1

I am encrypting in ojb-c with SecKeyEncryptedData and trying to decrypt in Java with javax.Cipher and hitting a problem.

I recently moved to doing long blocks and have needed to use a symmetric encryption with the AES key encrypted with the asymmetric key pair. I am having problems decoding.

I have the iOS key kSecKeyAlgorithmRSAEncryptionPKCS1 working for asymmetric data matched with Cipher.getInstance("RSA/ECB/PKCS1Padding") in Java. This decodes the short blocks.

As I need to send longer blocks, and am trying to switch to kSecKeyAlgorithmRSAEncryptionOAEPSHA512AESGCM on iOS and it encrypts fine, but i cannot find the method to use in Cipher to decrypt it and do not understand if it needs to be done in 2 steps in the cloud in Java.

OBJ-C: SecKeyAlgorithm algorithm = kSecKeyAlgorithmRSAEncryptionOAEPSHA512AESGCM; NSData* cipherText = nil; cipherText = (NSData*)CFBridgingRelease( // ARC takes ownership
SecKeyCreateEncryptedData(self.pubKey, algorithm, (__bridge CFDataRef)data, &error)); Java: try { cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding"); cipher.init(Cipher.DECRYPT_MODE, priv); byte[] dog = decoder.decode(encString); dec = cipher.doFinal(dog); res = new String(dec);
} // handle errors

The decode obviously fails.

So my question is in 2 parts.

  1. is there a Cipher type that will do the decode needed or do i need to break out the encrypted AES key and decrypt it first?
  2. If i need to break it up, how long is that encrypted AES key part of the data block and, if you know the ciphers for that it would be fantastic.
James Brown
  • 13
  • 3

1 Answers1

0

is there a Cipher type that will do the decode needed

You may read the Cipher documentation. I believe you are looking for RSA/ECB/OAEPWithSHA-256AndMGF1Padding

I see the designation doesn't exacly match with the Obj-C name, but this is a common standard so it may worth a try

As I need to send longer blocks, and am trying to switch to kSecKeyAlgorithmRSAEncryptionOAEPSHA512AESGCM

You may try to search for "hybrid encryption". Asymmetric ciphers are VERY slow comparing to symmetric ciphers and intended to encrypt only limited amount of data.

Some implementation may encrypt longer data anyway (for each 256 bit input providing 2048 o 4096 bit output), Java will simply complain and stop

So proper encryption would be

  • encrypt data with a radom key (DEK - data encryption key) using a symmetric cipher
  • encrypt the DEK using an asymmetric public key

If the kSecKeyAlgorithmRSAEncryptionOAEPSHA512AESGCM would be not counterpart (compatible) with RSA/ECB/OAEPWithSHA-256AndMGF1Padding, you may still use the PKCS#1 1.5 padding (the old one) with this approach.

Edit: this asnwer may be useful when working with OAEP too RSA/ECB/OAEPWithSHA-256AndMGF1Padding but with MGF1 using SHA-256?

gusto2
  • 11,210
  • 2
  • 17
  • 36
  • thanks for this... i ended up using a structure that carried the AES key (encrypted via the key pair) separate from the data that was encrypted with the AES key... this worked... i may at some point fall back to a single buffer with the encrypted AES key in the first section, but the solution is working now.... I appreciate your feedback! – James Brown Apr 17 '19 at 08:38