccount();
                loanAccount.setAccRefNo(12345);
                loanAccount.setAddress("123 Happy Lane");
                loanAccount.setBalance(100000.00f);
                loanAccount.setLimit(9999999.00f);
                loanAccount.setName("John Adams");
    
                // encrypt
                Security.addProvider(new BouncyCastleProvider());
                SealedObject encryptedString = EncryptionUtils.encrypt(loanAccount.toString());
    
                // decrypt
                String decryptedString = EncryptionUtils.decrypt(encryptedString);
    
                // create object from decrypted string
                LoanAccount decryptedLoanAccount = new LoanAccount(decryptedString);
            } catch( Exception e ) {
                // log the exception
            }
    LOAN ACCOUNT OBJECT:
    Code:
    public class LoanAccount {
        private int accRefNo;
        private String name;
        private String address;
        private double balance;
        private double limit;
    
        private String DELIMITER_STRING = "%%";
    
        public LoanAccount() {
            name = "";
            address = "";
        }
    
        public LoanAccount(String objectRepresentationString) {
            String[] items = objectRepresentationString.split(DELIMITER_STRING);
    
            accRefNo = Integer.parseInt(items[0]);
            name = items[1];
            address = items[2];
            balance = Double.parseDouble(items[3]);
            limit = Double.parseDouble(items[4]);
        }
    
        @Override
        public String toString() {
            return accRefNo + DELIMITER_STRING +
                    name + DELIMITER_STRING +
                    address + DELIMITER_STRING +
                    balance + DELIMITER_STRING +
                    limit;
        }
    
        // setters and getters
        public int getAccRefNo() {
            return accRefNo;
        }
    
        public void setAccRefNo(int accRefNo) {
            this.accRefNo = accRefNo;
        }
    
        public String getName() {
            return name;
        }
    
        public void setName(String name) {
            this.name = name;
        }
    
        public String getAddress() {
            return address;
        }
    
        public void setAddress(String address) {
            this.address = address;
        }
    
        public double getBalance() {
            return balance;
        }
    
        public void setBalance(double balance) {
            this.balance = balance;
        }
    
        public double getLimit() {
            return limit;
        }
    
        public void setLimit(double limit) {
            this.limit = limit;
        }
    }
    ENCRYPTION-UTILS CLASS:
    Code:
    public class EncryptionUtils {
        private static String algorithm = "PBEWITHSHA256AND128BITAES-CBC-BC";
        private static char[] passPhrase = "secretpass".toCharArray();
        private static byte[] salt = "a9v5n38s".getBytes();
    
        public static SealedObject encrypt(String data) throws Exception{
            PBEParameterSpec pbeParamSpec = new PBEParameterSpec(salt,20);
            PBEKeySpec pbeKeySpec = new PBEKeySpec(passPhrase);
            SecretKeyFactory secretKeyFactory =
                    SecretKeyFactory.getInstance(algorithm);
            SecretKey secretKey = secretKeyFactory.generateSecret(pbeKeySpec);
    
            Cipher cipher = Cipher.getInstance(algorithm);
            cipher.init(Cipher.ENCRYPT_MODE,secretKey,pbeParamSpec);
    
            return new SealedObject(data,cipher);
        }
    
        public static String decrypt(SealedObject sealedObject) throws Exception{
            PBEParameterSpec pbeParamSpec = new PBEParameterSpec(salt,20);
            PBEKeySpec pbeKeySpec = new PBEKeySpec(passPhrase);
            SecretKeyFactory secretKeyFactory =
                    SecretKeyFactory.getInstance(algorithm);
            SecretKey secretKey = secretKeyFactory.generateSecret(pbeKeySpec);
    
            Cipher cipher = Cipher.getInstance(algorithm);
            cipher.init(Cipher.DECRYPT_MODE,secretKey,pbeParamSpec);
            return (String)sealedObject.getObject(cipher);
        }
    }

    Comments on this post

    • 0w1 agrees : Thank You!
  12. #22
  13. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2013
    Posts
    37
    Rep Power
    2
    Thanks for the support. Sorry for the delay, thanks!

    When I try to run the main method and put e.printStackTrace() in the exception I get:

    java.security.InvalidKeyException: Illegal key size
    at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1024)
    at javax.crypto.Cipher.implInit(Cipher.java:790)
    at javax.crypto.Cipher.chooseProvider(Cipher.java:849)
    at javax.crypto.Cipher.init(Cipher.java:1348)
    at javax.crypto.Cipher.init(Cipher.java:1282)
    at pkgBankSystem.EncryptionUtils.encrypt(EncryptionUtils.java:28)
    at pkgBankSystem.TestSealing.main(TestSealing.java:28)

    (I have java's strong encryption policies over-writen with the unlimited encryption policies)


    LoanAccount inherits BankAccount, how would this affect the code?

