Java AES with CBC using passphrase

Question

I want to implement 256 key AES with CBC encryption with Java. Recipient sent me 256 bit passphrase as a String \'absnfjtyrufjdngjvhfgksdfrtifghkv\' and it perfectly works u

Answer 1

According to this answer, OpenSSL uses a different key derivation algorithm than what you are using in your Java code. Therefore, the key used to encrypt will be different in your OpenSSL command and in your Java program, so the output will be different and incompatible.

You should also check the documentation of the key derivation function in OpenSSL. Apparently it uses MD5 in the algorithm, while your Java code is using SHA1. They won't output the same key.

You have to specify exactly the same key derivation function, or specify the key directly, instead of deriving it from a passphrase.

Finally, avoid creating yourself a key derivation function (that you could easily implement using bash and using Java) and stick to standards, if security is a concern (if it is not, why bother using crypto?); it is most probable that the algorithm will be broken.