Trying to decrypt data as byte array encrypted with AES-128 with String key "keykeykeykeykey1"
code:
byte[] dataBytes = new byte []{(byte)0xf3,(byte)0x8b,(byte)0x0c,(byte)0xb3,(byte)0xa3,(byte)0x26,(byte)0x12,(byte)0x23,(byte)0xe0,(byte)0xe0,(byte)0x9f,(byte)0x1f,(byte)0x28,(byte)0x01,(byte)0x28,(byte)0x35};
SecretKeySpec secretKeySpec = new SecretKeySpec("keykeykeykeykey1".getBytes("UTF-8"), "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, secretKeySpec);
byte[] decryptedData = cipher.doFinal(dataBytes); //this line throws exception
gives me BadPaddingException. What I missed?
You don't specify the mode or padding in your Cipher algorithm. You need to establish what values were used when the data was enciphered.
When you change the algo to "AES/ECB/NOPADDING" there is no error, but this might not necessarily be the right mode or padding.
Related
I have implemented a CBC Mode AES encryption and decryption mechanism in which I am generating Random IV and Random Secret key for each encryption attempt which is recommended.
Now, I have saved my key in a separate file and IV in another file, but after going through the different forums I have found that the IV should not be kept secure and shall be appended with the Ciphertext while encryption and at the time of decryption we can get the 16 bytes plucked out from that cipher byte array..
Now, I tried a snippet of code to achieve the same, but the result were not good as the first block was not encrypting properly; however the rest of the block does.
Can someone tell me whats wrong with my approach?
Any help will be highly appreciated thanks :).
public static byte[] encrypt (byte[] plaintext,SecretKey key,byte[] IV ) throws Exception {
//Get Cipher Instance
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
//Create SecretKeySpec
SecretKeySpec keySpec = new SecretKeySpec(key.getEncoded(), "AES");
//Create IvParameterSpec
IvParameterSpec ivSpec = new IvParameterSpec(IV);
System.out.println( "IV encrypt= " + ivSpec );
//Initialize Cipher for ENCRYPT_MODE
cipher.init(Cipher.ENCRYPT_MODE, keySpec);
//Perform Encryption
byte[] cipherText = cipher.doFinal(plaintext);
ByteArrayOutputStream b = new ByteArrayOutputStream();
b.write(IV);
b.write( cipherText );
return b.toByteArray();
}
--------------------------------------------------------------------------
public static String decrypt (byte[] cipherText, SecretKey key ) throws Exception
{
//Get Cipher Instance
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
//Create SecretKeySpec
SecretKeySpec keySpec = new SecretKeySpec(key.getEncoded(), "AES");
byte[] iv = Arrays.copyOfRange( cipherText , 0, 16);
//Create IvParameterSpec
IvParameterSpec ivSpec = new IvParameterSpec(iv);
//Initialize Cipher for DECRYPT_MODE
cipher.init(Cipher.DECRYPT_MODE, keySpec,ivSpec);
//Perform Decryption
byte[] decryptedText = cipher.doFinal(cipherText);
return new String(decryptedText);
}
----------------------------------------------------------------------------
KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
keyGenerator.init(128);
// Generate Key
SecretKey key = keyGenerator.generateKey();
// Generating IV.
byte[] IV = new byte[16];
SecureRandom random = new SecureRandom();
random.nextBytes(IV);
System.out.println("Original Text : " + plainText);
byte[] cipherText = encrypt(plainText.getBytes("UTF-8") ,key, IV);
String decryptedText = decrypt(cipherText,key, IV);
System.out.println("DeCrypted Text : "+decryptedText);
RESULT
Original Text : This is a plain text which need to be encrypted by AES Algorithm with CBC Mode
DeCrypted Text : ûª¯Î¥pAï2EÞi+¼‹Ý$8ŶÄDDNâOæàtext which need to be encrypted by AES Algorithm with CBC Mode
Just because you copy out the IV here:
byte[] iv = Arrays.copyOfRange( cipherText , 0, 16);
Doesn't mean it isn't still present when you try to decrypt it during:
byte[] decryptedText = cipher.doFinal(cipherText);
You should decrypt everything in ciphertext except for the first 16 bytes. At the moment you're also performing AES decryption on the IV - which is why you're getting garbage.