    My superclass constructor is:
    Code:
        public BankAccount(int intNewAccRefNo, String strNewName,
                String strNewAddress,double dblNewBalance)
        {
            intAccRefNo = intNewAccRefNo;
            strName = strNewName;
            strAddress = strNewAddress;
            dblBalance = dblNewBalance;   
        }
    And my subclass constructor is:
    Code:
        public LoanAccount(int intNewAccRefNo, String strNewName,
                String strNewAddress, double dblNewBalance, double dblNewLimit)
        {
            super(intNewAccRefNo, strNewName, strNewAddress, dblNewBalance);
            dblLimit = dblNewLimit;
        }
  14. #23
  15. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2013
    Posts
    37
    Rep Power
    2
    Some cross collaboration:
    http://forum.codecall.net/topic/76015-aes-256-bits-file-encryption/page-2
  16. #24
  17. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2013
    Location
    Dallas, TX
    Posts
    50
    Rep Power
    2
    Originally Posted by 0w1
    Thanks for the support. Sorry for the delay, thanks!

    When I try to run the main method and put e.printStackTrace() in the exception I get:

    java.security.InvalidKeyException: Illegal key size
    at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1024)
    at javax.crypto.Cipher.implInit(Cipher.java:790)
    at javax.crypto.Cipher.chooseProvider(Cipher.java:849)
    at javax.crypto.Cipher.init(Cipher.java:1348)
    at javax.crypto.Cipher.init(Cipher.java:1282)
    at pkgBankSystem.EncryptionUtils.encrypt(EncryptionUtils.java:28)
    at pkgBankSystem.TestSealing.main(TestSealing.java:28)

    (I have java's strong encryption policies over-writen with the unlimited encryption policies)

    [/CODE]
    oh wow, interesting. I'm actually running this via an Android app, so maybe this is why I'm not seeing the same thing. I ran across this thread as well:

    http://stackoverflow.com/questions/6...legal-key-size

    Back to the drawing boards...
  18. #25
  19. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2013
    Posts
    37
    Rep Power
    2
    I've over-writen my Java's strong strength encryption policies with the unlimited strength encryption policies and I still get that error. Looks like I'm going to have to go back to BouncyCastle because the FlexiProvider doesn't let you set the key so it's pretty much useless which is a shame because it's a great cryptography library, just has that one small major flaw.
  20. #26
  21. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2013
    Location
    Dallas, TX
    Posts
    50
    Rep Power
    2
    Originally Posted by 0w1
    I've over-writen my Java's strong strength encryption policies with the unlimited strength encryption policies and I still get that error. Looks like I'm going to have to go back to BouncyCastle because the FlexiProvider doesn't let you set the key so it's pretty much useless which is a shame because it's a great cryptography library, just has that one small major flaw.
    That is so strange (and frustrating!). Seems like you've got it all in place, but that one issue with the key is preventing the entire process from working. I've been hunting around and not finding anything helpful on the subject. I am going to try to setup just a normal project with IntelliJ, though (not an Android project). I want to try to recreate the same exception you're seeing.
  22. #27
  23. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2013
    Location
    Dallas, TX
    Posts
    50
    Rep Power
    2
    Originally Posted by 0w1
    I've over-writen my Java's strong strength encryption policies with the unlimited strength encryption policies and I still get that error. Looks like I'm going to have to go back to BouncyCastle because the FlexiProvider doesn't let you set the key so it's pretty much useless which is a shame because it's a great cryptography library, just has that one small major flaw.
    Out of curiosity, when you said you were now overriding the policies with the unlimited-strength ones, were you doing the same as what this post indicates (the accepted answer)?

    http://stackoverflow.com/questions/6...ult-parameters

    I.e, downloading the JARs from: http://www.oracle.com/technetwork/ja...ad-429243.html , and including them in your library? And still getting the error about the key size?
  24. #28
  25. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2013
    Posts
    37
    Rep Power
    2
    Originally Posted by BlastPort
    Out of curiosity, when you said you were now overriding the policies with the unlimited-strength ones, were you doing the same as what this post indicates (the accepted answer)?

    http://stackoverflow.com/questions/6...ult-parameters

    I.e, downloading the JARs from: http://www.oracle.com/technetwork/ja...ad-429243.html , and including them in your library? And still getting the error about the key size?
    I didn't add the JARs, that's probably what it was.
Page 2 of 2 First 12
  • Jump to page:

IMN logo majestic logo threadwatch logo seochat tools logo