1

As part of a project I'm working on i need to encrypt some data with AES in C#-code and decrypt it in Java. Since security isn't a top priority (this is just a proof of concept) we are ok with the key being stored in the code as a property in some class.

The question then is: since java and C# bytes are different, how do i store the key in both languages in a cut-n-pasteable way?

This is how i do now:

Java:

// aesKeyBytes.length = 32
private static byte[] aesKeyBytes = new byte[]{  5, -67, 39 ... ,57, 120 }

C#:

private static byte[] KeyBytes() {
    var sbytes = new sbyte[] { 5, -67, 39 ... ,57, 120 }
    };
    return = sbytes
        .Select(sb => unchecked((byte) sb))
        .ToArray();
}

Is this a correct way to do it? Is an sbyte semantically the same as a Java byte and will an unchecked conversion of an sbyte get the correct corresponding byte for my key?

Improve this question

2 Answers 2

Reset to default
1

I'd go with having the source contain the base64 version of the key, then using Convert.FromBase64String (C#), and whatever its Java equivalent is (although according to this there isn't one in the standard libraries...), to get the byte array.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

This seems like the pragmatic choice that I think I'm going to go with.
0

Use a Rfc2898 implementation to generate bytes from a copy-and-paste-able password versus managing raw bytes.

.NET offers Rfc2898DeriveBytes.

The Java standard libraries don't include a Rfc2898 implementation, but there are many open implementations. See:

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.