I'm trying to encrypt/decrypt some data by using steps described in this post getting-a-illegalblocksizeexception-data-must-not-be-longer-than-256-bytes. It is very clear how I should do it, but even that I'm doing something wrong.
Here is my class:
private SecretKeySpec getSymmetricKey() {
SecureRandom random = new SecureRandom();
byte[] keyBytes = new byte[16];
random.nextBytes(keyBytes);
return new SecretKeySpec(keyBytes, "AES");
}
private byte[] fixSecret(byte[] s) throws UnsupportedEncodingException {
int length = 16;
if ((s.length % length) != 0) {
int missingLength = length - (s.length % length) ;
byte[] fixed = new byte[s.length + missingLength];
for (int i = 0; i < missingLength; i++) {
fixed[i] = 0;
}
for (int i = missingLength; i < s.length; i++) {
fixed[i] = s[i];
}
s = fixed;
}
return s;
}
public byte[] encryptData(byte[] dataToEncrypt)
throws KeyStoreException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException,
IllegalBlockSizeException, BadPaddingException, UnsupportedEncodingException {
dataToEncrypt = fixSecret(dataToEncrypt);
// Generate a symmetric key Using random AES algorithm
SecretKeySpec symkey = getSymmetricKey();
// Encrypt the data with the symmetric key
Cipher aescipher = Cipher.getInstance("AES");
aescipher.init(Cipher.ENCRYPT_MODE, symkey);
byte[] encryptedData = aescipher.doFinal(dataToEncrypt);
// Encrypt the symmetric key with RSA
PublicKey publicKey = jksUserSafe.getCertificate("SafeHouseAheadKP").getPublicKey();
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
cipher.update(symkey.getEncoded());
byte[] encryptedSymKey = cipher.doFinal();
// Use a byte array to join everything
ByteArrayOutputStream baos = new ByteArrayOutputStream();
try {
baos.write(encryptedSymKey);
baos.write(encryptedData);
return baos.toByteArray();
} catch (IOException ex) {
return null;
}
}
public byte[] decryptData(byte[] encryptedData) throws Exception {
if (this.userPassword == null) {
throw new Exception("User password can't be empty when trying to decrypt data");
}
if (encryptedData != null ? encryptedData.length < 512 : true) {
return null;
}
// read key and data separately
final int SYMMECTRIC_KEY_LENGTH = 512; // this represents the key size after being encrypted
byte[] symmectricKeyByes = new byte[SYMMECTRIC_KEY_LENGTH];
for(int i = 0; i < SYMMECTRIC_KEY_LENGTH; i++) {
symmectricKeyByes[i] = encryptedData[i];
}
byte[] dataToDecrypt = new byte[encryptedData.length - SYMMECTRIC_KEY_LENGTH];
for(int i = SYMMECTRIC_KEY_LENGTH; i < encryptedData.length; i++) {
dataToDecrypt[i - SYMMECTRIC_KEY_LENGTH] = encryptedData[i];
}
// Decrypte the encrypted symmetric key with RSA
PrivateKey privateKey = (PrivateKey) jksUserSafe.getKey("SafeHouseAheadKP", userPassword.toCharArray());
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.DECRYPT_MODE, privateKey);
cipher.update(symmectricKeyByes);
byte[] decryptedKey = cipher.doFinal();
SecretKeySpec symkey = new SecretKeySpec(decryptedKey, "AES");
// Decrypte the data with the symmetric key
Cipher aescipher = Cipher.getInstance("AES");
aescipher.init(Cipher.DECRYPT_MODE, symkey);
aescipher.update(dataToDecrypt);
return aescipher.doFinal();
}
Well, I've tried this fixLength method, because I thought the problem was the Padding 1 that AES uses, but I'm wrong.
