papegaaij edited a comment on pull request #462:
URL: https://github.com/apache/wicket/pull/462#issuecomment-779200758
I like the idea. The new implementation has one problem though: the IV must
be random on every encryption step. Most importantly, you should never encrypt
the same data twice with the same IV. You can think of the IV as a salt for
your encryption. It ensures that the same data encrypts to different values
every time. It is common practice to store the IV together with the ciphertext.
The code we use in our application for AES256 is like this:
```java
public byte[] encrypt(SecureRandom rnd, SecretKey key, byte[] plaintext)
throws GeneralSecurityException {
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, key, rnd);
AlgorithmParameters params = cipher.getParameters();
byte[] iv = params.getParameterSpec(IvParameterSpec.class).getIV();
byte[] ciphertext = cipher.doFinal(plaintext);
return Bytes.concat(iv, ciphertext);
}
public byte[] decrypt(SecureRandom rnd, SecretKey key, byte[] cipherInput)
throws GeneralSecurityException {
byte[] iv = new byte[16];
byte[] ciphertext = new byte[cipherInput.length - 16];
System.arraycopy(cipherInput, 0, iv, 0, iv.length);
System.arraycopy(cipherInput, 16, ciphertext, 0, ciphertext.length);
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(iv), rnd);
return cipher.doFinal(ciphertext);
}
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
