stackoom
  简体   繁体   中英

Trying to store encrypted AES data into mySQL database using Java

 原文  2016-01-29 16:46:55       java/ mysql/ encryption

Question

I'm trying to store a byte array into mySQL which contains encrypted 'password'. I've tried both using both Blob and varbinary datatype, but when I extract the encrypted data, it doesn't seem to decrypted correctly as the stored byte array is not the same as the one I started with.

The code below for the encrypt/decryption 

   public byte[] encrypt(String password){
    byte[] encrypted = null;
    try {
        cipher.init(Cipher.ENCRYPT_MODE, aesKey);
        encrypted = cipher.doFinal(password.getBytes());
    } catch (Exception ex) {
        ex.printStackTrace();
    }
    return encrypted;
}

public String decrypt(byte[] encrypted){
    String decrypted = null;
    try {
        cipher.init(Cipher.DECRYPT_MODE, aesKey);
        decrypted = new String(cipher.doFinal(encrypted));
    } catch (Exception ex) {
        ex.printStackTrace();
    }
    return decrypted;
}

I've printed out the byte array to see if there was the difference, as you can see during the transition into the database it does change and I'm not sure how to overcome this problem

Output of byte array (Top is original byte array, bottom is from the database) 

84-48-4282-15-60-21-38-41944477106182
916664495599545657505332

Just to clarify, if I try to decrypt using database byte array I recieve this error: 

javax.crypto.IllegalBlockSizeException: Input length must be multiple of 16 when decryption with padded cipher

Also as mentioned in the comments section, I've tried converted it into a string and and storing it in DB then decrypt it but I get the same error.

I've even tried using Hashing with SHA-256 and it's the same thing the byte array that I'm retrieving is completely different to what it was originally

variables I'm using 

byte[] pa = p.hashPass("Hello World");
byte[] dbp = null;

This is the statement I'm using to store/get the data 

Statement stmt = conn.createStatement();
stmt.execute("INSERT INTO staffaccounts(`ID`, `UserName`, `Password`, `Salt`) VALUES (NULL, 'admin', '"+pa+"', '')");
ResultSet rs = stmt.executeQuery("SELECT * FROM staffaccounts");
rs.next();
dbp = rs.getBytes("password");

1 answers

solution1
 1 ACCPTED  2016-01-29 20:47:54

The problem here is that you are inserting the value returned by byte[].toString() , which is not the content of the byte array.

You should be doing this via positional parameters in a PreparedStatement. Never concatenate values into an SQL statement.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to use openssl to decrypt data encrypted by Java using AES I encrypted the data in java using AES and trying the same to decrypt form javascript, but i am getting empty string as output in . Any suggestions best way to store aes encrypted data How can I store Arabic data in mysql database by using java? Unable to decrypt AES data using Obj-C that was encrypted using Java unable to decrypt data in Node which is encrypted in Java using AES-GCM-256 Decrypting data encrypted in SAP using co_aes256_algorithm_pem in Java How to extract the enc encrypted data using AES 256 CBC in JAVA or SCALA? Decrypting data that was AES encrypted with Objective-C with Java Unable to exchange data encrypted with AES-256 between Java and PHP
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM