chozenn300 chozenn300 - 6 days ago 4
Java Question

Cannot decrypt a file that I encrypted using PBEWithHmacSHA256AndAES_128

So I have been stuck for ages and am having trouble decrypting a file that I encrypted using PBEWithHmacSHA256AndAES_128.

The encryption works fine, but when trying to decrypt it, I get the following error:


Exception in thread "main"

java.security.InvalidAlgorithmParameterException: Wrong parameter type: PBE expected


The error is happening at this line:

pbeCipher.init(Cipher.DECRYPT_MODE, pbeKey, ivSpec);


Here is the encryption code I used:

// Create PBE parameter set
pbeParamSpec = new PBEParameterSpec(SALT, COUNT);
pbeKeySpec = new PBEKeySpec(get_SHA_1_SecurePassword(password, SALT).toCharArray());
keyFac = SecretKeyFactory.getInstance("PBEWithHmacSHA256AndAES_128");

SecretKey pbeKey = keyFac.generateSecret(pbeKeySpec);
// PRINT HASH OF PW
System.out.println(get_SHA_1_SecurePassword(password, SALT).toCharArray());

// Create PBE Cipher and initialise PBE Cipher with key and parameters
Cipher pbeCipher = Cipher.getInstance("PBEWithHmacSHA256AndAES_128");
pbeCipher.init(Cipher.ENCRYPT_MODE, pbeKey, pbeParamSpec);

// Get bytes of input file
FileInputStream inputStream = new FileInputStream(inputFile);
byte[] inputBytes = new byte[(int) inputFile.length()];
inputStream.read(inputBytes);

// Encrypt and get bytes of encrypted file
byte[] iv = pbeCipher.getIV();
byte[] outputBytes = pbeCipher.doFinal(inputBytes);

String fileName = inputFile.getName();
File outputFile = new File(fileName + ".enc");
FileOutputStream outputStream = new FileOutputStream(outputFile);

// store first 16 bytes in the file as the IV
outputStream.write(iv);

// store the rest of the encrypted file
outputStream.write(outputBytes);
inputStream.close();
outputStream.close();

return outputFile;


Here is the decryption I am trying to get working:

// Create PBE parameter set
pbeParamSpec = new PBEParameterSpec(SALT, COUNT);
pbeKeySpec = new PBEKeySpec(hashedReadPasswords[index].toCharArray());
keyFac = SecretKeyFactory.getInstance("PBEWithHmacSHA256AndAES_128");

SecretKey pbeKey = keyFac.generateSecret(pbeKeySpec);

// Create PBE Cipher
Cipher pbeCipher = Cipher.getInstance("PBEWithHmacSHA256AndAES_128");

// Get bytes of encrypted file
FileInputStream inputStream = new FileInputStream(encryptedFile);
byte[] inputBytes = new byte[(int)encryptedFile.length()];
inputStream.read(inputBytes);

// Get IV
byte[] iv = new byte[16];
for(int i=0; i<16; i++)
{
iv[i] = inputBytes[i];
}

// Get encrypted data
byte[] cipherBytes = new byte[inputBytes.length-16];
int y=0;
for(int i=16; i<inputBytes.length; i++)
{
cipherBytes[y] = inputBytes[i];
y++;
}

// Initialise PBE Cipher with key and parameters
IvParameterSpec ivSpec = new IvParameterSpec(iv);
pbeCipher.init(Cipher.DECRYPT_MODE, pbeKey, ivSpec);

// decrypt and get bytes of plain text file
byte[] outputBytes = pbeCipher.doFinal(cipherBytes);

File outputFile = new File("decrypted_BS13");
FileOutputStream outputStream = new FileOutputStream(outputFile);

// store the rest of the decrypted file
outputStream.write(outputBytes);
inputStream.close();
outputStream.close();

return outputFile;


Any help would be greatly appreciated, no matter what I find online - it's not helping!

Answer

EDIT: Please see this blog for example PBE encryption and decryption code (although don't use the same ciphers that the blog is using because they are insecure!) that works.

You have a few problems here.

This is definitely wrong, although it is not causing the problem you are describing:

pbeKeySpec = new PBEKeySpec(hashedReadPasswords[index].toCharArray());

You need to provide the same password as was used to encrypt it. You cannot put in a hashed password to decrypt. So you need to pass in a similar pbeKeySpec as you used for encrypt.

PBE means "password based encryption". It is an algorithm for turning a password into an encryption key, in a secure way. This means that the key you decrypt with needs to be the same as the key you encrypt with, and derived the same way.