DEVHIDE
Login Or Sign up

Use a dynamically-generated, random IV | SecureRandom unable to decrypt the encrypted values

126 Views Asked by At

I'm working to fix a Sonar Vulnerability for "AES/CTR/NoPadding" Algorithm. Existing code is using IV to encrypt and decrypt the data. IV is generated like this :

Cipher cipher = Cipher.getInstance("AES/CTR/NoPadding");

cipher.init(Cipher.ENCRYPT_MODE, secretKey, new IvParameterSpec(new byte[16]));

but Sonar is complaining the above logic saying "Use a dynamically-generated, random IV".

When I tried Sonar suggestion below for encrypting and decrypting the data:

SecureRandom random = new SecureRandom();
byte[] bytesIV = new byte[16];
    random.nextBytes(bytesIV);

    /* KEY + IV setting */
    IvParameterSpec iv = new IvParameterSpec(bytesIV);

To Encrypt :

SecureRandom random = new SecureRandom();
byte[] bytesIV = new byte[16];
    random.nextBytes(bytesIV);
 Cipher cipher = Cipher.getInstance(ALGORITHM);
                cipher.init(Cipher.ENCRYPT_MODE, secretKey, new IvParameterSpec(bytesIV));
                return  Base64.getEncoder().encodeToString(cipher.doFinal(strToEncrypt.getBytes("UTF-8")));

To Decrypt:


SecureRandom random = new SecureRandom();
byte[] bytesIV = new byte[16];
    random.nextBytes(bytesIV);
 Cipher cipher = Cipher.getInstance(ALGORITHM);
                cipher.init(Cipher.ENCRYPT_MODE, secretKey, new IvParameterSpec(bytesIV));

 return new String(cipher.doFinal(Base64.getDecoder().decode(strToDecrypt)));

After this logic Sonar Vulnerability is fixed and Encryption also fine but Problem was on Decryption as IV is newly generated for for each time and encryption was with another IV so Decryption is not returning correct data.

How can I solve this issue ?

I have scenario where I have to encrypt the data in an application and save encrypted data in db and another application will decrypt it but as we used securerandom so always IV will be different and data will not decrypt correctly.

I have tried to append the IV by converting base64 string to encrypted string and tried to use on decryption that IV but Sonar complaint that can't use constant to get byte array.

I have tried with RSA public and private key to encrypt and decrypt the data and that is working for fixed amount of data but I have to encrypt large data file.

Appreciate in advance for solution......

secure-random
Original Q&A
0

There are 0 best solutions below

Related Questions in SECURE-RANDOM

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.