I've taken a look at trying to decrypt attr_encrypted stored value from Java but it didn't provide the help I was looking for (unless I'm misunderstanding...if so please tell me).
I'm using attr_encrypted with the default values, which I believe are, amongst others
algorithm: 'aes-256-gcm'
mode: :per_attribute_iv
I'm left with the following stored in the DB:
encrypted_name: "6t2JNg471ERqz4v3NOcfxI7qzxRhzzfBvwoz",
encrypted_name_iv: "dzPBH0tiYjRs1DJ9"
When trying to decrypt these from the JVM
val keySpec = new SecretKeySpec('MyKeyHere'.getBytes, "AES")
val spec = new GCMParameterSpec(16 * 8, "xI7qzxRhzzfBvwoz".getBytes)
val cipher = Cipher.getInstance("AES/GCM/PKCS5Padding", "SunJCE")
cipher.init(Cipher.DECRYPT_MODE, keySpec, spec)
val sansAuth = encrypted_name.dropRight(16)
cipher.doFinal((encrypted_name_iv + encrypted_name).getBytes)
I'm plagued with
javax.crypto.AEADBadTagException: Tag mismatch!
Am I just approaching this entirely incorrectly (I expect I am...)? The last 16 bytes of the encrypted_name should be the tag to use with the GCMParameterSpec yes?
Any help is much appreciated!
