0

Hello everyone i have string encrypted in PHP by openssl_encrypt with algorithm 'aes-256-cbc'

Key: C4E30455853D4949A8E91B2C366BE9DE

Vector: 5686044872102713

Encrypted string: ak9YSTd6RXU5TENocUxQUGxieVhpZ3VqSlFiQUdndGZrbVJvbEliTGZjZz0=

And here is my Java function for decrypt:

public static String Decrypt_AES_FromBase64(String AEncryptedText, String AKey32Bytes, String AVectorNum16Bytes) {
        try { 
            byte[] vEncryptedBytes = Base64.getDecoder().decode(AEncryptedText);

            Key SecretKey = new SecretKeySpec(AKey32Bytes.getBytes(), "AES");
            IvParameterSpec vSpec = new IvParameterSpec(AVectorNum16Bytes.getBytes());

            Cipher vCipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            vCipher.init(Cipher.DECRYPT_MODE, SecretKey, vSpec);

            return new String(vCipher.doFinal(vEncryptedBytes));
        } catch (Exception e) {
                Common.mContext.getLogger().log(e.toString());
            return "";
        }
    }

When i try to decrypt i have error:

javax.crypto.IllegalBlockSizeException: Input length must be multiple of 16 when decrypting with padded cipher

Can somebody tell what the wrong?

Yevhen
  • 791
  • 9
  • 24
  • Not the highlighted problem but AKey32Bytes.getBytes() converts the characters into their character codes but you probably want to convert if from hexadecimal digits to binary: [In Java, how do I convert a hex string to a byte?](https://stackoverflow.com/questions/8890174/in-java-how-do-i-convert-a-hex-string-to-a-byte[\]) There is some ambiguity about what to do with 5686044872102713. – Alex K. Dec 05 '17 at 15:18
  • I have changed to IvParameterSpec vSpec = new IvParameterSpec(DatatypeConverter.parseHexBinary(AVectorNum16Bytes)); And now i have new error: "Wrong IV length: must be 16 bytes long" – Yevhen Dec 05 '17 at 15:28
  • 2
    The encrypted string is double Base64 encoded, there is no reason for that. – zaph Dec 05 '17 at 15:39
  • Probably the IV is not hex (there are no a-f characters) and an AES IV must be 16-bytes. An IV should instead be random bytes per encryption, just prefix the encrypted data with the IV for use in decryption, it does not need to be secret. – zaph Dec 05 '17 at 15:40

1 Answers1

2

The encrypted string AKey32Bytes is double Base64 encoded.

Instead of AKey32Bytes.getBytes() you need to double Base64 decode the encrypted data to binary.

Encrypted string:
ak9YSTd6RXU5TENocUxQUGxieVhpZ3VqSlFiQUdndGZrbVJvbEliTGZjZz0=

After one Base64 decode:
jOXI7zEu9LChqLPPlbyXigujJQbAGgtfkmRolIbLfcg=

After a second Base64 decode (displayed in hex because it is not binary):
8CE5C8EF312EF4B0A1A8B3CF95BC978A0BA32506C01A0B5F9264689486CB7DC8

That is what needs to be provided to the decryption function.

The decrypted result is:
(in hex) 257531362A2179704B40577255516272
(in ASCII): "%u16*!ypK@WrUQbr" (all valid ASCII characters)

Note: there is a full block of PKCS#7 padding (in hex): 10101010101010101010101010101010

As much as it pains me to say this, from the correct padding I can assume the decryption was successful.

See Cryptomathic AES CALCULATOR

zaph
  • 111,848
  • 21
  • 189
  • 228