I'm trying to use Java class Cipher to encrypt/decrypt some of my data. But I'm confused why the same result is produced in encrypt and decrypt mode. Below is my code:
KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
KeyPair keyPair = generator.genKeyPair();
PrivateKey privateKey = keyPair.getPrivate();
byte[] data = "12345".getBytes();
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE, privateKey);
byte[] encrypted = cipher.doFinal(data);
Cipher cipher2 = Cipher.getInstance("RSA");
cipher2.init(Cipher.DECRYPT_MODE, privateKey);
byte[] decrypted = cipher2.doFinal(data);
Here the encrypted has exactly same content with decrypted. It really confused me why same result is produced regardless of what mode I'm using.
What I have tried?
If I use Cipher.getInstance("DES") to decrypt "12345".getBytes(), exception will be thrown.
Does it mean class Cipher can automatically detect whether encrypt or decrypt should be used(ignore mode parameter that I've specified when initialize the Cipher class) when using RSA?
Really appreciate for your help.
===Update===
My bad, looks Java has different behavior with Android. I should limit my question to Android platform only. If I run the above code as a normal Java application, javax.crypto.BadPaddingException: Decryption error will be thrown when decrypting "123456".
===Update===
First of all RSA is asymetric thus you use public key to encrypt and private key decrypt.
Second, those do not produce the same output.
KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
KeyPair keyPair = generator.genKeyPair();
PrivateKey privateKey = keyPair.getPrivate();
byte[] data = "12345".getBytes();
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE, keyPair.getPublic());
byte[] encrypted = cipher.doFinal(data);
System.out.println(new String(encrypted));
Cipher cipher2 = Cipher.getInstance("RSA");
cipher2.init(Cipher.DECRYPT_MODE, privateKey);
byte[] decrypted = cipher2.doFinal(encrypted);
System.out.println(new String(decrypted));
with the output of
D=1��� 12345
Third, there is no autodetection, but cipher can detect that decrypt material is corrupted or invalid - wrong pading in your case causing the error.
An Exception caught at the line
encryptedData = cipher.doFinal(data);
javax.crypto.IllegalBlockSizeException: Data must not be longer than 501 bytes
at com.sun.crypto.provider.RSACipher.doFinal(RSACipher.java:344)
The key size is given by: keyPairGenerator.initialize(4096);
How to solve this problem without increasing the size of key?
With asymmetric encryption there is no way to encrypt data longer than key minus padding. Since it's 11 bytes for you I can conclude you use PKCS#1 padding. What you can do is try to compress data, but depending on data length and nature it easily can fail. Another option is to combine symmetric block ciphers (which has no limitation for the size of data) and asymmetric encryption:
Generate random AES key
byte[] keyData = new byte[32];
SecureRandom random = new SecureRandom();
random.nextBytes(keyData);
Encrypt data with AES.
// zero filled input vector
byte[] ivData = new byte[32];
IvParameterSpec iv = new IvParameterSpec(ivData);
SecretKeySpec keySpec = new SecretKeySpec(keyData, "AES");
Cipher aes = Cipher.getInstance("AES/CBC/PKCS5Padding");
aes.init(Cipher.ENCRYPT_MODE, keySpec, iv);
byte[] cipherText = aes.doFinal(data);
Encrypt AES key (for AES-256 it's 32 bytes) with RSA private key.
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.WRAP_MODE, rsaKeyPair.getPublic());
byte[] wrappedKey = cipher.doFinal(keyData);
Combine wrappedKey with cipherText. Can be done with just appending one to another, but also some binary format can be used.
