1

I need to decrypt text data I get from SAP. The data is encrypted using co_aes256_algorithm_pem similar to this

SAP sends me a key and data encrypted and we should use this key to decrypt the data in Java. In SAP side, The IV Value (32 0's is added to padding )

Below is an example of key and encrypted data. I am trying to decrypt it in simple java program but can not initiate a key with with suitable length.

    String encryptionKey = "D5F748A3CE9C5AAAFF5C216387C92C43BC5C5BE443281D07E9128759A02FA0A2";
    
    String encryptedString = "AA68A1E527F81C7E2101910AC39B9E482AD85EB37A414492D6F647878236D5466F92B4F650BB89456A282FC01664063FE6B07FA92043F2447463C3529676C81DC050010F84D402460BBE2F031508D0B2109314DDB001D726C012DBA577F9EB5791BF43AEF87D215E5C8C9DC657A869FB509F77EAD71542EA5BC8568F4E636A2575544816AAAFE6A1DE73888A858EA879B754BB0A9DE48B6E52541A999F881AE6EB83C8C548BE5088C31556B86F9A5DABA4105031240B8599EA028C734044E5A5403B196FCA220FB8ECAB176C4F689157961C93AA96EA912558673532A9D6D5D58437137EA28653112A3DBAE35AFF2DC0C4F8A635017274CB713A0207D116E22D5D6C156AEF579FD1D36F4B64DDDB39A97FD8E6DBA4ED9DC970F4F5F2A5E0A8CBEFCE0A3750C31CE01927CBCF9713E28B186B631F331514530C8906D7BC4BEF022466715DEAC62B15DF933E79AFB4152E1472FF456B090CBD6186F288D090A96DA96D4865D6CD835B3C77151BA4F35D6F199B11DF6B1CBA4157888FAA8D1BCB24259F2EB58713826F147C8AC96697C021482F5185E7D232A23C8A0A54E483BC02D033C5FA5D50250AC30D2EBEA6A257B8E3FA441111EC0EF3CBA01FE83681EF5ED233D1D4006F55BDACD50E1A42EE65AB869E41BE6084647DC508DEF4AF4FE8D5E39E92338EAF3AF54D91FFBA1E1F1D7F5DE8893C6CEEED16563EDAE8EDD7032C11F90C698265A0E8D2145489534EE5107D226C1D1F5229FD1E83369A5A7CAABD3CDBFCC643BDD00A640C189C3D582CBE41F697EA3DBA0A33930F616E007AD0695752FABAB91EAD96639651E9E017F039DC7004A9E2FDC06A383E46F8157EFB7FC634BDD9712C9DD9A3F254FED39EB750B2D8D1C8A7A369B5EC292059E7729C1FBDF755518CB2AF8EDFD796D268A32CAD9FF804450E8A0EC17F1A895DCF4E62D0AF845F14A023AD7F9EAF70EA014B34C589B85FAE2AFBE91BB7D0A8F731FD8000FA0766339EA9E451F88AEFC9860B1408EC50D0A7E330CE5A8C39CA84717717DEBC2367A42D057509DA24B391B586934A94DBE2B354A10C4075126D4613BAADC5C9D04F1A76144DAA95BBDA55E6C64DF92C1CC37FA4DA699386EFEC3065D2562101AAAB730BD9F450E87C00282632028EE582B85CBFB4860921EAF1AED0DDE83EA5D64E004EB8DBE771A098C6D804D8B1A7DA5CFCEEF162C0597530AB62937568FB4324B2FC97F2E535FF33668FB1121135D9B7798692D0B8187C9FB0AAE76438524CCD2C4AA97FFEBE666295F4B99278BABE306AE30CDD41C377E1DA6EC65B85FCFCA1E224430C9919B755727C8E86C7CACBB08CDCD5E24ABD5B8E0208FE5A50D59388605B883D32F35A91B201D1A632F26DFA4AC5EDB223DB73974DC206BC70F16E58D0ED0616F9A15C3B4C66E0169813402AF2AA0FF9440A7A368EDEA125EE62DB630FD49183588C68B3964E8BBBA06B02D08350D85A6400F5C97F7DF42E9EB79880337E14A9C0228A502E4D834832CF93859DBD36E68F5811BFD1EAAD30F82A807ECB2C5D44D7CFAAF45497C685A1114A3EFD6FCD9A76CD8FB6CDDF3985396D358B696B59EDA7411A427C495B99289EA4E5F0F64DB60A338B97A211E73EE36D70B3594559FB292E7E5C6A29894F807C70C6324C1F22E7998C107E1D2DB9795AA7C81EA80B6AD5762B50C1925DD06C3DC7FF1B5188749DF27D16F92A79D216111E0F27EF3BEE736F0D84AABB5D874A9B607CB5DC3BC61B41E5FA9F0A8F7931D1E9333281150BF70C719AB893635DE9DDC45F916328DE54F8F3C0C0B9109F7D507FB42CEFB12B9190BB0AED218AE70597DBAB53D3F5BB1E7312D343D9A615A46FC9D0179F20389AC99C7061FA9828C665C8077996D3262A35D68A55B1B682686FF86D2F3E7683E13BB9F828403FAF56F9186448B4F25FC7A0AFB5E2B1FE57D864AD177155C9BACE2D734CEDBA8BE5DCDDA241413ABF739082C48094225CDF069BF89338F9E991A3F6457A56A71B7F941E222E3B6A25E7B1F5892E9997C0E5D6EE8CAC041B455F976901CD25D98BC29FCC347C90445E34599F59DCFAE5477E0D492BC09B263E0516D4A622BA96F78F48B59E01F0DD3CE5113966286BC0DAABD3FD9C470E4EF1A5074819B964102C3C4006A3FD3395A7492B583FCA3AC1F51C7C1E54929A9963A0F9995E7EF7C098ACF4930F1795740E605AE79BFC6CDB0541FEC7259520D0A0588A64B7CD595D5E69CAE43907BEDDFD6DDCBA26486E56313315E83500315F2EA51B67D7F45B29736EDB47A10A614304242C8C1719FE198104BD4CCA50AB78BBB4D0C05D41860BE276FA742FB4BFDA2EFBCAA4DBC2B6542ED660E5F1113B19286833C7393BF846A20E7E2D6C9D8BB9760A4A3D65F92C7FF2E337FEFB4EC7BC6EE9F3C2DF1D78936554ABE0891DF0A4EEE552043A5AC44DA8EF309DC1A9E9226E2AE81813566596F209F9AB51C7B34AEA8BB6C24981A493E399243D7C5AEFEA60287EE7E58549F0A075C8CF120F1A5DC8ABD34553FACE945081BC729E1F1864235E3407845F058FD77E2C97207BCEFA0EECB4FCFE7B78789329D0985BA25C1EEB78846F10B9565659230642734586202542819C3DD1A9B161269CA4BB7454CF0186AF6CE724A31B9F545F4886AC08A2F5EE72254644423920D2C31F20C532DE8614E270B337451C69C695E7CB76D2CFF35896843C91BAA69AE67875243B74CEA1AEA7D9F008026206FA9D2774DA36423FF24B8839A2ECE0AEE750CB339ED015D817E10C802C51F76CF56C387C63FD04632EEBA5FBAFD6166BC034DA1F5697042369D2B1A1C0E0E27D131A079B537A3271682FAA49D7E821DE1DFBA9897CC65A2E8E0AAD17579095EEFB34E3A744D747AC452FDBB36A86502BDB0E";
    
