jrichardsz/AESUtil.java

## readme.md

      
    Raw
  

              readme.md
            
          
    basics


key and iv should be stored
iv should not be random
use base64 to share/decrypt the encrypted value
if the key is a sha256 in the database, in the java should be the same
review UNHEX

mysql

SET block_encryption_mode = 'aes-256-cbc';
SET @key_str = UNHEX(SHA2('RwcmlVpg',256)); 
SET @iv = '4e5Wa71fYoT7MFEX';
SET @ciphertext = AES_ENCRYPT('Hello chicho', @key_str, @iv);
select TO_BASE64(@ciphertext);

output
 mysql> SET block_encryption_mode = 'aes-256-cbc';
Query OK, 0 rows affected (0.00 sec)

mysql> SET @key_str = UNHEX(SHA2('RwcmlVpg',256)); 
Query OK, 0 rows affected (0.00 sec)

mysql> SET @iv = '4e5Wa71fYoT7MFEX';
Query OK, 0 rows affected (0.00 sec)

mysql> SET @ciphertext = AES_ENCRYPT('Hello chicho', @key_str, @iv);
Query OK, 0 rows affected (0.01 sec)

mysql> select TO_BASE64(@ciphertext);
+--------------------------+
| TO_BASE64(@ciphertext)   |
+--------------------------+
| xmOHJsn6UV1DfYe0IBZ9Og== |
+--------------------------+
1 row in set (0.00 sec)

mysql> SELECT AES_DECRYPT(@ciphertext, @key_str, @iv);
+-----------------------------------------+
| AES_DECRYPT(@ciphertext, @key_str, @iv) |
+-----------------------------------------+
| Hello chicho                            |
+-----------------------------------------+
1 row in set (0.02 sec)

java

java AESUtil xmOHJsn6UV1DfYe0IBZ9Og==

output
hello chicho


## aes 256 cbc snippets
 SET block_encryption_mode = 'aes-256-cbc';
 SET @key_str = SHA2('Pn6nK7Gs9r',256);
 SET @init_vector = "98awg9X7SiI3jxp3";
 SET @encrypted = "Xq1CcrpteSqcybePun+6pQ==";
 SELECT @key_str;
 # output 67fa26a5570901994ef1eae105b9286fca44b6f79e200a9fbbd5cff897c3a7ce
 SELECT AES_DECRYPT(@encrypted,@key_str,@init_vector); # output NULL
 SELECT cast(AES_DECRYPT(@encrypted,@key_str,@init_vector) as char(100));
 # output NULL SELECT AES_DECRYPT(cast(@encrypted as BINARY),@key_str,@init_vector);
 # output NULL SELECT cast(AES_DECRYPT(cast(@encrypted as BINARY),@key_str,@init_vector) as char(100)); # output NULL


function encrypt($token) {
if($token !== "" && $token !== null && $token !== false) {
$cipher_method = 'aes-256-cbc';
$iv = "98awg9X7SiI3jxp3";
$enc_key = hash("sha256", "Pn6nK7Gs9r");
$crypted_token = openssl_encrypt($token, $cipher_method, $enc_key, 0, $iv);
return $crypted_token; } return $token; } echo hash("sha256", "Pn6nK7Gs9r"); //
output 67fa26a5570901994ef1eae105b9286fca44b6f79e200a9fbbd5cff897c3a7ce echo encrypt("test");
// output Xq1CcrpteSqcybePun+6pQ==

 SET block_encryption_mode = 'aes-256-cbc';
 SET @key = UNHEX(SHA2('Pn6nK7Gs9r',256));
 SET @iv = '98awg9X7SiI3jxp3';
 SET @ciphertext = FROM_BASE64('5EMRiQCvOjQjNSlwpYKyfQ==');
 SELECT AES_DECRYPT(@ciphertext, @key, @iv);


 SET block_encryption_mode = 'aes-256-cbc';
SET @key_str = '3C5QYgFQr9AARjMyLNNQ3fL8QauXLTz0';
SET @iv = 'kaNUE3JAIVB9Em9v';
SET @ciphertext = AES_ENCRYPT('Hello', @key_str, @iv);
SELECT AES_DECRYPT(@ciphertext, @key_str, @iv);


