Initial Bytes Incorrect After Java AES/CBC Decryption
Issue:
When attempting to decrypt an AES/CBC-encrypted string in Java, the initial bytes of the decrypted result are erroneous.
Example:
The following code demonstrates the issue:
import javax.crypto.Cipher; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; public class AESEncryptionExample { public static void encryptDecryptString() { try { String key = "mySecretKey"; String value = "This is a test message"; String initVector = "initializationVector"; // 16-byte (128-bit) initialization vector IvParameterSpec iv = new IvParameterSpec(initVector.getBytes()); SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes(), "AES"); // Create encrypt cipher Cipher encryptCipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); encryptCipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv); byte[] encryptedBytes = encryptCipher.doFinal(value.getBytes()); // Create decrypt cipher Cipher decryptCipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); decryptCipher.init(Cipher.DECRYPT_MODE, skeySpec, iv); byte[] decryptedBytes = decryptCipher.doFinal(encryptedBytes); System.out.println("Original: " + value); System.out.println("Decrypted: " + new String(decryptedBytes)); } catch (Exception e) { e.printStackTrace(); } } public static void main(String[] args) { encryptDecryptString(); } }
When running this code, the decrypted output may appear similar to:
Result: `£eB6O�geS��i are you? Have a nice day.
Resolution:
The incorrect initial bytes in the decrypted string occur due to missing Base64 encoding/decoding when handling the encrypted/decrypted data. To resolve this, Base64 encoding should be performed on the encrypted bytes before transmitting them and Base64 decoding should be done on the received encrypted bytes before decrypting them.
Updated Example:
import javax.crypto.Cipher; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import java.util.Base64; public class CipherAESBase64 { public static void encryptDecryptString() { try { String key = "mySecretKey"; String value = "This is a test message"; String initVector = "initializationVector"; // 16-byte (128-bit) initialization vector IvParameterSpec iv = new IvParameterSpec(initVector.getBytes()); SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes(), "AES"); // Create encrypt cipher Cipher encryptCipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); encryptCipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv); byte[] encryptedBytes = encryptCipher.doFinal(value.getBytes()); // Encode the encrypted bytes into a Base64 string String encryptedString = Base64.getEncoder().encodeToString(encryptedBytes); // Create decrypt cipher Cipher decryptCipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); decryptCipher.init(Cipher.DECRYPT_MODE, skeySpec, iv); // Decode the encrypted Base64 string into bytes byte[] decryptedBytes = Base64.getDecoder().decode(encryptedString); // Decrypt the decoded bytes byte[] decryptedBytes = decryptCipher.doFinal(decryptedBytes); System.out.println("Original: " + value); System.out.println("Decrypted: " + new String(decryptedBytes)); } catch (Exception e) { e.printStackTrace(); } } public static void main(String[] args) { encryptDecryptString(); } }
The above is the detailed content of Why are the initial bytes incorrect after Java AES/CBC decryption, and how can I fix it?. For more information, please follow other related articles on the PHP Chinese website!