I wrote two functions as follows which encrypt and decrypt the data.
public static void encrypt() throws Exception {
// Add the BouncyCastle Provider
//Security.addProvider(new BouncyCastleProvider());
// Generate the key
byte[] keyBytes = "AAAAAAAAAAAAAAAA".getBytes();
SecretKeySpec key = new SecretKeySpec(keyBytes, "AES");
// Generate the IV
byte[] ivBytes = "AAAAAAAAAAAAAAAA".getBytes();
IvParameterSpec ivSpec = new IvParameterSpec(ivBytes);
// Create the cipher object and initialize it
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, key, ivSpec);
// Read all bytes from a file into a bytes array
byte[] inputBytes = GCM.readFile("input");
byte[] cipherBytes = cipher.doFinal(inputBytes);
BufferedOutputStream outputStream = new BufferedOutputStream(new FileOutputStream("output.enc"));
outputStream.write(cipherBytes);
outputStream.close();
}
public static void decrypt() throws Exception {
// Add the BouncyCastle Provider
//Security.addProvider(new BouncyCastleProvider());
// Generate the key
byte[] keyBytes = "AAAAAAAAAAAAAAAA".getBytes();
SecretKeySpec key = new SecretKeySpec(keyBytes, "AES");
// Generate the IV
byte[] ivBytes = "AAAAAAAAAAAAAAAA".getBytes();
IvParameterSpec ivSpec = new IvParameterSpec(ivBytes);
// Create the cipher object and initialize it
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, key, ivSpec);
// Read all bytes from a file into a bytes array
byte[] cipherBytes = GCM.readFile("ouput.enc");
byte[] decBytes = cipher.doFinal(cipherBytes);
BufferedOutputStream outputStream = new BufferedOutputStream(new FileOutputStream("regen.plain"));
outputStream.write(decBytes);
outputStream.close();
}
I realize that the code has the key set as "AAAAAAAAAAAAAAAA".getBytes() ; however please bear with me as this is just an example.
When I run the program I get the following stack trace :-
Exception in thread "main" javax.crypto.IllegalBlockSizeException: Input length must be multiple of 16 when decrypting with padded cipher
at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
at com.sun.crypto.provider.AESCipher.engineDoFinal(DashoA13*..)
at javax.crypto.Cipher.doFinal(DashoA13*..)
at GCM.decrypt(GCM.java:80)
at GCM.main(GCM.java:90)
I'm having trouble figuring out why I'm encountering this error. Any hints on how I could solve the issue?
[EDIT]
It seems that when I write out data there are 16 bytes in all but only 15 bytes when I read it back in.
On your update: Well, that's easy then, fix the part that reads the file because the ciphertext needs to be N * blocksize, thus 16 bytes. I don't see any other blatant errors.
Possible problem (unless it is a typo) you write to output.enc but read from ouput.enc.
My objective is to encrypt data in Iphone and decrypt it on java server.
I am using Symmetric encryption .
I have generated the key using KeyGenerator at the java side.
code for generating key is as follows:
//Java Code for key generation
File keyFile = new File("F:/key","mykey.key");
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128);
SecretKey skey = kgen.generateKey();
byte[] enc= skey.getEncoded();
FileUtils.writeStringToFile(keyFile ,Base64.encodeBase64String(enc),"UTF-8");
Following is the java code for decryption:
//get key from file
File file = new File("F:/key", "mykey.key");
SecretKeySpec keySpec= null;
try {
byte[] keyBytes = Base64.decodeBase64(FileUtils.readFileToString(file,"UTF-8"));
keySpec= new SecretKeySpec(keyBytes, 0, 16, "AES");
byte[] raw = keySpec.getEncoded();
} catch (Exception e) {
e.printStackTrace();
}
//Decrypt String encryptedString(from Iphone)
byte[] tempByte = Base64.decodeBase64(encryptedString);
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, keySpec);
byte[] cipherData = cipher.doFinal(tempByte);
String ttt = new String(cipherData ,"UTF-8");
System.out.println(ttt);
And the iphone code is similar to th code given in following link:
Encrypting data with Objective-C and decrypt it with Java Problem
I am getting the following exception while decrypting in java.
javax.crypto.BadPaddingException: Given final block not properly padded
Please help...
Well the padding and mode has to match. If you copied the Objective-C code, then the ciphertext on the Objective-C side has the ECB mode and the PKCS7 padding.
By default the java AES cipher has the CBC mode and PKCS5 padding (though I'm not sure, and AFAIK PKCS5 and PKCS7 are somewhat compatible). I guess you have to specify these explicitly. Those settings have to match otherwise something goes wrong. So you have to create the cipher like that:
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
Btw. if you can choose the encryption-mode you should use CBC (but then on both sides).