After running it a while, I'got some results:
[ENCRYPT] Data before:
[0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 112, 108, 101, 115, 32, 101, 110, 99,
114, 121, 112, 116, 97, 116, 105, 111, 110, 32, 116, 101, 115, 116, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0]
Data after:
[-32, 56, -39, 24, -124, 67, 97, -36, -21, 30, 36, 108, -56, -55, 23, 94, 113,
-15, 27, -114, -113, -48, -39, 119, 19, 98, -36, 46, 68, 7, -109, -113, -128,
-13, 92, -78, 76, 69, -118, -106, -51, -124, -18, -123, 66, -16, -15, 19, 125,
48, 103, -112, -112, 66, 84, 43, -121, 91, -1, -126, 64, -92, -90, -33]
Key before:
[115, -96, -44, 97, -56, 62, 6, -127, -110, -60, 88, 80, -44, -81, 86, -94]
Key after:
[20, 63, 1, -83, 96, 1, 38, -127, 42, 71, -55, -12, 80, -56, 30, 63, 119, 65,
60, -115, 45, 100, -108, -119, 55, -75, -32, 50, -51, -60, -107, 103, -22, 100,
-94, -77, 96, -15, 13, 120, 73, 99, 64, 40, 102, 47, 67, -110, 28, -88, -78, 35,
-94, -116, 86, -128, 23, 70, 4, -110, -111, -121, 87, -90, -106, -52, 56, -30,
-23, -44, -33, -24, -12, -71, 116, 21, -121, 108, -118, 31, 71, 119, -70, 10,
-18, -61, -39, 16, 33, -42, 107, 88, 22, -4, -77, 71, -101, 4, -2, -51, 18, 111,
29, 112, -15, -29, 10, 107, -80, 126, -57, -40, 110, -86, 64, 11, -29, -61, 53,
-112, 99, -104, -57, -84, -80, 97, 23, 53, 48, 85, 125, -57, 59, -34, -99, 3,
-65, 105, -121, 97, -34, 39, -23, -7, -98, 125, 42, -62, -102, 41, -61, 100,
-41, -120, -102, -121, 83, -115, 45, 122, -102, 81, 72, 85, 81, -102, 33, 87,
-117, 109, 4, 41, 59, 32, 68, -58, 107, 54, 43, -66, -75, -94, 5, 67, -97, 16,
46, -50, 62, -93, -81, 68, -77, -82, 21, 108, 107, -4, -74, -121, -88, 53, 120,
-70, 73, -26, 56, 82, 22, -54, 23, 50, 49, -123, -114, 112, -13, 109, 54, -80,
-40, -97, 65, -110, -76, 89, 91, 87, -57, 46, -89, -19, -14, 55, 60, 46, -89,
59, -90, 35, 29, -70, -41, 38, -98, 100, 11, 15, 24, 5, -59, -52, 122, -116,
-72, -121, -93, 122, 59, -64, 42, 33, -13, 43, -51, 18, 47, 60, -46, -90, 105,
27, -89, -113, 2, 1, -75, -15, 37, -68, 24, -80, 85, 74, 7, 34, 80, 45, -63,
-125, -16, 38, 29, -11, 81, -82, -15, -30, 66, -108, 73, 34, -87, -30, 11, 42,
-122, 41, -37, -34, 111, -119, 34, 116, -116, 95, -99, -69, -71, 67, -61, -106,
-76, -47, -81, -21, -54, -105, -84, -6, -61, 118, -9, 126, 93, 70, 101, 22, 91,
14, 18, -108, 52, 115, 53, -104, -100, -34, -85, 48, -62, 92, -19, 93, -64, 41,
-100, -76, 103, -108, 94, 65, 82, -41, 73, 73, 80, 51, 12, 94, 93, -109, 24,
36, -12, 19, 29, -106, -71, 23, 108, 17, -107, 37, -4, 8, 107, -39, 37, 42, -26,
65, -24, 20, -18, 33, 35, 65, 12, 23, -70, 22, 14, 61, 61, 126, 102, -90, 64,
-57, 72, 90, 23, -15, 89, -47, -26, 29, 81, -93, 4, -79, 74, 7, 19, -37, 43,
-87, 19, -17, 91, 90, -79, -64, -78, -86, -50, -70, -12, -120, 31, 73, -106,
-17, 5, -48, 23, -28, 75, 23, -75, -27, -75, 122, -52, 8, -87, 37, -22, -54,
-72, -45, -44, -15, 5, -85, -26, 13, 30, 74, 93, 121, -33, 79, 96, -63, 16, -5,
19, 47, 20, -8, -104, 31, 24, -19, -110, -88, 124, 127, 0, -86, 75, -46, 119,
-69, 114, 115, -80, -38, -51, -12, -128, -34, -14, 30, -83, 1, 45, -37, -66, 75]
[DECRYPT] Key before:
[20, 63, 1, -83, 96, 1, 38, -127, 42, 71, -55, -12, 80, -56, 30, 63, 119, 65,
60, -115, 45, 100, -108, -119, 55, -75, -32, 50, -51, -60, -107, 103, -22, 100,
