speedygonzalez
asked on
Java Base64Encoder Class . What is the Purpose of a cipher?
Hello, I require to create a base64Encoded Key value. I have been looking at the following
article.
http://www.wikijava.org/wiki/Secret_Key_Cryptography_Tutorial
I then created a class to create my one off base64Encoded key (as in the attached code snippet)
On running the class it produces a string as follows:
VGVzdCBzdHJpbmcgZm9yIGNvbn
eSB2YWx1ZQ==
To me that looks like a correct Base64 Encrypted string. Therefore I'm thinking job done.
However the above referenced article discusses ciphers.
What are the ciphers being referenced here/ Do I actually need to create one when just creating the actual encryption key?
I would have thought that what my class has produced is enough & thus a key that I can use & pass onto others. Is this correct?
Thanks in advance
article.
http://www.wikijava.org/wiki/Secret_Key_Cryptography_Tutorial
I then created a class to create my one off base64Encoded key (as in the attached code snippet)
On running the class it produces a string as follows:
VGVzdCBzdHJpbmcgZm9yIGNvbn
eSB2YWx1ZQ==
To me that looks like a correct Base64 Encrypted string. Therefore I'm thinking job done.
However the above referenced article discusses ciphers.
What are the ciphers being referenced here/ Do I actually need to create one when just creating the actual encryption key?
I would have thought that what my class has produced is enough & thus a key that I can use & pass onto others. Is this correct?
Thanks in advance
import java.io.UnsupportedEncodingException;
import sun.misc.BASE64Encoder;
public class KeyGenerator {
public String keyVal;
public static void main(String[] args) {
KeyGenerator keyGen =new KeyGenerator();
try {
System.out.println("String val = " + keyGen.encrypt());
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
}
//create constructor
public KeyGenerator(){
}
public String encrypt() throws UnsupportedEncodingException{
String message = "Test string for conversion to a required Base64Encoded key value";
// Get a cipher object.
//Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
//cipher.init(Cipher.ENCRYPT_MODE, message);
// Gets the raw bytes to encrypt, UTF8 is needed for
// having a standard character set
byte[] stringBytes = message.getBytes("UTF8");
// encrypt using the cypher
//byte[] raw = cipher.doFinal(stringBytes);
// converts to base64 for easier display.
BASE64Encoder encoder = new BASE64Encoder();
String base64 = encoder.encode(stringBytes);
return base64;
}
}
I'm not sure what you're using your base64 encoded key for. In the wiki positing that you reference, the base64 encoding is applied after the encryption and before the decryption. It's sole purpose in that article is to make the encoded value readable. Base64 encoding translates unreadable binary values (and everything else) into readable values. If you're not concerned with encryption, you can ignore the encryption part of the article and use your class as is.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
> To me that looks like a correct Base64 Encrypted string
its just a base64 string :)
and easily decoded
its just a base64 string :)
and easily decoded
The string encrypted with the (DES) cipher on the other hand requires a key to decrypt it
ASKER
Hi All, Thanks for the help.
Sorry, I note there are still some questions among your responses.
What I need to do is the following:
- Create a Base64SecretKey to use in an encryption process. This Base64SecretKey is stored on my system & I give it to a customer
How I use it:
I encrypt a string of data on my side as follows:
- The Base64EncodedKey is deoded to get my secretkey
- This secretkey is then used to encrypt a string (using an AES/CBC/PKCS5Padding algorithm) to get Cipher text
- I then encode the CipherText to base64 to create a Base64CipherText
- I pass this to my customer
The customer decodes the Base64CipherText using the same process (in reverse) with the Base64SecretKey I have provided to them as the secretkey.
What I need to do first of all is the create the Base64SecretKey. Is what I am doing as per my original question enough? I.E. if I encode a string (or a random alphanumeric string if I create one) to Base64. Can that then be used as my Base64SecretKey?
Can a Base64SecretKey just be an aplhanumeric string (encoded to base64). Or does it require something else?
Thanks again!
Sorry, I note there are still some questions among your responses.
What I need to do is the following:
- Create a Base64SecretKey to use in an encryption process. This Base64SecretKey is stored on my system & I give it to a customer
How I use it:
I encrypt a string of data on my side as follows:
- The Base64EncodedKey is deoded to get my secretkey
- This secretkey is then used to encrypt a string (using an AES/CBC/PKCS5Padding algorithm) to get Cipher text
- I then encode the CipherText to base64 to create a Base64CipherText
- I pass this to my customer
The customer decodes the Base64CipherText using the same process (in reverse) with the Base64SecretKey I have provided to them as the secretkey.
