Topic
4 replies Latest Post - ‏2007-12-14T15:51:14Z by SystemAdmin
SystemAdmin
SystemAdmin
9394 Posts
ACCEPTED ANSWER

Pinned topic Problem with string encrypter

‏2006-11-29T22:52:27Z |
Hello,

I'm working with the WEME 6.1 (wm50-arm-ppro11_6.1.0.20060727-102926.exe) on
a HP iPAQ 4700 with
WM2003. I need to save a encrypted password which can be decrypted also with
the Sun Java 1.5. So I use a BASE64Decode/Encoder to do the job. I can
decrypt a password with the IBM BASE64Decrypter that is encrypted and saved
by the Sun JVM, but when I encyrypt a password with the IBM BASE64Encrypter,
both the Sun and the IBM decrypter cannot decrypt it. I get the error
message:

java.lang.UnsatisfiedLinkError: getStackClassLoader
at com.ibm.oti.vm.MsgHelp.setLocale(MsgHelp.java:98)
at com.ibm.oti.util.Msg$1.run(Msg.java:45)
at java.security.AccessController.doPrivileged1(Native Method)
at java.security.AccessController.doPrivileged(AccessController.java:287)
at com.ibm.oti.util.Msg.<clinit>(Msg.java:42)
at com.ibm.oti.util.BASE64Decoder.decodeDigit(BASE64Decoder.java:139)
at com.ibm.oti.util.BASE64Decoder.decode(BASE64Decoder.java:58)
at de.fuh.pocketCURE.util.StringEncrypter.decrypt(StringEncrypter.java:114)
at de.fuh.pocketCURE.net.Connector.getLogon(Connector.java:111)
at
de.fuh.pocketCURE.controller.actions.internal.FileSetLocalUserAction$1.init(FileSetLocalUserAction.java:46)
at de.fuh.pocketCURE.util.SwingWorkerTask.run(SwingWorkerTask.java:82)
at java.lang.Thread.run(Thread.java:568)

de.fuh.pocketCURE.util.StringEncrypter$EncryptionException:
java.lang.IllegalArgumentException: K008c
at de.fuh.pocketCURE.util.StringEncrypter.decrypt(StringEncrypter.java:118)
at de.fuh.pocketCURE.net.Connector.getLogon(Connector.java:111)
at
de.fuh.pocketCURE.controller.actions.internal.FileSetLocalUserAction$1.init(FileSetLocalUserAction.java:46)
at de.fuh.pocketCURE.util.SwingWorkerTask.run(SwingWorkerTask.java:82)
at java.lang.Thread.run(Thread.java:568)

Caused by: java.lang.IllegalArgumentException: K008c
at com.ibm.oti.util.BASE64Decoder.decodeDigit(BASE64Decoder.java:139)
at com.ibm.oti.util.BASE64Decoder.decode(BASE64Decoder.java:58)
at de.fuh.pocketCURE.util.StringEncrypter.decrypt(StringEncrypter.java:114)
... 4 more
The encrypted password says "[B@1e43985b" which contains caracters that
should never occur in a BASE64Encryption ([ and @ as far as I know).

Here is my StringEncrypter class:

package mypackage;

import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.KeySpec;

import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import javax.crypto.spec.DESedeKeySpec;

// for Desktop
//import com.ibm.misc.BASE64Decoder;
//import com.ibm.misc.BASE64Encoder;

// for PDA
import com.ibm.oti.util.BASE64Decoder;
import com.ibm.oti.util.BASE64Encoder;

/**
* Provides encryption for use with user passwords See
* http://www.devx.com/Java/10MinuteSolution/21385/0/page/1
*
* @author Javid Jamae
*/
public class StringEncrypter {

public static final String DESEDE_ENCRYPTION_SCHEME = "DESede";

public static final String DES_ENCRYPTION_SCHEME = "DES";

public static final String DEFAULT_ENCRYPTION_KEY = "...well, this is
private!!";

private KeySpec keySpec;

private SecretKeyFactory keyFactory;

private Cipher cipher;

private static final String UNICODE_FORMAT = "UTF8";

public StringEncrypter(String encryptionScheme) throws EncryptionException
{
this(encryptionScheme, DEFAULT_ENCRYPTION_KEY);
}

public StringEncrypter(String encryptionScheme, String encryptionKey)
throws EncryptionException {

if (encryptionKey == null)
throw new IllegalArgumentException("encryption key was null");
if (encryptionKey.trim().length() < 24)
throw new IllegalArgumentException(
"encryption key was less than 24 characters");

try {
byte[] keyAsBytes = encryptionKey.getBytes(UNICODE_FORMAT);

if (encryptionScheme.equals(DESEDE_ENCRYPTION_SCHEME)) {
keySpec = new DESedeKeySpec(keyAsBytes);
} else if (encryptionScheme.equals(DES_ENCRYPTION_SCHEME)) {
keySpec = new DESKeySpec(keyAsBytes);
} else {
throw new IllegalArgumentException(
"Encryption scheme not supported: " + encryptionScheme);
}

keyFactory = SecretKeyFactory.getInstance(encryptionScheme);
cipher = Cipher.getInstance(encryptionScheme);