-94, -77, 96, -15, 13, 120, 73, 99, 64, 40, 102, 47, 67, -110, 28, -88, -78, 35,
-94, -116, 86, -128, 23, 70, 4, -110, -111, -121, 87, -90, -106, -52, 56, -30,
-23, -44, -33, -24, -12, -71, 116, 21, -121, 108, -118, 31, 71, 119, -70, 10,
-18, -61, -39, 16, 33, -42, 107, 88, 22, -4, -77, 71, -101, 4, -2, -51, 18, 111,
29, 112, -15, -29, 10, 107, -80, 126, -57, -40, 110, -86, 64, 11, -29, -61, 53,
-112, 99, -104, -57, -84, -80, 97, 23, 53, 48, 85, 125, -57, 59, -34, -99, 3,
-65, 105, -121, 97, -34, 39, -23, -7, -98, 125, 42, -62, -102, 41, -61, 100,
-41, -120, -102, -121, 83, -115, 45, 122, -102, 81, 72, 85, 81, -102, 33, 87,
-117, 109, 4, 41, 59, 32, 68, -58, 107, 54, 43, -66, -75, -94, 5, 67, -97, 16,
46, -50, 62, -93, -81, 68, -77, -82, 21, 108, 107, -4, -74, -121, -88, 53, 120,
-70, 73, -26, 56, 82, 22, -54, 23, 50, 49, -123, -114, 112, -13, 109, 54, -80,
-40, -97, 65, -110, -76, 89, 91, 87, -57, 46, -89, -19, -14, 55, 60, 46, -89,
59, -90, 35, 29, -70, -41, 38, -98, 100, 11, 15, 24, 5, -59, -52, 122, -116,
-72, -121, -93, 122, 59, -64, 42, 33, -13, 43, -51, 18, 47, 60, -46, -90, 105,
27, -89, -113, 2, 1, -75, -15, 37, -68, 24, -80, 85, 74, 7, 34, 80, 45, -63,
-125, -16, 38, 29, -11, 81, -82, -15, -30, 66, -108, 73, 34, -87, -30, 11, 42,
-122, 41, -37, -34, 111, -119, 34, 116, -116, 95, -99, -69, -71, 67, -61, -106,
-76, -47, -81, -21, -54, -105, -84, -6, -61, 118, -9, 126, 93, 70, 101, 22, 91,
14, 18, -108, 52, 115, 53, -104, -100, -34, -85, 48, -62, 92, -19, 93, -64, 41,
-100, -76, 103, -108, 94, 65, 82, -41, 73, 73, 80, 51, 12, 94, 93, -109, 24, 36,
-12, 19, 29, -106, -71, 23, 108, 17, -107, 37, -4, 8, 107, -39, 37, 42, -26, 65,
-24, 20, -18, 33, 35, 65, 12, 23, -70, 22, 14, 61, 61, 126, 102, -90, 64, -57,
72, 90, 23, -15, 89, -47, -26, 29, 81, -93, 4, -79, 74, 7, 19, -37, 43, -87, 19,
-17, 91, 90, -79, -64, -78, -86, -50, -70, -12, -120, 31, 73, -106, -17, 5, -48,
23, -28, 75, 23, -75, -27, -75, 122, -52, 8, -87, 37, -22, -54, -72, -45, -44,
-15, 5, -85, -26, 13, 30, 74, 93, 121, -33, 79, 96, -63, 16, -5, 19, 47, 20, -8,
-104, 31, 24, -19, -110, -88, 124, 127, 0, -86, 75, -46, 119, -69, 114, 115,
-80, -38, -51, -12, -128, -34, -14, 30, -83, 1, 45, -37, -66, 75]
Key after:
[115, -96, -44, 97, -56, 62, 6, -127, -110, -60, 88, 80, -44, -81, 86, -94]
Data before:
[-32, 56, -39, 24, -124, 67, 97, -36, -21, 30, 36, 108, -56, -55, 23, 94, 113,
-15, 27, -114, -113, -48, -39, 119, 19, 98, -36, 46, 68, 7, -109, -113, -128,
-13, 92, -78, 76, 69, -118, -106, -51, -124, -18, -123, 66, -16, -15, 19, 125,
48, 103, -112, -112, 66, 84, 43, -121, 91, -1, -126, 64, -92, -90, -33]
Data after:
[]
Why AES is not able to decrypt it?
More useful info:
My asymmetric keys are 4096. I'm running it on Java 8. I got those results in a test case, in real world my application will write encrypted data to file, so it has to be able to decrypting it without know the symmetric key.
You are throwing away data from cipher.update() .. In below two statements both update(...) and doFinal() can return decrypted data ..
cipher.update(symmectricKeyByes);
byte[] decryptedKey = cipher.doFinal();
Try replacing the two lines with just this one:
byte[] decryptedKey = cipher.doFinal(symmectricKeyByes);
The same goes for encrypt as well ..