 SET block_encryption_mode = 'aes-256-cbc';
 SET @key_str = 'RwcmlVpg';
 SET @iv = '4e5Wa71fYoT7MFEX';
 SET @ciphertext = AES_ENCRYPT('Hello', @key_str, @iv);
 select TO_BASE64(@ciphertext);
SELECT AES_DECRYPT(@ciphertext, @key_str, @iv);

SET block_encryption_mode = 'aes-256-cbc';
SET @key_str = UNHEX(SHA2('RwcmlVpg',256));
SET @iv = '4e5Wa71fYoT7MFEX';
SET @ciphertext = AES_ENCRYPT('Hello chicho', @key_str, @iv);
select TO_BASE64(@ciphertext);
SELECT AES_DECRYPT(@ciphertext, @key_str, @iv);


https://github.com/fukata/AES-256-CBC-Example/blob/master/java/src/AESUtil.java

https://www.toolnb.com/tools-lang-en/aesEnDe.html

https://gist.github.com/siwalikm/8311cf0a287b98ef67c73c1b03b47154

https://lindevs.com/aes-encryption-and-decryption-in-mysql/

https://stackoverflow.com/questions/50222801/given-final-block-not-properly-padded-such-issues-can-arise-if-a-bad-key-is-use

# answer

https://stackoverflow.com/questions/51999575/how-to-decrypt-aes-256-cbc-in-java

## AESUtil.java
import java.io.UnsupportedEncodingException;
import java.security.Key;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.spec.AlgorithmParameterSpec;

import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.util.Base64;

//https://github.com/fukata/AES-256-CBC-Example/blob/master/java/src/AESUtil.java
public class AESUtil {
    private static final String ENCRYPTION_KEY = "RwcmlVpg";
    private static final String ENCRYPTION_IV = "4e5Wa71fYoT7MFEX";

    public static void main(String[] args) {
        System.out.println(decrypt(args[0]));
    }

    public static String encrypt(String src) {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(Cipher.ENCRYPT_MODE, makeKey(), makeIv());
            return Base64.getEncoder().encodeToString(cipher.doFinal(src.getBytes()));
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static String decrypt(String src) {
        String decrypted = "";
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(Cipher.DECRYPT_MODE, makeKey(), makeIv());
            decrypted = new String(cipher.doFinal(Base64.getDecoder().decode(src)));
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
        return decrypted;
    }

    static AlgorithmParameterSpec makeIv() {
        try {
            return new IvParameterSpec(ENCRYPTION_IV.getBytes("UTF-8"));
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        }
        return null;
    }

    static Key makeKey() {
        try {
            MessageDigest md = MessageDigest.getInstance("SHA-256");
            byte[] key = md.digest(ENCRYPTION_KEY.getBytes("UTF-8"));
            return new SecretKeySpec(key, "AES");
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        }

        return null;
    }
}
	SET block_encryption_mode = 'aes-256-cbc';
	SET @key_str = SHA2('Pn6nK7Gs9r',256);
	SET @init_vector = "98awg9X7SiI3jxp3";
	SET @encrypted = "Xq1CcrpteSqcybePun+6pQ==";
	SELECT @key_str;
	# output 67fa26a5570901994ef1eae105b9286fca44b6f79e200a9fbbd5cff897c3a7ce
	SELECT AES_DECRYPT(@encrypted,@key_str,@init_vector); # output NULL
	SELECT cast(AES_DECRYPT(@encrypted,@key_str,@init_vector) as char(100));
	# output NULL SELECT AES_DECRYPT(cast(@encrypted as BINARY),@key_str,@init_vector);
	# output NULL SELECT cast(AES_DECRYPT(cast(@encrypted as BINARY),@key_str,@init_vector) as char(100)); # output NULL


	function encrypt($token) {
	if($token !== "" && $token !== null && $token !== false) {
	$cipher_method = 'aes-256-cbc';
	$iv = "98awg9X7SiI3jxp3";
	$enc_key = hash("sha256", "Pn6nK7Gs9r");
	$crypted_token = openssl_encrypt($token, $cipher_method, $enc_key, 0, $iv);
	return $crypted_token; } return $token; } echo hash("sha256", "Pn6nK7Gs9r"); //
	output 67fa26a5570901994ef1eae105b9286fca44b6f79e200a9fbbd5cff897c3a7ce echo encrypt("test");
	// output Xq1CcrpteSqcybePun+6pQ==

