Swift AES encryption with Java

Question

I have problem with AES GCM Encryption on Swift We have app on Java, where encryption is ok, server can read and process data, but my result server can not read We have 2 different results. At first I tried to use encryption CBC and ECB, but they told I should to use GCM. If someone understand what I doing wrong, help me

Java code:

final String airSecretKey = "Wk+Uzyyn8991w/2V5OIqiQ==";
static Cipher cipher=null;
SecretKeySpec new_key=null;
Key kateKey=null;

public void onCreate() {
    super.onCreate();
    handler = new Handler();
    if (doCryptoAes) {
        new_key = new SecretKeySpec(airSecretKey.getBytes(), "AES");
        kateKey = (Key) new SecretKeySpec(airSecretKey.getBytes(), "AES");
    }
}

void generateCliper(){
    try {
        cipher = Cipher.getInstance("AES/GCM/NoPadding");  ///", "BC
    } catch (NoSuchAlgorithmException e) {
        Log.e("AES 1", e.toString());
    } catch (NoSuchPaddingException e) {
        Log.e("AES 2", e.toString());
    } /*catch (NoSuchProviderException e) {
        Log.e("AES 3", e.toString());
    }*/
}

protected String encryptAir(String testText) {
    byte[] encodedBytes = null;
    String s_encode_result = "";
    try {
        byte[] iv = new byte[12];
        IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
        if (cipher==null){  
             generateCliper();  
        }
        cipher.init(Cipher.ENCRYPT_MODE, kateKey, ivParameterSpec); //new_key  //
        encodedBytes = cipher.doFinal(testText.getBytes());
        for (int i=0;i<encodedBytes.length; i++){
            s_encode_result+=getEncodeHex(encodedBytes[i]);//+" ";
        }

    } catch (Exception e) {
        Log.e(e.toString());
    }

    return "<BJSN>"+s_encode_result+"</BJSN>";
}

protected String decryptAir(String encodedText) {
    if (encodedText.length()<20) return "";

    byte[] encryptedTextByte = getConvAES(encodedText);
            //Base64.decode(encodedText, Base64.DEFAULT);


    byte[] iv = new byte[12];
    IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
    try {
        cipher.init(Cipher.DECRYPT_MODE, kateKey, ivParameterSpec);

    } catch (InvalidAlgorithmParameterException e) {
        e.printStackTrace();
    } catch (InvalidKeyException e) {
        e.printStackTrace();
    }

    byte[] decryptedByte = new byte[0];
    try {
        decryptedByte = cipher.doFinal(encryptedTextByte);
    } catch (BadPaddingException e) {
        Log.e("AES 1", e.toString());
    } catch (IllegalBlockSizeException e) {
        Log.e("AES 2", e.toString());
    }
    String decryptedText = new String(decryptedByte);
  //  MainActivity.toast_str="Decrypted: "+decryptedText;
    return  decryptedText;
}

byte[] getConvAES(String textAesStr) {
    int i_len = (textAesStr.length()-13)/2;
    byte[] aesNonce= new byte[i_len];
    if (textAesStr.indexOf( "<BJSN>") == 0 &&
            textAesStr.indexOf( "</BJSN>") > 0 && i_len > 0) {
        for (int i = 3; i < i_len+3; i++) {
            String s_hex = "";
            s_hex+=textAesStr.charAt(i*2);
            s_hex+=textAesStr.charAt(i*2+1);
            int i_binary=0;
            try {
                i_binary=Integer.parseInt(s_hex, 16);
                aesNonce[i-3]=(byte) i_binary;
            } catch (Exception e) {
                aesNonce[i-3]=0;
            }
        }
    }
    return aesNonce;
}

My Swift Code:

import CryptoKit
let key = SymmetricKey(size: .bits192)
let plain = "BSD AIR"

func cryptoDemoCombinedData() {

    let nonce = try! AES.GCM.Nonce(data: Data(base64Encoded: "fv1nixTVoYpSvpdA")!)
    let tag = Data(base64Encoded: "Wk+Uzyyn8991w/2V5OIqiQ==")!

    // Encrypt
    let sealedBox = try! AES.GCM.seal(plain.data(using: .utf8)!, using: key, nonce: nonce, authenticating: tag)

    // Decrypt
    let sealedBoxRestored = try! AES.GCM.SealedBox(combined: sealedBox.combined!)
    let decrypted = try! AES.GCM.open(sealedBoxRestored, using: key, authenticating: tag)

    print("Crypto Demo II\n••••••••••••••••••••••••••••••••••••••••••••••••••\n")
    print("Combined:\n\(sealedBox.combined!.base64EncodedString())\n")
    print("Cipher:\n\(sealedBox.ciphertext.base64EncodedString())\n")
    print("Nonce:\n\(nonce.withUnsafeBytes { Data(Array($0)).base64EncodedString() })\n")
    print("Tag:\n\(tag.base64EncodedString())\n")
    print("Decrypted:\n\(String(data: decrypted, encoding: .utf8)!)\n")
}

It looks like the Swift code is encrypting the data itself, not decrypting anything from the server. — OrangeDog, Nov 03 '20 at 10:43
yes, swift encrypting string "BSD AIR", cuz I have Java decryption result of this string and try to receive same result — Артем Хрещенюк, Nov 03 '20 at 10:50
You're trying to encrypt something separately twice and get the same result? Any system that relies on reusing nonces is broken. The whole point of a n**once** is that it's only ever used once. Every time you encrypt the same plaintext you must get a different ciphertext. — OrangeDog, Nov 03 '20 at 10:52
but Java result always the same Swift result always same too, but Java and swift results are different — Артем Хрещенюк, Nov 03 '20 at 10:54
Then the Java code is wrong. It looks like your IV is always zero, which may be the problem. — OrangeDog, Nov 03 '20 at 10:55
[AES GCM encryption and decryption in Java](https://stackoverflow.com/a/44118516/476716) — OrangeDog, Nov 03 '20 at 10:59
You cannot do AES-GCM without an IV. If you reuse an IV then it is completely broken. — OrangeDog, Nov 03 '20 at 11:06
Can you give us a sample output from Java code with the key used in your sample? And what happens if you try to decrypt what Java encrypted? — zaitsman, Nov 03 '20 at 11:17

OrangeDog · Accepted Answer · 2020-11-03T11:41:06.930

That is not how encryption works. Every time you encrypt the same plaintext, you MUST get a different output. With GCM this is achieved by using a unique random IV each time - a nonce (number used once).

GCM has its own requirements on IV, namely that an IV shall never be reused, and that is important.

String airSecretKey = "Wk+Uzyyn8991w/2V5OIqiQ==";  // this key is now public so you cannot use it
SecretKey key = new SecretKeySpec(Base64.getDecoder().decode(airSecretKey), "AES");

SecureRandom secureRandom = new SecureRandom();
byte[] iv = new byte[12];
secureRandom.nextBytes(iv);
AlgorithmParameters params = new GCMParameterSpec(128, iv);

Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
cipher.init(Cipher.ENCRYPT_MODE, key, params, secureRandom);

cipher.updateAAD(...);  // if used
byte[] encrypted = cipher.doFinal(plaintext);

The Swift version should perform the same operations. Java generates the tag and appends it to the ciphertext. It looks like in Swift you have to handle it manually instead.

@АртемХрещенюк You can chat [here](https://chat.stackoverflow.com/rooms/224083/conversation-between---and-orangedog) — Rob, Nov 05 '20 at 01:21

Swift AES encryption with Java

1 Answers1