Hi,
I'm trying to use Ironclad to encrypt a string using AES and store it
in a file. In the future, a separate Java program that's out of my
control will read and decrypt the file.
I wrote a small test in CL, and it works fine, however, I also wrote
up a test in Java to see if I could decrypt the file I wrote out using
CL, and I'm getting the following exception:
javax.crypto.IllegalBlockSizeException: Input length must be multiple
of 16 when decrypting with padded cipher
at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
at com.sun.crypto.provider.AESCipher.engineDoFinal
(DashoA13*..)
at javax.crypto.Cipher.doFinal(DashoA13*..)
at aestest.main(aestest.java:33)
I'm assuming I'm doing something wrong when using Ironclad to encrypt
the data. I've included both the CL and the Java code below and would
appreciate any pointers. I can survive this by using some ugliness
like using CL to write the data to disk, calling a Java program to
encrypt it and store it to disk, and then reading it back it to the CL
program, but I'd obviously prefer to have a pure CL approach.
Many thanks!
Cheers,
David
(defun aes-test ()
(let* ((filename "/tmp/encrypted-lisp.bin")
(key (ironclad:ascii-string-to-byte-array
"0123456789123456"))
(cipher (ironclad:make-cipher :aes :mode :ecb :key key))
(string-out "abcdefghijklmnopqrstuvwxyz")
(octets-out (sb-ext:string-to-octets string-out :external-
format :ascii)))
(with-open-file (out filename
:direction :output
:element-type '(unsigned-byte 8)
:if-exists :supersede)
(format t "unencrypted octets-out: ~a~%" octets-out)
(ironclad:encrypt-in-place cipher octets-out)
(format t "encrypted octets-out: ~a~%" octets-out)
(write-bytes octets-out out))
(with-open-file (in filename
:direction :input
:element-type '(unsigned-byte 8)
:if-does-not-exist :error)
(let ((octets-in (read-bytes in (length octets-out))))
(format t "encrypted octets-in: ~a~%" octets-in)
(ironclad:decrypt-in-place cipher octets-in)
(format t "unencrypted octets-in: ~a~%" octets-in)
(print (sb-ext:octets-to-string octets-in :external-
format :ascii))))))
***** ***** ***** ***** ***** ***** ***** ***** ***** *****
String encoding = "ASCII";
String keyString = "0123456789123456";
SecretKeySpec skeySpec = new SecretKeySpec(keyString.getBytes
(encoding), "AES");
Cipher cipher = Cipher.getInstance("AES");
File file = new File("/tmp/encrypted-lisp.bin");
InputStream in = new FileInputStream(file);
int compressedAndEncryptedDataLength = (int) file.length();
byte[] compressedAndEncryptedIn = new byte
[compressedAndEncryptedDataLength];
in.read(compressedAndEncryptedIn);
in.close();
cipher.init(Cipher.DECRYPT_MODE, skeySpec);
byte[] decryptedAndCompressedIn = cipher.doFinal
(compressedAndEncryptedIn);
On 4 Lug, 18:45, David Neu <·········@gmail.com> wrote:
> I'm assuming I'm doing something wrong when using Ironclad
Ironcald doesn't do any padding in the current release (and not
handling padding is a shame...); however, the crypticl library does do
padding.
Anyway, you never should use :ecb mode -- encryption is a very
practical science, it's not enough to know some basic theory...
http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation
-PM