3
votes

I must generate AES key and I have RSA key pair for chat application. I must encrypt message with AES key, after that I encrypt AES key with public RSA key. After that, user decrypt AES key with RSA private key and decrypt message with given AES key. I tested my code but I get different AES key after encryption and decryption with public and private key.

I think that I have problem with Base64 encode/decode or using some key function like key.getEncodec or key.toString methods.

This is my code

public void sendMessage(User receiver, String message) throws Exception {

    //Generate AES key for encrypt message
    KeyGenerator keyGenerator=KeyGenerator.getInstance("AES");
    Integer keyBitSize=256;
    keyGenerator.init(keyBitSize);
    SecretKey simKey=keyGenerator.generateKey();
    System.out.println("AES KEY: "+simKey.getEncoded()+"\n");

    //Encrypt message
    Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
    cipher.init(Cipher.ENCRYPT_MODE, simKey);
    byte[] encMess1=cipher.doFinal(message.getBytes("UTF-8"));
    String messToWrite=Base64.getEncoder().encodeToString(encMess1);

    //Encrypt AES key
    byte[] KeyToEnc=simKey.getEncoded();
    cipher=Cipher.getInstance("RSA/ECB/PKCS1Padding");
    cipher.init(Cipher.ENCRYPT_MODE, receiver.getPub());
    cipher.update(KeyToEnc);
    byte[] AESEncWrt=cipher.doFinal();
    String aeskeyString=new String(Base64.getEncoder().encodeToString(AESEncWrt));
    System.out.println("AES ENC:"+aeskeyString+"\n");

    //Decrypt AES key
    byte[] KeyToDec=Base64.getDecoder().decode(aeskeyString.getBytes());
    cipher.init(Cipher.DECRYPT_MODE, receiver.getPriv());
    cipher.update(KeyToDec);
    byte[] decAesKey=cipher.doFinal();
    System.out.println("AES DEC: "+decAesKey+"\n");


    //Write message and AES key in file
    BufferedWriter messFile=new BufferedWriter(new FileWriter(receiver.getInbox()+"/"+getUsername()+".txt"));
    System.out.println("WRITING TO FILE:"+messToWrite+"\n");
    messFile.write(messToWrite);
    messFile.close();
    BufferedWriter aeswrite=new BufferedWriter(new FileWriter(receiver.getInbox()+"/"+getUsername()+"key.txt"));
    System.out.println("WRT KEY:"+aeskeyString+"\n");
    aeswrite.write(aeskeyString);
    aeswrite.close();

    System.out.println("-------------------------------");
}

Sorry if my code is a mess.

1

1 Answers

1
votes

When you do this:

System.out.println("AES KEY: "+simKey.getEncoded()+"\n");

You don't print the content of the key, but just a "pointer" to the byte array. When you decrypt, you end up with a new byte[] with a different "pointer".

You need to print the actual content in e.g. Hex. Java have limited support for hex printing, but something like this will give you the hex representation of the byte array:

System.out.println(new BigInteger(1, simKey.getEncoded()).toString(16)); 

Notice that there are other issues in the code - like you ignoring the byte[] returned from cipher.update(..) or the use of ECB mode with AES ..