...
Code Block | ||
---|---|---|
| ||
import java.util.Arrays; import javax.crypto.*; import javax.crypto.spec.*; import java.security.*; class Msc61 { public static SecretKey generateKey() { try { KeyGenerator kgen = KeyGenerator.getInstance("AES"); kgen.init(128); return kgen.generateKey(); } catch (NoSuchAlgorithmException e) { throw new IllegalStateException(e.toString()); } } public static byte[] encrypt_cbc(SecretKey skey, String plaintext) { /* Precond: skey is valid; otherwise IllegalStateException will be thrown. */ try { byte[] ciphertext = null; Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); final int blockSize = cipher.getBlockSize(); byte[] initVector = new byte[blockSize]; (new SecureRandom()).nextBytes(initVector); IvParameterSpec ivSpec = new IvParameterSpec(initVector); cipher.init(Cipher.ENCRYPT_MODE, skey, ivSpec); byte[] encoded = plaintext.getBytes(java.nio.charset.StandardCharsets.UTF_8); ciphertext = new byte[initVector.length + cipher.getOutputSize(encoded.length)]; for (int i=0; i < initVector.length; i++) { ciphertext[i] = initVector[i]; } // Perform encryption cipher.doFinal(encoded, 0, encoded.length, ciphertext, initVector.length); return ciphertext; } catch (NoSuchPaddingException | InvalidAlgorithmParameterException | ShortBufferException | BadPaddingException | IllegalBlockSizeException | InvalidKeyException | NoSuchAlgorithmException e) { /* None of these exceptions should be possible if precond is met. */ throw new IllegalStateException(e.toString()); } } public static String decrypt_cbc(SecretKey skey, byte[] ciphertext) throws BadPaddingException, IllegalBlockSizeException /* these indicate corrupt or malicious ciphertext */ { try { Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); final int blockSize = cipher.getBlockSize(); byte[] initVector = Arrays.copyOfRange(ciphertext, 0, blockSize); IvParameterSpec ivSpec = new IvParameterSpec(initVector); cipher.init(Cipher.DECRYPT_MODE, skey, ivSpec); byte[] plaintext = cipher.doFinal(ciphertext, blockSize, ciphertext.length - blockSize); return new String(plaintext); } catch (NoSuchPaddingException | InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException e) { /* None of these exceptions should be possible if precond is met. */ throw new IllegalStateException(e.toString()); } } } |
Both of the above compliant solutions use 128-bit AES keys. Longer keys (192-bit and 256-bit) may be available if the "Unlimited Strength Jurisdiction Policy" files are installed and available to the Java runtime environment. A brute-force attack against 128-bit AES keys would take billions of years with current computational resources, so absent a cryptographic weakness in AES, 128-bit keys are likely suitable for secure encryption.
...
Weak cryptographic algorithms can be disabled in Java SE 7; see the Java PKI Programmer's Guide, Appendix D: Disabling Cryptographic Algorithms [Oracle 2011a].
Automated Detection
Tool | Version | Checker | Description | ||||||
---|---|---|---|---|---|---|---|---|---|
Parasoft Jtest |
| CERT.MSC61.AISSAJAVA | Avoid using insecure cryptographic algorithms for data encryption with Spring Avoid using insecure cryptographic algorithms in Spring XML configurations Avoid using hard-coded cryptographic keys Avoid using insecure algorithms for cryptography Avoid using cryptographic keys which are too short | ||||||
SonarQube |
| S2278 |
...
Related Guidelines
Bibliography
[Oracle 2011a] | Appendix D: Disabling Cryptographic Algorithms |
[Oracle 2013b] | Java Cryptography Architecture (JCA) Reference Guide |
...
...