Tuesday, May 29, 2012

Encrypt Decrypt data using AES in Java

AES stands for Advanced Encryption Standard. AES is an Symmetric Key Algorithm, that means key used for encrypting the data, same key will be used for decryption of the encrypted data. This algorithm supplants DES algorithm. This post shows how to use AES algorithm in Java to encrypt and decrypt data.
Encrypting Data-

 
import java.security.GeneralSecurityException;

import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;

public class AESTest1 {

 public static void main(String[] args) throws GeneralSecurityException {
  KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
  keyGenerator.init(128);
  
  SecretKey key = keyGenerator.generateKey();
  
  Cipher cipher = Cipher.getInstance("AES");
  cipher.init(Cipher.ENCRYPT_MODE, key);
  
  byte encryptedData[] = cipher.doFinal(args[0].getBytes());
 }

}
 
In above example we have used KeyGenerator class, which generates key for encrypting data, as we are using AES which is an Symmetric key algorithm we will need this key again while decrypting data.

getInstance method of KeyGenerator class takes String as arguments where we provide the name of the algorithm depending upon which we get the KeyGenerator object.
After that we have called init method of KeyGenerator object which tells key generator that we want to generate keys with the size of 128 bit.
Then we are creating new instance of Cipher using getInstance method where we are passing the name of algorithm to transform our data.
Then we are telling Cipher to initiate in Encryption mode and use the specified SecretKey by calling


cipher.init(Cipher.ENCRYPT_MODE, key);

Then to encrypt our data we are passing our data(args[0]) to doFinal method and we get encryptedData as our encrypted data.
To decrypt encrypted data we just need to initiate Cipher in decrypt mode using following code

 cipher.init(Cipher.DECRYPT_MODE, key);
 String originalData = new String(cipher.doFinal(encryptedData));

In above example we have used KeyGenerator class which generated a secret key for us, but what if we want to use our own secret key?
Consider following example-
import java.security.GeneralSecurityException;
import java.security.MessageDigest;

import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;

public class AESTest1 {

 public static void main(String[] args) throws GeneralSecurityException {

  MessageDigest md5 = MessageDigest.getInstance("MD5");
  md5.update("key".getBytes());
  
  SecretKeySpec key = new SecretKeySpec(md5.digest(), "AES");
  
  Cipher cipher = Cipher.getInstance("AES");
  cipher.init(Cipher.ENCRYPT_MODE, key);
  
  byte encryptedData[] = cipher.doFinal("Sachin".getBytes());
 }

}

In above example we have used MessageDigest to generate the hash for our key. SecretKeySpec class is an implementation of Key interface which allows to create secret keys using our data, in our case "key" string.
In our example we have used keys with 128 bit size, in some countries there is restriction on the size of keys. If you want to use keys with more than 128bit such as 256bit then you need to download

Unlimited Strength Jurisdiction Policy Files 6 from this link and paste/replace them in lib->security directory of your JRE installation directory. Otherwise you will get


java.security.InvalidKeyException: Illegal key size

exception.

2 comments:

  1. How do you encrypt and decrypt a file with AES symmetric key? Thx

    ReplyDelete

Ads Inside Post