LubaArbel
Lurker
I use AES key with this code to encrypt:
private EncryptionResult encrypt(SecretKey secretKey, String message) throws Throwable {
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
byte[] cipherText = cipher.doFinal(message.getBytes(StandardCharsets.UTF_8));
// save in an object encoded with iv
EncryptionResult result = new EncryptionResult(Base64.encodeToString(cipherText, Base64.NO_WRAP), cipher.getIV());
return result;
}
And I use this code to decrypt:
private String decrypt(SecretKey secretKey, EncryptionResult encryptionResult) throws Throwable {
byte[] salt = encryptionResult.getIV();
GCMParameterSpec gCMParameterSpec = new GCMParameterSpec(128, salt);
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
cipher.init(Cipher.DECRYPT_MODE, secretKey, gCMParameterSpec);
byte[] decodeBase64 = Base64.decode(encryptionResult.getBase64EncryptedValue(), Base64.NO_WRAP);
byte[] decryptedValue = cipher.doFinal(decodeBase64);
return new String(decryptedValue);
}
The "message" that is being encrypted is a RSA key size 2048.
It works on MOST of the popular devices, but the decryption fails on some others like Meizu (M5, M3E), Huawei (P40, Nova 5T), Samsungs (J7, A10), etc... where it crashes do to "AEADBadTagException... Caused by KeyStoreException: Signature/MAC verification failed".
If I reduce the "message" to 1024, it also works fine (although as far as I know, AES key has no size limitation for encryption).
I also tried using CipherOutputStream/CipherInputStream, but got the same result.
All looks good with Base64 encoding/decoding, tags, iv, keyStore... any other components envolved in the process.
Does anyone can shed some light why some devices do the work, while others fail?
private EncryptionResult encrypt(SecretKey secretKey, String message) throws Throwable {
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
byte[] cipherText = cipher.doFinal(message.getBytes(StandardCharsets.UTF_8));
// save in an object encoded with iv
EncryptionResult result = new EncryptionResult(Base64.encodeToString(cipherText, Base64.NO_WRAP), cipher.getIV());
return result;
}
And I use this code to decrypt:
private String decrypt(SecretKey secretKey, EncryptionResult encryptionResult) throws Throwable {
byte[] salt = encryptionResult.getIV();
GCMParameterSpec gCMParameterSpec = new GCMParameterSpec(128, salt);
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
cipher.init(Cipher.DECRYPT_MODE, secretKey, gCMParameterSpec);
byte[] decodeBase64 = Base64.decode(encryptionResult.getBase64EncryptedValue(), Base64.NO_WRAP);
byte[] decryptedValue = cipher.doFinal(decodeBase64);
return new String(decryptedValue);
}
The "message" that is being encrypted is a RSA key size 2048.
It works on MOST of the popular devices, but the decryption fails on some others like Meizu (M5, M3E), Huawei (P40, Nova 5T), Samsungs (J7, A10), etc... where it crashes do to "AEADBadTagException... Caused by KeyStoreException: Signature/MAC verification failed".
If I reduce the "message" to 1024, it also works fine (although as far as I know, AES key has no size limitation for encryption).
I also tried using CipherOutputStream/CipherInputStream, but got the same result.
All looks good with Base64 encoding/decoding, tags, iv, keyStore... any other components envolved in the process.
Does anyone can shed some light why some devices do the work, while others fail?