Java string encrypt

Question

I am using the encryption class in Objective C for my iPhone app but I am struggling to get the same functionality working in JAVA from my android app. My encryption code is below:

NSString * _secret = @"password";
NSString * _key = @"1428324560542678";

StringEncryption *crypto = [[StringEncryption alloc] init];
NSData *_secretData = [_secret dataUsingEncoding:NSUTF8StringEncoding];
CCOptions padding = kCCOptionPKCS7Padding;
NSData *encryptedData = [crypto encrypt:_secretData key:[_key dataUsingEncoding:NSUTF8StringEncoding] padding:&padding];

I have tried to replicate it in JAVA but I get a different string when I encode the same data. So I am doing something wrong but I can't figure it out. Here is my JAVA code:

byte[] key = "1428324560542678".getBytes();

Cipher c = null;
            try {
                c = Cipher.getInstance("AES/ECB/PKCS7Padding");
            } catch (NoSuchAlgorithmException e) {
                // TODO Auto-generated catch block
                e.printStackTrace();
            } catch (NoSuchPaddingException e) {
                // TODO Auto-generated catch block
                e.printStackTrace();
            }

SecretKeySpec k =  new SecretKeySpec(key, "AES");
            try {
                c.init(Cipher.ENCRYPT_MODE, k);
            } catch (InvalidKeyException e) {
                // TODO Auto-generated catch block
                e.printStackTrace();
            }

    try {
        EditText tv1passwordText = (EditText) findViewById(R.id.password);
        String password = URLEncoder.encode(tv1passwordText.getText().toString(), "UTF-8");

            byte[] encryptedData = c.doFinal( password.getBytes());

Can anyone see where I am going wrong?

Based on the comments below I added getBytes but the strings produced are still different:

byte[] key = null;
            try {
                key = "1428324560542678".getBytes("UTF-8");
            } catch (UnsupportedEncodingException e2) {
                // TODO Auto-generated catch block
                e2.printStackTrace();
            }

            Cipher c = null;
            try {
                c = Cipher.getInstance("AES/ECB/PKCS7Padding");
            } catch (NoSuchAlgorithmException e) {
                // TODO Auto-generated catch block
                e.printStackTrace();
            } catch (NoSuchPaddingException e) {
                // TODO Auto-generated catch block
                e.printStackTrace();
            }

            SecretKeySpec k =  new SecretKeySpec(key, "AES");
            try {
                c.init(Cipher.ENCRYPT_MODE, k);
            } catch (InvalidKeyException e) {
                // TODO Auto-generated catch block
                e.printStackTrace();
            }

            try {
                EditText tv1passwordText = (EditText) findViewById(R.id.password);

                byte[] password = tv1passwordText.getText().toString().getBytes("UTF-8");

                byte[] encryptedData = c.doFinal(password);

Answer 1

Here is a sample of encryption and decryption:

public static SecretKey generateKey() throws NoSuchAlgorithmException, InvalidKeySpecException {
    return secret = new SecretKeySpec(password.getBytes(), "AES");
}

public static byte[] encryptMsg(String message, SecretKey secret) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidParameterSpecException, IllegalBlockSizeException, BadPaddingException, UnsupportedEncodingException {
/* Encrypt the message. */
    Cipher cipher = null;
    cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
    cipher.init(Cipher.ENCRYPT_MODE, secret);
    byte[] cipherText = cipher.doFinal(message.getBytes("UTF-8"));
    return cipherText;
}

public static String decryptMsg(byte[] cipherText, SecretKey secret) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidParameterSpecException, InvalidAlgorithmParameterException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, UnsupportedEncodingException {

    /* Decrypt the message, given derived encContentValues and initialization vector. */
    Cipher cipher = null;
    cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
   cipher.init(Cipher.DECRYPT_MODE, secret);
    String decryptString = new String(cipher.doFinal(cipherText), "UTF-8");
    return decryptString;
}

To encrypt:

    SecretKey secret = EncUtil.generateKey();
    EncUtil.encryptMsg(<String to Encrypt>, secret))

to decrypt

    EncUtil.decryptMsg(<byte[]>, secret))

Answer 2

Instead of using ECB, you ought to use CBC or CTR if possible. ECB is insecure .

It looks like your Objective-C code is using UTF-8 encoding, but you're not specifying this in your Java code. Use getBytes("UTF-8") .

Answer 3

One thing that I've noticed that has caused problems in the past is that the iOS string being encrypted is actually "Hello World\\0" , eg the string to be encrypted with an extra null at the end. so try adding a \\0 to the end of your string in Java and see if it produces the same results.

Additionally, the URLEncoder step on java may be introducing extra control characters and other things that are not present on the iOS side. It may be worthwhile to compare the text after this with the text going into the iOS encryption step to ensure that they are exactly the same