Rfc2898DeriveBytes in java

rholovakha picture rholovakha · Jun 25, 2014 · Viewed 10.2k times · Source

I am trying to implement the following code in java:

var keyGenerator = new Rfc2898DeriveBytes(password, salt, 1000);
byte[] key = keyGenerator.GetBytes(32);
byte[] iv = keyGenerator.GetBytes(16);
using (AesManaged aes = new AesManaged())
{
    using (ICryptoTransform encryptor = aes.CreateEncryptor(key, iv)) 
    {
        byte[] result = encryptor.TransformFinalBlock(content, 0, content.Length);
    }
}

By using the following one:

SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
PBEKeySpec keyspec = new PBEKeySpec(password, salt, 1000, 256);
Key key = factory.generateSecret(keyspec);
SecretKeySpec secret = new SecretKeySpec(key.getEncoded(), "AES");
byte[] iv = "how_to_generate_in_java_as_in_c".getBytes();
AlgorithmParameterSpec ivSpec = new IvParameterSpec(iv);
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, secret, ivSpec);
byte[] result = cipher.doFinal("asdfasdf".getBytes("UTF-8"));

I looked through a lot of examples and questions of SO and did not find a way to generate correctly iv[] (in the same value as in C). And it seems there is not way to do it, as java allow to create this value only as random (not pseudo random as available in C). Is this right? Could somebody please help with this issue?

Answer

rholovakha picture rholovakha · Jun 25, 2014

Got a prompt from crypt specialist and found the right solution:

SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
PBEKeySpec pbeKeySpec = new PBEKeySpec(password, salt, 1000, 384);
Key secretKey = factory.generateSecret(pbeKeySpec);
byte[] key = new byte[32];
byte[] iv = new byte[16];
System.arraycopy(secretKey.getEncoded(), 0, key, 0, 32);
System.arraycopy(secretKey.getEncoded(), 32, iv, 0, 16);