1

I am trying to use a AESKey, made on javacard 2.2.1 in a java application How i make the AESKEY:

RandomData randomData = RandomData.getInstance(RandomData.ALG_PSEUDO_RANDOM);
byte[] rnd = JCSystem.makeTransientByteArray((short)16, JCSystem.CLEAR_ON_RESET);
randomData.generateData(rnd, (short)0, (short)rnd.length);
AESKey symKey = (AESKey) KeyBuilder.buildKey (KeyBuilder.TYPE_AES, KeyBuilder.LENGTH_AES_128, false);
symKey.setKey(rnd, (short)0);

How i encrypt data:

Cipher symCipher = Cipher.getInstance(Cipher.ALG_AES_BLOCK_128_CBC_NOPAD, false);
symCipher.init(symKey, Cipher.MODE_ENCRYPT);
byte[] encryptedC= new byte[48];
symCipher.doFinal(c, (short)0, (short)c.length, encryptedC, (short)0);

After that i send rnd to my java app and try to make a key with it.

SecretKeySpec secretKeySpec = new SecretKeySpec(symKeyData, "AES");

I know that SymKeyData == rnd. I can use this SecretKey to encrypt something but when i decrypt i get an error: "Given final block not properly padded"

Cipher cipherAes = Cipher.getInstance("AES");
cipherAes.init(Cipher.DECRYPT_MODE, secretKeySpec);
byte[] decryptedBytes = cipherAes.doFinal(challengeEncrypted);

I checked and challengeEncrypted is the good length.(48) Tried it with:

Cipher cipherAes = Cipher.getInstance("AES/CBC/NoPadding");

But no succes, exception: "wrong key"

FOUND SOLUTION

byte[] ivdata = new byte[]{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
 IvParameterSpec spec = new IvParameterSpec(ivdata);
 symetricKeyFromCard = new SecretKeySpec(symKeyData, "AES");

 Cipher cipherAes = Cipher.getInstance("AES/CBC/NoPadding");
 cipherAes.init(Cipher.DECRYPT_MODE, symetricKeyFromCard, spec);
 byte[] decryptedBytes = cipherAes.doFinal(challengeEncrypted);
denBelg
  • 343
  • 1
  • 8
  • 20
  • Note: Cryptographic keys should always be created using `RandomData.ALG_SECURE_RANDOM`, never use ALG_PSEUDO_RANDOM for that! – Robert Apr 09 '13 at 08:33
  • thx for the comment, for some reason .ALG_SECURE_RANDOM always crashes. Don't know why yet, i have a few ideas. Will look later for that. This works for testing purpose. Found solution, see post. – denBelg Apr 10 '13 at 19:27
  • Note that you can answer your own question in this forum. This is better than editing the answer into the question... – Maarten Bodewes Apr 21 '13 at 10:42

2 Answers2

1

I think it's because you initiate the encryption with no pad :

Cipher symCipher = Cipher.getInstance(Cipher.ALG_AES_BLOCK_128_CBC_NOPAD, false);

Data is split and encrypted block by block. Those blocks have the same size that the key, because data that you need to encrypt is not necessarely a multiple of the key you have to specify a padding method so that the last block will be 'complete' to fit the key size.

Change the padding method to:

Cipher symCipher = Cipher.getInstance(Cipher.ALG_AES_CBC_ISO9797_M2 , false);

And let us know what happens.

Itachi
  • 21
  • 2
  • The block length of AES is always 128bit, independent of the key length. For 128 bit AES key you are right, but only for this specific case! – Robert Apr 09 '13 at 08:31
  • Thx for looking into my problem. Found a solution, see post. – denBelg Apr 10 '13 at 19:27
0

FOUND SOLUTION

byte[] ivdata = new byte[]{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
 IvParameterSpec spec = new IvParameterSpec(ivdata);
 symetricKeyFromCard = new SecretKeySpec(symKeyData, "AES");

 Cipher cipherAes = Cipher.getInstance("AES/CBC/NoPadding");
 cipherAes.init(Cipher.DECRYPT_MODE, symetricKeyFromCard, spec);
 byte[] decryptedBytes = cipherAes.doFinal(challengeEncrypted);
denBelg
  • 343
  • 1
  • 8
  • 20