2

i do not understand why I always get an Exception for the following code:

public class AES {

    /*Some private vars (not shown)*/

    public AES(String secretKey, String initVector, String plainText, String cipherText, String addAuthData, String authTag) throws NoSuchAlgorithmException, NoSuchPaddingException {

        //Initialize test values
        this.cipher = Cipher.getInstance("AES/GCM/NoPadding");
        this.K = new SecretKeySpec(Dump.hexString2byteArray(secretKey), "AES");
        this.IV = Dump.hexString2byteArray(initVector);
        this.C = Dump.hexString2byteArray(cipherText);
        this.A = Dump.hexString2byteArray(addAuthData);
        this.T = Dump.hexString2byteArray(authTag);
        this.t = this.T.length*8;
        this.gcmIv = new GCMParameterSpec(t, IV);


    }
    public String testDecryption() throws InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {

        cipher.init(Cipher.DECRYPT_MODE, K, gcmIv);

        cipher.updateAAD(A);
        cipher.init(Cipher.DECRYPT_MODE, K, gcmIv);
        cipher.doFinal(C);
        return "Return later some string";

   }

Here an example how i run the code:

AES testCase4 = new AES(
            "feffe9928665731c6d6a8f9467308308", 
            "cafebabefacedbaddecaf888", 
            "d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39", 
            "42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091", 
            "feedfacedeadbeeffeedfacedeadbeefabaddad2", 
            "5bc94fbc3221a5db94fae95ae7121a47"
        );

        String TC4_p = testCase4.testDecryption();

Can someone explain this? The error comes from the line with cipher.doFinal(C);

scapiest
  • 81
  • 1
  • 7
  • Check this question here: https://stackoverflow.com/questions/53621994/android-javax-crypto-aeadbadtagexception . The exception you get seems quite popular. – Bouramas May 25 '20 at 14:00
  • Exception in thread "main" javax.crypto.AEADBadTagException: Tag mismatch! – scapiest May 25 '20 at 14:03
  • at java.base/com.sun.crypto.provider.GaloisCounterMode.decryptFinal(GaloisCounterMode.java:623) at java.base/com.sun.crypto.provider.CipherCore.finalNoPadding(CipherCore.java:1116) at java.base/com.sun.crypto.provider.CipherCore.fillOutputBuffer(CipherCore.java:1053) at java.base/com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:853) – scapiest May 25 '20 at 14:03
  • at java.base/com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:446) at java.base/javax.crypto.Cipher.doFinal(Cipher.java:2260) at com.bernhard.lab4.AES.testDecryption(AES.java:123) at com.bernhard.lab4.Exc2.main(Exc2.java:140) – scapiest May 25 '20 at 14:03

1 Answers1

1

There are 2 issues in your sourcecode. In native Java the authetication tag ("authTag") is concated with the ciphertext ("C") so your init to the class should be

this.C = Dump.hexString2byteArray(cipherText + authTag);

Secondly, in test.Decryption you initialise the cipher two times, leave out the second line

cipher.init(Cipher.DECRYPT_MODE, K, gcmIv);

This way the decryption will work correctly to

"d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39"
Michael Fehr
  • 5,827
  • 2
  • 19
  • 40