I have a program written in Java which takes JSON string as argument, encrypts it using AES then encodes it using Base64. JSON string is like:
{"a": "b"} or {"a": "n"} or {"a": "k"}
I.e related object would have one property a
. Value part is randomly generated.
Program outputs for above JSON inputs looks like
UBNvKoRoGqk0PTQQL5K4Sw== bKwlToSND3HkceDExEDXSw== u/yKJq1FdoifBM+AnadC3A==
i.e. they are unique.
Same goes for {"a":"gn"}
— random string with length 2. Same for 3 and so on.
But starting from 7 program produces the same encoded string for different inputs. I mean following JSON strings taken as input:
{"a": "pzfovvs"} {"a": "bqwuvck"}
produces same string as output:
Dwg0Xjkot8UBfn+vbcCfOS4KluXB6RCFQ932Y9ABtIg=
Same goes for length 8 and 9. Starting from 10 results became unique again.
What is the explanation of this strange phenomenon?
(I can post code if needed.)
Ok, here is the code:
import java.security.Key; import java.security.NoSuchAlgorithmException; import java.util.Base64; import javax.crypto.Cipher; import javax.crypto.KeyGenerator; public class JWTEncryptor { private static String algorithm = "AES"; private static Key key; private static KeyGenerator keyGenerator; private static Cipher cipher; public static String encrypt(String jwt) throws Exception { if (key == null || cipher == null) { setUp(); } cipher.init(Cipher.ENCRYPT_MODE, key); return Base64.getEncoder().encodeToString(cipher.doFinal(jwt.getBytes("UTF-8"))); } private static void setUp() { try { cipher = Cipher.getInstance(algorithm); } catch (Exception e1) { e1.printStackTrace(); } if (keyGenerator != null) { key = keyGenerator.generateKey(); return; } try { keyGenerator = KeyGenerator.getInstance(algorithm); key = keyGenerator.generateKey(); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } } public static String decrypt(String encryptedJWT) throws Exception { cipher.init(Cipher.DECRYPT_MODE, key); return new String(cipher.doFinal(Base64.getDecoder().decode(encryptedJWT))); } }