I improved my AES encryption code, I now generate a key from a password of any length. But now I dont know if I'm generating a 128, 192 or 256 bit AES key.

Here is my code:

import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.Cipher;

public class AESCipher {
    private Cipher cipher;
    private SecretKey secretKey;
    private SecretKeyFactory keyFactory;
    private PBEKeySpec pbeKey;
    private PBEParameterSpec paramSpec;
    private byte[] salt = {111, 123, 56, 123, 99, 108, 45, 65};
    private String password;
    private final int iterationCount = 21;

    /**
     * Generates the key from the password.
     */
    private void generateKey() throws Exception {
        this.paramSpec = new PBEParameterSpec(this.salt, this.iterationCount);
        this.pbeKey = new PBEKeySpec(this.password.toCharArray());
        this.keyFactory = SecretKeyFactory.getInstance("PBEWithMD5AndDES");
        this.secretKey = this.keyFactory.generateSecret(this.pbeKey);
        this.cipher = Cipher.getInstance("PBEWithMD5AndDES");
    }

    /**
     * Encrypts data.
     * @param plainText
     *   Data to encrypt.
     * @return
     *   Encrypted data.
     * @throws Exception
     *   If something went wrong.
     */
    public byte[] encrypt(String plainText) throws Exception {
        byte[] encrypted = new byte[plainText.getBytes().length];

        cipher.init(Cipher.ENCRYPT_MODE, this.secretKey, this.paramSpec);
        encrypted = cipher.doFinal(plainText.getBytes());

        return encrypted;
    }

    /**
     * Decrypts data.
     * @param cipherText
     *   Data to decrypt.
     * @return
     *   Decrypted data.
     * @throws Exception
     *   If something went wrong.
     */
    public String decrypt(byte[] cipherText) throws Exception {
        byte[] decryptedText = new byte[cipherText.length];
        String decrypted;

        cipher.init(Cipher.DECRYPT_MODE, this.secretKey, this.paramSpec);
        decryptedText = cipher.doFinal(cipherText);
        decrypted = new String(decryptedText);

        return decrypted;
    }

    /**
     * Class initializer.
     * @param password 
     *   Password that will be used for encryption.
     */
    public AESCipher(String password) throws EncryptionException {
        this.password = password;

        try {
            //generateSalt();
            generateKey();
        } catch(Exception error) {
            throw new EncryptionException(error.getMessage());
        }
    }
}

How can I be sure this code will generate an AES 192 bit key?

I take it the online documentation was wrong then. What kind of key generator should I use then?

Which on-line doc are you referring to?
(ps: I'm no expert in this area, but as nobody else has responded I'm also trying to interpret the doc and related tutorials. I'll leave you in peace if you want to wait for an actual expert.. JC)

Edited 1 Year Ago by JamesCherrill

@JamesCherrill - I am unable to find the documentation at the moment.
@Taywin - Well in that implementation you can define a key size you want to generate, but you cant generate a key from a password. I need to define my key size (128, 192, 256) and then supply a password that will be used to create the key. I cant seem to find an implementation of this anywhere.

Good morning. (Sorry abou the relay in replying, it was bedtime here!)

You are requesting DES and MD5, so I can't believe that will give you an AES implementation. Looking at the docs it seems that the early verisons of java crypto were very limited in their choice of algorithms, and AES was not initially supported in the standard API. I found lots of examples of AES Java code in more recent web sites, so maybe a Google search limited to the last year should be your next step.

ps:Having said that, Taywin's link seems exactly what you need.

Well not quite. I don't see that there is a password being used to generate the key. Or am I wrong?

That's the AES encrypt/decrypt with a system-generated secret key.
As always, Google is your friend. It only took a minute to find
this link to an example of generating an AES key from a password.

Edited 1 Year Ago by JamesCherrill

This question has already been answered. Start a new discussion instead.