Byte array to string returns null
Question
I'm writing a program to encrypt data. I created a random IV this way:
byte[] ivBytes = new byte[16];
IvParameterSpec iv = new IvParameterSpec(ivBytes);
And used it for the cipher. Now I want to store this IV in a configuration file so I can transport it to the decrypting function, and for that I need to convert the IV to a string format.
I used byte curIV[] = cipher.getIV(); to get the IV and printed it's value to the console, but when I convert it to string, this way String ivString = new String(curIV); , it doesn't return anything.
2 answers
solution1
2 ACCPTED 2018-05-12 08:05:12
byte[] ivBytes = new byte[16];
This creates an array of 16 bytes initialized to 0 . 0x00 is not a printable character (it's a control character ), so you might have trouble seeing it printed (either problem in printing or problem with how you view the printed result).
Depending on your needs, you may want to:
- Print it using
Arrays.toString()as suggested by @TmTron (but expect to not see the printed result properly in some programs, you'll need hexa viewer to see it properly) - Print it in hexadecimal representation
- Encode it using Base64
solution2
2 2018-05-12 08:06:41
Your code works correctly
The array is initialized with a size of 16 , where each of this 16 bytes is a 0 .
Now, lets look at the ascii table to find the correct character for 0 .
Aha, the character for 0 is character NUL .
If you do a new String(cipher.getIV()); you become a valid String value containing no informations.
How to solve
Simply convert a String of size 16 to bytes.
byte[] ivBytes = "123456789abcdef".getBytes();
Security
Computers are good in calculation but bad in random values. Random values are hard to estimated. That makes random values important for security. That makes the 16x0 byte array a bad idea.
Configuration
Finally you need to store that information to the configuration. Hm, as this character is not readable character its hard to save this to a text-based configuration.
Focusing on security you should not allow 16x0 IVs. So 16x0 IVs must not be able to be stored to the configuration.
Suggestion
Use this instead:
String ivString = "blahblah"; // read from configuration if required
IvParameterSpec iv = new IvParameterSpec(ivString.getBytes());
ivString = new String(iv.getIV()); //write to configuration if required
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.