Encrypt data without special character (“=”)

Question

I have written simple encryption and decryption program in java. And I am using "AES" algorithm for encryption and decryption. It is working fine, but in encrypted data I am getting special characters like "/","=" etc.

But I don't want the special characters in encrypted data specially "=" operator. Because it causing issue for my further processing. Is there any way to avoid special characters or single "=" operator in encrypted data.

I googled it and I got some suggestion like, convert the data into hashcode, so hashcode encryption will not contains special character. But as per the suggestions, hashcode encryption is not secret key based, I needed the encryption using secret key

How can I achive this?

Any help will appriciated. Thanks

Following is program I have written in java:

public class EncDec
{
    private static final String ALGO = "AES";
    private static final byte[] keyValue = "1234567891234567".getBytes();
    public static void main(String[] args) throws Exception 
    {
        String testData = "ABC";
        String enc = encrypt(testData);
        System.out.println("Encrypted data: "+enc);
        String dec = decrypt(enc);
        System.out.println("Decrypted data: "+enc);
    }
    public static String encrypt(String Data) throws Exception 
    {

        Key key = generateKey();
        Cipher c = Cipher.getInstance(ALGO);
        c.init(Cipher.ENCRYPT_MODE, key);
        byte[] encVal = c.doFinal(Data.getBytes());
        String encryptedValue = new BASE64Encoder().encode(encVal);
        return encryptedValue;
    }
    public static String decrypt(String encryptedData) throws Exception 
    {
        try{
            Key key = generateKey();
            Cipher c = Cipher.getInstance(ALGO);
            c.init(Cipher.DECRYPT_MODE, key);
            byte[] decordedValue = new BASE64Decoder().decodeBuffer(encryptedData);
            byte[] decValue = c.doFinal(decordedValue);
            String decryptedValue = new String(decValue);
            return decryptedValue;
        }catch(Exception e)
        {
            System.out.println("Something wrong..");
            return "";
        }
    }
    private static Key generateKey() throws Exception
    {
        Key key = new SecretKeySpec(keyValue, ALGO);
        return key;
    }
}

And I got the Result like:

Encrypted data: /ia3VXrqaaUls7fon4RBhQ==

Decrypted data: ABC .

Answer 1

URL-safe base 64 as defined in RFC 4648 section-5 could be used.

To use URL-safe base 64 it is possible to use the new Base64 class in java.util (since Java 8). If the = must be avoided then it is possible to specify to not use padding. The decoder should of course be configured in the same way:

Encoder urlEncoder = java.util.Base64.getUrlEncoder().withoutPadding();
String encoded = urlEncoder.encodeToString(new byte[] { (byte) 0xFF, (byte) 0xE0});
System.out.println(encoded);

Decoder urlDecoder = java.util.Base64.getUrlDecoder();
byte[] decoded = urlDecoder.decode(encoded);
System.out.printf("(byte) 0x%02X, (byte) 0x%02X%n", decoded[0], decoded[1]);

results in:

_-A
(byte) 0xFF, (byte) 0xE0

---

Note that it is probably not OK to use base 64 and simply remove the padding. In that case + and / characters may be returned depending on the input.

Since the output of many cryptographic primitives - especially those used for encryption - is indistinguishable from random, it is possible to get these characters at any time, even for the same plaintext.

This is also why URL encoding the result is a less optimal solution; you don't know how many characters need to be escaped in advance making the output size unpredictable.

Answer 2

Instead of converting into base64 encoding use HEX encoding . That worked fine for me