} catch (InvalidKeyException e) {
throw new EncryptionException(e);
} catch (UnsupportedEncodingException e) {
throw new EncryptionException(e);
} catch (NoSuchAlgorithmException e) {
throw new EncryptionException(e);
} catch (NoSuchPaddingException e) {
throw new EncryptionException(e);
}

}

public String encrypt(String unencryptedString) throws EncryptionException
{
if (unencryptedString == null || unencryptedString.trim().length() == 0)
throw new IllegalArgumentException(
"unencrypted string was null or empty");

try {
SecretKey key = keyFactory.generateSecret(keySpec);
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] cleartext = unencryptedString.getBytes(UNICODE_FORMAT);
byte[] ciphertext = cipher.doFinal(cleartext);

// Java5 environment
// BASE64Encoder base64encoder = new BASE64Encoder();
// return base64encoder.encode(ciphertext);
// PocketPC environment
return BASE64Encoder.encode(ciphertext).toString();
} catch (Exception e) {
throw new EncryptionException(e);
}
}

public String decrypt(String encryptedString) throws EncryptionException {
if (encryptedString == null || encryptedString.trim().length() <= 0)
throw new IllegalArgumentException(
"encrypted string was null or empty");

try {
SecretKey key = keyFactory.generateSecret(keySpec);
cipher.init(Cipher.DECRYPT_MODE, key);

// Java5 environment
// BASE64Decoder base64decoder = new BASE64Decoder();
// byte[] cleartext = base64decoder.decodeBuffer(encryptedString);
// PocketPC environment
byte[] cleartext = BASE64Decoder.decode(encryptedString.getBytes());
byte[] ciphertext = cipher.doFinal(cleartext);
return bytes2String(ciphertext);
} catch (Exception e) {
throw new EncryptionException(e);
}
}

private static String bytes2String(byte[] bytes) {
StringBuffer stringBuffer = new StringBuffer();
for (int i = 0; i < bytes.length; i++) {
stringBuffer.append((char) bytes[i]);
}
return stringBuffer.toString();
}

public static class EncryptionException extends Exception {
public EncryptionException(Throwable t) {
super(t);
}
}
}

Is there an error in the Encryption class or did I make a mistake?

Thanks for help

Frank
Updated on 2007-12-14T15:51:14Z at 2007-12-14T15:51:14Z by SystemAdmin
  • SystemAdmin
    SystemAdmin
    9394 Posts
    ACCEPTED ANSWER

    Re: Problem with string encrypter

    ‏2006-11-30T00:43:18Z  in response to SystemAdmin
    Frank Plieninger wrote:
    ...
    > The encrypted password says "[B@1e43985b" which contains caracters that
    > should never occur in a BASE64Encryption ([ and @ as far as I know).

    This looks suspiciously like an array of bytes located at 1e43985b.
    Maybe you should convert that to a string before printing it?

    Andrew Jr.

    ======================================================================
    IBM Phoenix Labs (OTI)
    2929 North Central Avenue
    Phoenix, Arizona, USA 85012
    • SystemAdmin
      SystemAdmin
      9394 Posts
      ACCEPTED ANSWER

      Re: Problem with string encrypter

      ‏2006-11-30T18:53:57Z  in response to SystemAdmin
      Hi,

      that was the help I needed. Now it works fine.

      Thanks!
      Frank

      "Andrew Cornwall" <nobody.there@127.0.0.1> schrieb im Newsbeitrag
      news:ekl9es$3fc2u$1@news.boulder.ibm.com...
      > ...
      > This looks suspiciously like an array of bytes located at 1e43985b. Maybe
      > you should convert that to a string before printing it?
      >
      > Andrew Jr.
      >
      > ======================================================================
      > IBM Phoenix Labs (OTI)
      > 2929 North Central Avenue
      > Phoenix, Arizona, USA 85012

      • SystemAdmin
        SystemAdmin
        9394 Posts
        ACCEPTED ANSWER

        Re: Problem with string encrypter

        ‏2007-12-14T13:50:08Z  in response to SystemAdmin
        Hi,

        can you explain me how you got javax.crypto package on WEME 6.1 with Personal Profile?
        • SystemAdmin
          SystemAdmin
          9394 Posts
          ACCEPTED ANSWER

          Re: Problem with string encrypter

          ‏2007-12-14T15:51:14Z  in response to SystemAdmin
          duh, just found the whole package was hidden in the j9jce.jar.
          I always thought javax.crypto was never part of the J9-VM, can't believe it was there the whole time and I never noticed!! Thanks very much, this and your snippet just saved my weekend :D