Skip to content

Instantly share code, notes, and snippets.

Created March 17, 2011 14:37
Show Gist options
  • Save scotttam/874426 to your computer and use it in GitHub Desktop.
Save scotttam/874426 to your computer and use it in GitHub Desktop.
encrypt and decrypt with PBKDF2/SHA1 and AES
import javax.crypto.Cipher;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
public class Decrypter {
Cipher dcipher;
byte[] salt = new String("12345678").getBytes();
int iterationCount = 1024;
int keyStrength = 256;
SecretKey key;
byte[] iv;
Decrypter(String passPhrase) throws Exception {
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
KeySpec spec = new PBEKeySpec(passPhrase.toCharArray(), salt, iterationCount, keyStrength);
SecretKey tmp = factory.generateSecret(spec);
key = new SecretKeySpec(tmp.getEncoded(), "AES");
dcipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
public String encrypt(String data) throws Exception {
dcipher.init(Cipher.ENCRYPT_MODE, key);
AlgorithmParameters params = dcipher.getParameters();
iv = params.getParameterSpec(IvParameterSpec.class).getIV();
byte[] utf8EncryptedData = dcipher.doFinal(data.getBytes());
String base64EncryptedData = new sun.misc.BASE64Encoder().encodeBuffer(utf8EncryptedData);
System.out.println("IV " + new sun.misc.BASE64Encoder().encodeBuffer(iv));
System.out.println("Encrypted Data " + base64EncryptedData);
return base64EncryptedData;
public String decrypt(String base64EncryptedData) throws Exception {
dcipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(iv));
byte[] decryptedData = new sun.misc.BASE64Decoder().decodeBuffer(base64EncryptedData);
byte[] utf8 = dcipher.doFinal(decryptedData);
return new String(utf8, "UTF8");
public static void main(String args[]) throws Exception {
Decrypter decrypter = new Decrypter("ABCDEFGHIJKL");
String encrypted = decrypter.encrypt("the quick brown fox jumps over the lazy dog");
String decrypted = decrypter.decrypt(encrypted);
Copy link


Copy link

Exception in thread "main" Illegal key size or default parameters
at javax.crypto.Cipher.checkCryptoPerm(
at javax.crypto.Cipher.implInit(
at javax.crypto.Cipher.chooseProvider(
at javax.crypto.Cipher.init(
at javax.crypto.Cipher.init(
at Decrypter.encrypt(
at Decrypter.main(

Copy link

scotttam, thanks!

I made some minor adjustments to this code for the Android platform, & it worked fine.

Copy link

gl321 commented Sep 7, 2014

This is awesome! What is the license for this code? Is it MIT License? Am I allowed to use this in my commercial app?
Also, can you make some adjustments for it to work for android? Thanks.


Copy link


There's an Android version in the fork. It needs no license.


Copy link

I have this error can help me.

Exception in thread "main" Illegal key size or default parameters
at javax.crypto.Cipher.checkCryptoPerm(
at javax.crypto.Cipher.implInit(
at javax.crypto.Cipher.chooseProvider(
at javax.crypto.Cipher.init(
at javax.crypto.Cipher.init(
at Decrypter.encrypt(
at Decrypter.main(
C:\Users\y9ld\AppData\Local\NetBeans\Cache\8.1\executor-snippets\run.xml:53: Java returned: 1
FALHA NA CONSTRUÇÃO (tempo total: 0 segundos)

Copy link

hayderma commented Jun 1, 2017

how do i get the same encryption for the same string?, it's generating something new everytime!

Copy link

Nice and concise.
For all those with InvalidKeyException : illegal size, check here :
I have added a static section to this class, with the reflection trick and it works fine

Copy link

thomaspreis commented Jan 12, 2018

I found the problem regarding "InvalidKeyException"

The length of salt was not compatible with keyStrength:
128bits == 16Bytes == 16 Chars

I changed the salt and keyStrength to this:

    byte[] salt = new String("1234567890123456").getBytes(); // length = 16
    int keyStrength = 128; // equals to 16 characters 

Then it works correctly, output:
the quick brown fox jumps over the lazy dog

Copy link

sonwani237 commented Mar 6, 2018

I Have an Encrypted String, how can i decrypt it
String = "p1SvSCiAxupKrrZXzjXQk3lWe88xW7mTymvqGlmAOMM9DbYm3kkq7BLP336HwRdYOIBU9VNL0tFTchwBKbw+ZOlU6Ny3vTOtA3/hPqSUOOXDEu5aKnbbvywefu3jyX1u/EFbc1uqohJspem+d1kwxmzn

Copy link

Yair0007 commented Oct 15, 2018

In a scenario where decrypt is called first (no call to encrypt) , iv is null and there is a null pointer exception. I encountered this after reading encrypted data from Firebase and trying to decrypt.

Copy link

@Yair0007 I faced this too. Did you manage to find the solution ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment