Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Need Help with Error: DES PBE without Salt?

843811Mar 15 2007 — edited Mar 15 2007
I know nothing about encryption or how it works.
I found this code online and would like to make one minor change.
Is it possible to use the same code but without a Salt?

All I editted (and the problem) is in the
public DesEncrypter(String passPhrase){} method.

When I edit the code I get the following error: 
ERROR: INIT
java.security.InvalidKeyException: requires PBE parameters
        at com.sun.crypto.provider.PBEWithMD5AndDESCipher.engineInit(DashoA13*..)
        at javax.crypto.Cipher.a(DashoA13*..)
        at javax.crypto.Cipher.a(DashoA13*..)
        at javax.crypto.Cipher.init(DashoA13*..)
        at javax.crypto.Cipher.init(DashoA13*..)
        at DesEncrypter.<init>(DesEncrypter.java:73)
        at DesEncrypter.main(DesEncrypter.java:28)
Caused by: java.security.InvalidAlgorithmParameterException: Parameters missing
        at com.sun.crypto.provider.SunJCE_ab.a(DashoA13*..)
        at com.sun.crypto.provider.PBEWithMD5AndDESCipher.engineInit(DashoA13*..)
        ... 7 more

ERROR: DECRYPT
java.lang.IllegalStateException: Cipher not initialized
        at javax.crypto.Cipher.c(DashoA13*..)
        at javax.crypto.Cipher.doFinal(DashoA13*..)
        at DesEncrypter.decrypt(DesEncrypter.java:113)
        at DesEncrypter.main(DesEncrypter.java:31)

Text: Don't tell anybody!
Password: password
Encrypt: 80p+Wip2eyVFnmSOwOSAPbHXy00MCsKx
Decrypt: null

Press any key to continue . . .
Here is the code (I commented out the original working piece
of code which is followed by the non-salt version):
/*
http://www.exampledepot.com/egs/javax.crypto/DesString.html
*/

import javax.crypto.*;
import javax.crypto.spec.*;

import java.io.*;
import java.security.spec.*;


public class DesEncrypter{

public static void main(String[] args){

	try {

	String text = "Don't tell anybody!";
	String password = "password";

	// Generate a temporary key. In practice, you would save this key.
	// See also e464 Encrypting with DES Using a Pass Phrase.
	SecretKey key = KeyGenerator.getInstance("DES").generateKey();

	// Create encrypter/decrypter class
	//DesEncrypter encrypter = new DesEncrypter(key);
	DesEncrypter encrypter = new DesEncrypter(password);

	String encrypted = encrypter.encrypt(text);
	String decrypted = encrypter.decrypt(encrypted);

	System.out.println("Text: " + text);
	System.out.println("Password: " + password);
	System.out.println("Encrypt: " + encrypted);
	System.out.println("Decrypt: " + decrypted);

	} catch(Exception e){
	System.out.println("\nERROR: MAIN");
	e.printStackTrace();
	}

}

public DesEncrypter(String passPhrase){

	try {

/*
	// Create the key
	KeySpec keySpec = new PBEKeySpec(passPhrase.toCharArray(), salt, iterationCount);
	SecretKey key = SecretKeyFactory.getInstance("PBEWithMD5AndDES").generateSecret(keySpec);

	ecipher = Cipher.getInstance(key.getAlgorithm());
	dcipher = Cipher.getInstance(key.getAlgorithm());

	// Prepare the parameter to the ciphers
	AlgorithmParameterSpec paramSpec = new PBEParameterSpec(salt, iterationCount);

	// Create the ciphers
	ecipher.init(Cipher.ENCRYPT_MODE, key, paramSpec);
	dcipher.init(Cipher.DECRYPT_MODE, key, paramSpec);
*/


	KeySpec keySpec = new PBEKeySpec(passPhrase.toCharArray());
	SecretKey key = SecretKeyFactory.getInstance("PBEWithMD5AndDES").generateSecret(keySpec);

	ecipher = Cipher.getInstance(key.getAlgorithm());
	dcipher = Cipher.getInstance(key.getAlgorithm());

	ecipher.init(Cipher.ENCRYPT_MODE, key);
	dcipher.init(Cipher.DECRYPT_MODE, key);


	} catch(Exception e){
	System.out.println("\nERROR: INIT");
	e.printStackTrace();
	}

}

public String encrypt(String str){

	try{

	// Encode the string into bytes using utf-8
	byte[] utf8 = str.getBytes("UTF8");

	// Encrypt
	byte[] enc = ecipher.doFinal(utf8);

	// Encode bytes to base64 to get a string
	return new sun.misc.BASE64Encoder().encode(enc);

	} catch(Exception e){
	System.out.println("\nERROR: ENCRYPT");
	e.printStackTrace();
	}

	return null;

}

public String decrypt(String str){

	try{

	// Decode base64 to get bytes
	byte[] dec = new sun.misc.BASE64Decoder().decodeBuffer(str);

	// Decrypt
	byte[] utf8 = dcipher.doFinal(dec);

	// Decode using utf-8
	return new String(utf8, "UTF8");

	} catch(Exception e){
	System.out.println("\nERROR: DECRYPT");
	e.printStackTrace();
	}

	return null;

}

	Cipher ecipher;
	Cipher dcipher;

	byte[] salt = {	(byte)0xA9, (byte)0x9B, (byte)0xC8, (byte)0x32,
					(byte)0x56, (byte)0x35, (byte)0xE3, (byte)0x03};

	int iterationCount = 19;

}
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Apr 12 2007
Added on Mar 15 2007
#cryptography
1 comment
1,994 views