This project provides a simple wrapper API for AES CBC (Symmetric Encryption) made with Scala/Java.

The provided algorithm is also compatible to the PHP encryption function mcrypt-encrypt and can handle padding.

By the way you most likely do not want to use AES with ECB block cipher mode - tl;dr: just don't do it.

Disclaimer: Do not use this code in production or with any sensitive data, as I can't gurantee the correctness of the provided implementation. I am not a professional security researcher. Furthermore applies the MIT License.

Just download the repository and build it with the SimpleBuildTool (SBT) for Scala. Make sure that you have git and sbt installed.

git clone https://github.com/swiesend/scala-aes-cbc.git
cd scala-aes-cbc

# fetch all dependencies; this can take a while...
sbt update

import crypto.aes.{AES, Salt}

// We start with a strong password
val password = "a strong passphrase is important for symmetric encryption"

// Nonetheless we generate a salt on a per user base. This salt
// should not be exposed (as it functions more like a pepper).
val salt = Salt.next(42)

// And of course you have something to encrypt
val data = "Lorem ipsum dolor sit amet"

// Now we have all we need
val encrypted = AES.encrypt(data, password, salt)
val decrypted = AES.decrypt(encrypted, password, salt)

assert(data == decrypted)

For further examples review AESTest.scala.

You can export a jar of the project to use it as library.

Deploying a jar:

sbt package

Any help on the project is welcome.

You can test the everything by simple running:

# test the module
sbt test

You can either use PKCS5 padding or no padding at all. The functions encrypt and decrypt assume a PKCS5 padding by default.

Chose one of the provided Strings in AES.scala for cipher instance (javax.crypto.Cipher):

"AES/CBC/PKCS5Padding"
"AES/CBC/NoPadding"

NOTE: For further Ciphers review: https://docs.oracle.com/javase/8/docs/api/javax/crypto/Cipher.html

If you get the following exception during the tests, than this is caused by the JVM Security policy which by default just allows 128 bit encryption ciphers. As you can see in AES.scala we use a SHA-256.

java.security.InvalidKeyException: Illegal key size

There are two ways to get around this, but both are clunky:

1. Lower to 128 bit
2. Download and install the "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy", but this only solves the problem on that machine

For futher discussion on this review:

http://stackoverflow.com/questions/6481627/java-security-illegal-key-size-or-default-parameters

If you know a better solution, please let me know.

If you want to make this better, just fork the project and push a change request. Every help is welcome.

• init the cipher with the init method
• generating secure random numbers
• catching Exceptions

This seems to be a good implementation:

see: http://dignicate.com/archives/788