Skip to content

Instantly share code, notes, and snippets.

@doridori doridori/explicit_iv.java
Last active Sep 28, 2017

Embed
What would you like to do?
Beware of the default IV blog post example
public byte[] encrypt(byte[] in)
{
...
byte[] iv = new byte[IV_LENGTH];
new SecureRandom().nextBytes(iv);
cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(iv));
byte[] cipherBytes = cipher.doFinal(s.getBytes("UTF-8"));
return concat(iv, cipherBytes);
}
public byte[] decrypt(byte[] in) throws SecurityException
{
...
cipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(bytes, 0, IV_LENGTH));
return new cipher.doFinal(bytes, IV_LENGTH, bytes.length-IV_LENGTH);
}
byte[] key = new byte[16];
new SecureRandom().nextBytes(key);
SecretKeySpec skeySpec = new SecretKeySpec(key, "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding", "AndroidOpenSSL");
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] cipherBytes = cipher.doFinal(s.getBytes("UTF-8"));
byte[] iv = cipher.getIV();
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.