-1

I am running into an issue that I am not sure the proper fix. I used this thread as reference:

java.lang.IllegalArgumentException: bad base-64 when decrypting string

Basically I split a string into chunks and encrypt each chunk. But when it is time to decrypt the same way it never works. It always gives me this annoying exception:

"java.io.IOException: Error while finalizing cipher"

basically I split the string as below:

static public class RSAString {
    private ArrayList<String> mChunkList = new ArrayList<String>();
    RSAString() {
        mChunkList.clear();
    }
    public ArrayList<String> getChunkList() {
        return mChunkList;
    }
    RSAString(String stringSrc) {
        if (stringSrc.length() < CHUNK_SIZE) {
            mChunkList.add(stringSrc);
        } else {
            int j = 0;
            for (int i = 0; i < stringSrc.length() / CHUNK_SIZE; i++) {
                String subString = stringSrc.substring(j, j + CHUNK_SIZE);
                mChunkList.add(subString);
                j += CHUNK_SIZE;
            }
            int leftOver = stringSrc.length() % CHUNK_SIZE;
            if (leftOver > 0) {
                String subString = stringSrc.substring(j, j + leftOver);
                mChunkList.add(subString);
            }
        }
    }
}

Then I decrypt with this code:

// This **DOES NOT** work
final String AndroidOpenSSLString = "AndroidOpenSSL";
final String AndroidKeyStoreBCWorkaroundString = "AndroidKeyStoreBCWorkaround";
mProvider = Build.VERSION.SDK_INT < Build.VERSION_CODES.M ? AndroidOpenSSLString : AndroidKeyStoreBCWorkaroundString;
Cipher outCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", mProvider);
outCipher.init(Cipher.DECRYPT_MODE, mPrivateKey);
for (String chunkEncrypted : rsaEcryptedText.getChunkList()) {
    byte[] cipherText = chunkEncrypted.getBytes("UTF-8");
    CipherInputStream cipherInputStream = new CipherInputStream(
            new ByteArrayInputStream(Base64.decode(cipherText, Base64.NO_WRAP)), outCipher);
    ArrayList<Byte> values = new ArrayList<>();
    int nextByte;
    while ((nextByte = cipherInputStream.read()) != -1) {
        values.add((byte) nextByte);
    }
    byte[] bytes = new byte[values.size()];
    for (int i = 0; i < bytes.length; i++) {
        bytes[i] = values.get(i);
    }
    decryptedString += new String(bytes, 0, bytes.length, "UTF-8");
    cipherInputStream.close();
    cipherInputStream.reset();
}

The only work around I found was to re-initialize the cypher every new sub-string. Like the hack below:

for (String chunkEncrypted : rsaEcryptedText.getChunkList()) {
    // This works, but I am re-initializing the out cypher every time!
    // super slow!!! WHY DO I HAVE TO DO THIS?
    Cipher outCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", mProvider);
    outCipher.init(Cipher.DECRYPT_MODE, mPrivateKey);
    byte[] cipherText = chunkEncrypted.getBytes("UTF-8");
    CipherInputStream cipherInputStream = new CipherInputStream(
            new ByteArrayInputStream(Base64.decode(cipherText, Base64.NO_WRAP)), outCipher);
    ArrayList<Byte> values = new ArrayList<>();
    int nextByte;
    while ((nextByte = cipherInputStream.read()) != -1) {
        values.add((byte) nextByte);
    }
    byte[] bytes = new byte[values.size()];
    for (int i = 0; i < bytes.length; i++) {
        bytes[i] = values.get(i);
    }
    decryptedString += new String(bytes, 0, bytes.length, "UTF-8");
    cipherInputStream.close();
    cipherInputStream.reset();
}

The problem with my fix is that it makes the decryption much slower. Also, even with my sub-strings at small sizes (sub-string int CHUNK_SIZE = 64) I keep getting the same exception.

Anyway, I wonder if anyone can point me out the correct way to decrypt a long string with RSA encryption.

and here is the encryption code--not sure if it matters in this case--but it always works:

Cipher inCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", mProvider);
inCipher.init(Cipher.ENCRYPT_MODE, mPublicKey);
RSAString rsaStringPlainText = new RSAString(plainText);
for (String chunkPlain : rsaStringPlainText.getChunkList()) {
    ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
    CipherOutputStream cipherOutputStream = new CipherOutputStream(
            outputStream, inCipher);
    cipherOutputStream.write(chunkPlain.getBytes("UTF-8"));
    cipherOutputStream.flush();
    cipherOutputStream.close();
    byte[] ecryptedText = Base64.encode(outputStream.toByteArray(), Base64.NO_WRAP);
    encryptedStringOut.mChunkList.add(new String(ecryptedText));
}
Community
  • 1
  • 1
gmmo
  • 2,152
  • 3
  • 22
  • 46

1 Answers1

1

RSA is not suited for bulk encryption as it's quite slow (more than a factor 1000 when compared to AES). Instead use a symmetric encryption algorithm like AES if you can. If you need the two key's of RSA, use Hybrid encryption where you encrypt the data with a random symmetric key, and then encrypt that key with the RSA key.

Another benefit of symmetric encryption is that libraries automatically supports bulk encryption, where you don't need to handle chopping your data up into small blocks before encryption.

Ebbe M. Pedersen
  • 6,530
  • 3
  • 23
  • 41