Java String not equal String?-CodePudding

I want to decrypt a String. Here my Decryption and Encryption methods.

public String encrypt(String message) throws Exception {
    byte[] messageInBytes = message.getBytes();
    encryptionCipher = Cipher.getInstance("AES/GCM/NoPadding");
    encryptionCipher.init(Cipher.ENCRYPT_MODE, key);
    byte[] encryptedBytes = encryptionCipher.doFinal(messageInBytes);
    return encode(encryptedBytes);
}

public String decrypt(String encryptedMessage) throws Exception {
    byte[] messageInBytes = decode(encryptedMessage);
    Cipher decryptionCipher = Cipher.getInstance("AES/GCM/NoPadding");
    GCMParameterSpec spec = new GCMParameterSpec(T_LEN , encryptionCipher.getIV());
    decryptionCipher.init(Cipher.DECRYPT_MODE, key, spec);
    byte[] decryptedBytes = decryptionCipher.doFinal(messageInBytes);
    return new String(decryptedBytes);
}

Here the main:

public static void main(String[] args) {
    try {
        AES aes = new AES();
        aes.convertStringKeyToSecretKey();
        String encryptedMessage = aes.encrypt("Peter");
        String decryptedMessage = aes.decrypt(encryptedMessage);

        System.err.println("Encrypted Message : "   encryptedMessage);
        System.err.println("Decrypted Message : "   decryptedMessage);
    } catch (Exception ignored) {
    }
}

When I change encryptedMessage to a own String like:

String decryptedMessage = aes.decrypt("xDFzl9HsenqKspdEbL/m9I5X6dqn");

It does nothing

I hope you can help me.

Best Regards

Christian

CodePudding user response：

public static String encryptAES(String toEncrypt, final String key1, final String key2) throws Exception {
            try {
                byte[] iv = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
                IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);

                SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
                KeySpec keySpec = new PBEKeySpec(key1.toCharArray(), key2.getBytes(), 65536, 256);
                SecretKey secretKey = secretKeyFactory.generateSecret(keySpec);
                SecretKeySpec secretKeySpec = new SecretKeySpec(secretKey.getEncoded(), "AES");
                Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
                cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, ivParameterSpec);

                return Base64.getEncoder().encodeToString(cipher.doFinal(toEncrypt.getBytes(StandardCharsets.UTF_8)));
            } catch (Exception ex) {
                throw new Exception(ex);
            }
        }

        public static String decryptAES(String toDecrypt, final String key1, final String key2) throws Exception {
            try {
                byte[] iv = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
                IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);

                SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
                KeySpec keySpec = new PBEKeySpec(key1.toCharArray(), key2.getBytes(), 65536, 256);
                SecretKey secretKey = secretKeyFactory.generateSecret(keySpec);
                SecretKeySpec secretKeySpec = new SecretKeySpec(secretKey.getEncoded(), "AES");
                Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
                cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, ivParameterSpec);

                return new String(cipher.doFinal(Base64.getDecoder().decode(toDecrypt)));
            } catch (Exception ex) {
                throw new Exception(ex);
            }
        }

Here you can still expand its secureness by creating your own IV Spec key, which should contain only 16 character.

Actually, this is how AES encryption worked for me, You can also check this repo in GitHub for additional encryption methods.