3

I have a JsonObject (Gson) I want to encrypt this json with Aes256 before I send it to the server, so I have to convert it to Base64 first

JsonObject jsonObject = new JsonObject();
jsonObject.addProperty("command", "abc");


String body = Base64.encodeToString(jsonObject.toString().getBytes("UTF-8"), Base64.NO_WRAP);

String finalBody = aesKeyIv.encrypt(body);

However it sends malformed json because it cannot convert properly.

EDIT: This is for Android

My encrypt method:

 public String encrypt(String value) throws Exception {
        byte[] encrypted = cipherEnc.doFinal(value.getBytes());
        return Base64.encodeToString(encrypted, Base64.NO_WRAP);
    }
Improve this question
3
  • Aes is capable of encrypting any array of bytes (thus every utf-8 encoded strings) not just base64. And of course an encrypted value seems to be just a random sequence of bytes, it will never be a valid json. What are you trying to achieve? How do you send and receive the encrypted data? How do you exchange your keys? And most importantly what do you mean by "it cannot convert properly"? Do you get an error? Commented Jan 18, 2018 at 15:13
  • The base64 value is correct. Therefore the problem is not in the presented code. I assume that the encrypt() method is defect. Commented Jan 18, 2018 at 15:16
  • @Robert please see my edit. I added the encrypt method Commented Jan 19, 2018 at 6:30

3 Answers 3

Reset to default
3

You can import the library:

import org.apache.commons.codec.binary.Base64;

Then you can use following code for encoding into Base64:

public byte[] encodeBase64(String encodeMe){
byte[] encodedBytes = Base64.encodeBase64(encodeMe.getBytes());
return encodedBytes ;
}

and for decoding you can use 

public String decodeBase64(byte[] encodedBytes){
byte[] decodedBytes = Base64.decodeBase64(encodedBytes);
return new String(decodedBytes)
}

And if you are using Java 8 then you have Base64 class directly available into package:

import java.util.Base64;

And your code for encoding into Base64 will change to :

public String encodeBase64(byte [] encodeMe){
    byte[] encodedBytes = Base64.getEncoder().encode(encodeMe);
    return new String(encodedBytes) ;
    }

and similarly your new decoding will change as

public byte[]decodeBase64(String encodedData){
    byte[] decodedBytes = Base64.getDecoder().decode(encodedData.getBytes());
    return decodedBytes ;
    }
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

You can use Bouncy Castle & Apache Commons api to convert to Base64, but ensure you have same algorithm in place for encoding and decoding.

Improve this answer

Comments

0

The byte[] values like the encrypted value, should be Base64 encoded.

        String aesIv2EncryptedString = Base64.encodeToString(aesIv2Encrypted,
            Base64.NO_WRAP);
        jsonObject.addProperty("asIv", aesIv2EncryptedString);

This makes the entire JSON readable UTF-8 text with text values, as Base64 delivers an ASCII subset of the binary data.

The encrypt method is as good as perfect, just String.getBytes() (seen in many examples) would use the platform encoding; when this software would ever run on Windows, that encoding would not be UTF-8 but some non-Unicode (= 256 char subset) encoding. Hence characters would be unconvertible ("?") and garbled. So the cross-platform could is:

public String encrypt(String value) throws Exception {
    byte[] encrypted = cipherEnc.doFinal(value.getBytes("UTF-8"));
    return Base64.encodeToString(encrypted, Base64.NO_WRAP);
}

On decryption:

byte[] originalValue = ...;
return new String(originalValue, "UTF-8");
Improve this answer

4 Comments

So should I encrypt each property one by one and put them in to the json object and then encrypt it again?
No, Base64 is not an encryption, but translates binary bytes into ASCII text using A-z0-9/+ as 64 digits for a huge "number," every digit storing 6 bits. Hence only the values that were byte[]. Those bytes would most likely not have been correct UTF-8.
could you please check my encrypt method in my edit. Is that correct?
Yes it would have worked, though I added a small change to make this code (and especially the data) cross-platform. Mind the decryption.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.