	SET block_encryption_mode = 'aes-256-cbc';
	SET @key = UNHEX(SHA2('Pn6nK7Gs9r',256));
	SET @iv = '98awg9X7SiI3jxp3';
	SET @ciphertext = FROM_BASE64('5EMRiQCvOjQjNSlwpYKyfQ==');
	SELECT AES_DECRYPT(@ciphertext, @key, @iv);


	SET block_encryption_mode = 'aes-256-cbc';
	SET @key_str = '3C5QYgFQr9AARjMyLNNQ3fL8QauXLTz0';
	SET @iv = 'kaNUE3JAIVB9Em9v';
	SET @ciphertext = AES_ENCRYPT('Hello', @key_str, @iv);
	SELECT AES_DECRYPT(@ciphertext, @key_str, @iv);


	SET block_encryption_mode = 'aes-256-cbc';
	SET @key_str = 'RwcmlVpg';
	SET @iv = '4e5Wa71fYoT7MFEX';
	SET @ciphertext = AES_ENCRYPT('Hello', @key_str, @iv);
	select TO_BASE64(@ciphertext);
	SELECT AES_DECRYPT(@ciphertext, @key_str, @iv);

	SET block_encryption_mode = 'aes-256-cbc';
	SET @key_str = UNHEX(SHA2('RwcmlVpg',256));
	SET @iv = '4e5Wa71fYoT7MFEX';
	SET @ciphertext = AES_ENCRYPT('Hello chicho', @key_str, @iv);
	select TO_BASE64(@ciphertext);
	SELECT AES_DECRYPT(@ciphertext, @key_str, @iv);



	https://github.com/fukata/AES-256-CBC-Example/blob/master/java/src/AESUtil.java

	https://www.toolnb.com/tools-lang-en/aesEnDe.html

	https://gist.github.com/siwalikm/8311cf0a287b98ef67c73c1b03b47154

	https://lindevs.com/aes-encryption-and-decryption-in-mysql/

	https://stackoverflow.com/questions/50222801/given-final-block-not-properly-padded-such-issues-can-arise-if-a-bad-key-is-use

	# answer

	https://stackoverflow.com/questions/51999575/how-to-decrypt-aes-256-cbc-in-java
	import java.io.UnsupportedEncodingException;
	import java.security.Key;
	import java.security.MessageDigest;
	import java.security.NoSuchAlgorithmException;
	import java.security.spec.AlgorithmParameterSpec;

	import javax.crypto.Cipher;
	import javax.crypto.spec.IvParameterSpec;
	import javax.crypto.spec.SecretKeySpec;
	import java.util.Base64;

	//https://github.com/fukata/AES-256-CBC-Example/blob/master/java/src/AESUtil.java
	public class AESUtil {
	private static final String ENCRYPTION_KEY = "RwcmlVpg";
	private static final String ENCRYPTION_IV = "4e5Wa71fYoT7MFEX";

	public static void main(String[] args) {
	System.out.println(decrypt(args[0]));
	}

	public static String encrypt(String src) {
	try {
	Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
	cipher.init(Cipher.ENCRYPT_MODE, makeKey(), makeIv());
	return Base64.getEncoder().encodeToString(cipher.doFinal(src.getBytes()));
	} catch (Exception e) {
	throw new RuntimeException(e);
	}
	}

	public static String decrypt(String src) {
	String decrypted = "";
	try {
	Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
	cipher.init(Cipher.DECRYPT_MODE, makeKey(), makeIv());
	decrypted = new String(cipher.doFinal(Base64.getDecoder().decode(src)));
	} catch (Exception e) {
	throw new RuntimeException(e);
	}
	return decrypted;
	}

	static AlgorithmParameterSpec makeIv() {
	try {
	return new IvParameterSpec(ENCRYPTION_IV.getBytes("UTF-8"));
	} catch (UnsupportedEncodingException e) {
	e.printStackTrace();
	}
	return null;
	}

	static Key makeKey() {
	try {
	MessageDigest md = MessageDigest.getInstance("SHA-256");
	byte[] key = md.digest(ENCRYPTION_KEY.getBytes("UTF-8"));
	return new SecretKeySpec(key, "AES");
	} catch (NoSuchAlgorithmException e) {
	e.printStackTrace();
	} catch (UnsupportedEncodingException e) {
	e.printStackTrace();
	}

	return null;
	}
	}