I'm writing a program to encrypt data. I created a random IV this way:
byte[] ivBytes = new byte[16];
IvParameterSpec iv = new IvParameterSpec(ivBytes);
And used it for the cipher. Now I want to store this IV in a configuration file so I can transport it to the decrypting function, and for that I need to convert the IV to a string format.
I used byte curIV[] = cipher.getIV();
to get the IV and printed it's value to the console, but when I convert it to string, this way String ivString = new String(curIV);
, it doesn't return anything.
byte[] ivBytes = new byte[16];
This creates an array of 16 bytes initialized to 0
. 0x00
is not a printable character (it's a control character ), so you might have trouble seeing it printed (either problem in printing or problem with how you view the printed result).
Depending on your needs, you may want to:
Arrays.toString()
as suggested by @TmTron (but expect to not see the printed result properly in some programs, you'll need hexa viewer to see it properly) The array is initialized with a size of 16
, where each of this 16
bytes is a 0
.
Now, lets look at the ascii table to find the correct character for 0
.
Aha, the character for 0
is character NUL
.
If you do a new String(cipher.getIV());
you become a valid String value containing no informations.
Simply convert a String of size 16 to bytes.
byte[] ivBytes = "123456789abcdef".getBytes();
Computers are good in calculation but bad in random values. Random values are hard to estimated. That makes random values important for security. That makes the 16x0 byte array a bad idea.
Finally you need to store that information to the configuration. Hm, as this character is not readable character its hard to save this to a text-based configuration.
Focusing on security you should not allow 16x0 IVs. So 16x0 IVs must not be able to be stored to the configuration.
Use this instead:
String ivString = "blahblah"; // read from configuration if required
IvParameterSpec iv = new IvParameterSpec(ivString.getBytes());
ivString = new String(iv.getIV()); //write to configuration if required
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.