What I need to do first of all is the create the Base64SecretKey. Is what I am doing as per my original question enough? I.E. if I encode a string (or a random alphanumeric string if I create one) to Base64. Can that then be used as my Base64SecretKey?
Can a Base64SecretKey just be an aplhanumeric string (encoded to base64). Or does it require something else?
Thanks again!
>>This Base64SecretKey is stored on my system & I give it to a customer
That's insecure, as the key can be intercepted/copied. You should do it the secure way using PKI, which means using the customer's public key (which anyone can have) to encrypt. Only the customer can decrypt it (with his private key)
That's insecure, as the key can be intercepted/copied. You should do it the secure way using PKI, which means using the customer's public key (which anyone can have) to encrypt. Only the customer can decrypt it (with his private key)
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Objects.
Thanks for the advice. I'm still confused to be honest though.
The process detailed above is what was defined by the analyst so I'm going to just create what was asked for
I bascially just have to create a Base64Secretkey
is what I am doing enough (to give them a Base64Encoded string as a key). Or does a key have to be something else?
What makes a Base64Secretkey different from a Base64 Encoded String? If is it a one off string that I made up & encoded to Base64, is this enough to forma key?
Thanks again!
Thanks for the advice. I'm still confused to be honest though.
The process detailed above is what was defined by the analyst so I'm going to just create what was asked for
I bascially just have to create a Base64Secretkey
is what I am doing enough (to give them a Base64Encoded string as a key). Or does a key have to be something else?
What makes a Base64Secretkey different from a Base64 Encoded String? If is it a one off string that I made up & encoded to Base64, is this enough to forma key?
Thanks again!
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks CEHJ & sorry guys if I'm coming off a bit dumb on this.
My whole question come down to the following: Can the key be anything at all then as long as it is Base64 encrypted? I.E. can I just make up a string or some other value and say to use it as a key?
Whether the analyst is right or wrong I don't mind for now. As he has asked for a Base64SecretKey. Can I just Base64 encrypt a string and say that's the Base64SecretKey. Or Is a Base64SecretKey soemthing else? I'm not familiar with SecretKey's at all & just wonder if that's all I need to do for this defined process
Thanks again. Much appreciated!
My whole question come down to the following: Can the key be anything at all then as long as it is Base64 encrypted? I.E. can I just make up a string or some other value and say to use it as a key?
Whether the analyst is right or wrong I don't mind for now. As he has asked for a Base64SecretKey. Can I just Base64 encrypt a string and say that's the Base64SecretKey. Or Is a Base64SecretKey soemthing else? I'm not familiar with SecretKey's at all & just wonder if that's all I need to do for this defined process
Thanks again. Much appreciated!
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks Objects, That's a very good help. It's much clearer now.
I'll get cracking on code to generate a key & will let u all know how I get on.
Cheers.
I'll get cracking on code to generate a key & will let u all know how I get on.
Cheers.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi All,
Thanks for all the help. I can create an encryption a a secret key now & then base encrypt it using Objects advice.
One final question I have is:
is there a recommend algorithm I should use for my sSecretkey creation?
The following are documented
http://download.oracle.com/javase/1.4.2/docs/guide/security/jce/JCERefGuide.html#AppA
Would DESede for example be better to use than DES or does this even matter?
Thanks
Thanks for all the help. I can create an encryption a a secret key now & then base encrypt it using Objects advice.
One final question I have is:
is there a recommend algorithm I should use for my sSecretkey creation?
The following are documented
http://download.oracle.com/javase/1.4.2/docs/guide/security/jce/JCERefGuide.html#AppA
Would DESede for example be better to use than DES or does this even matter?
Thanks
ASKER
Ah sorry, just seen your response CEHJ now also (hadn't refreshed my page).
Is AES the best one to use then?
Thanks All.
Is AES the best one to use then?
Thanks All.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks CEHJ, oh I see. If AES/CBC/PKCS5Padding is required then "AES" is the required algorithm for the secret key used?
Thanks
Thanks
Yes
ASKER
Thans Guys. Will award the points to objects & CEHJ.
Thanks all. I've learned a good bit about encryption from this as well!
Thanks all. I've learned a good bit about encryption from this as well!
For what purpose? If you're talking about PKI technology, then you need to generate a key pair and give people your public key.
This only need be done once and is therefore not normally done programatically except for special purposes.