    byte[] encryptedBytes = Base64.getDecoder().decode(encryptedString);
    
    Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
    
    SecretKeySpec secKeySpec = new SecretKeySpec(encryptionKey.getBytes(), "AES");
    
    byte[] ivBytes = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
    IvParameterSpec ivParameterSpec = new IvParameterSpec(ivBytes);

    cipher.init(Cipher.DECRYPT_MODE, secKeySpec, ivParameterSpec);

    String decrypted = new String(cipher.doFinal(encryptedBytes));      
    
    System.out.println(decrypted);

I get java.security.InvalidKeyException: Invalid AES key length: 64 bytes

I checked this this but I do not have a salt. And I also checked this this link but I can not generate a key using my own encryptionKey.

Is there another solution for this? how can this be decrypted?

Sandra Rossi
  • 11,934
  • 5
  • 22
  • 48
Selim Alawwa
  • 742
  • 1
  • 8
  • 19

1 Answers1

2

I can decrypt the ciphertext if key and ciphertext are hex decoded (e.g. with hexStringToByteArray()), AES-256 is used in CBC mode with a zero vector as IV (i.e. 16 0x00 values), and no padding: AES/CBC/NoPadding. If a padding is applied, i.e. AES/CBC/PKCS5Padding, a BadPaddingException is thrown.

The decrypted plaintext begins and ends as follows:

"MANDT","MATNR","ERSDA","ERNAM","LAEDA","AENAM",...,"FS_BEV1_FS_NESTRUCCAT","FS

According to the linked website, AES/CBC/PKCS5Padding was used for encryption. However, this is not consistent with the ciphertext or only with an incomplete ciphertext (whose length (by chance?) corresponds to a integer multiple of the blocksize), where the part with the padding is missing.

The following code can be used for decryption:

String encryptionKey = "D5F748A3CE9C5AAAFF5C216387C92C43BC5C5BE443281D07E9128759A02FA0A2";      
String encryptedString = "AA68...DB0E";
    
//byte[] encryptedBytes = Base64.getDecoder().decode(encryptedString);                      
byte[] encryptedBytes = hexStringToByteArray(encryptedString);                              // hex decode ciphertext
    
//SecretKeySpec secKeySpec = new SecretKeySpec(encryptionKey.getBytes(), "AES");
SecretKeySpec secKeySpec = new SecretKeySpec(hexStringToByteArray(encryptionKey), "AES");   // hex decode key (32 bytes => AES-256)
    
byte[] ivBytes = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };                        // use a zero vector as IV
IvParameterSpec ivParameterSpec = new IvParameterSpec(ivBytes);

Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");                                    // use no padding       
cipher.init(Cipher.DECRYPT_MODE, secKeySpec, ivParameterSpec);

String decrypted = new String(cipher.doFinal(encryptedBytes));
System.out.println(decrypted);                                                              // "MANDT","MATNR",...,"FS_BEV1_FS_NESTRUCCAT","FS
Topaco
  • 40,594
  • 4
  • 35
  • 62
  • so you mean this test string is incomplete? – Selim Alawwa Aug 26 '20 at 23:56
  • 1
    Decryption with PKCS5 padding is _not_ possible since the data doesn't contain any padding at the end. If encryption was done with PKCS5, this padding would've to be present _unless_ the end of the encrypted data was lost. The other possibility is that the data was _intentionally_ encrypted without padding. Note, for encryption without padding (assuming AES/CBC), the length of the plaintext must be an integer multiple of the blocksize (16 bytes for AES), satisfied by 2048 = 128*16 bytes. For _random_ data loss, the fulfillment of the latter condition can be expected with a probability of 1/16. – Topaco Aug 27 '20 at 06:24