I am trying a ruby code convert in java but java code always gives javax.crypto.AEADBadTagException: mac check in GCM failed. I have tried different java implementation from online but all of the solutions gives the same error. Any experts can help in this regards with proper code. Here
Ruby Code:
gem 'openssl'
require 'openssl'
#iv: 151f64de7be34d15dacdaea9b33471f9 (hex)
#tag: 806bf2bbd3bf83cf1240b03e7c4d6ab1 (hex)
#data: 131b03571fc9ec47ef58e58e21fce5c10aa73a62b9e58a743bcdcc3aff1ea8ab
9964f4535b8597735f3da5f6ae63b9370625a20d633e9cf2986d4d118989124f
0ddfee956e47cb5cbc3617c520b075620b37ae4056f3a1af83351fda634dfb44
6055c75f7143a5600149db333893c0ecb0ef3944e2a64542e9a4375bf1526898
58fed8b21aded0eab0afb11190 (hex)
#key: 023aae7c450a283b23e3d7c1416ad644
# From Step 2
unwrapped_key = "\x02\x3a\xae\x7c\x45\x0a\x28\x3b\x23\xe3\xd7\xc1\x41\x6a\xd6\x44"
def decrypt_aes_gcm(key, iv, tag, data)
decrypter = OpenSSL::Cipher.new('aes-128-gcm').decrypt
decrypter.iv_len = 16
decrypter.key = key
decrypter.iv = iv
decrypter.auth_tag = tag
plaintext = decrypter.update(data) + decrypter.final
end
iv = "\x15\x1f\x64\xde\x7b\xe3\x4d\x15\xda\xcd\xae\xa9\xb3\x34\x71\xf9"
tag = "\x80\x6b\xf2\xbb\xd3\xbf\x83\xcf\x12\x40\xb0\x3e\x7c\x4d\x6a\xb1"
encrypted_data = "\x13\x1b\x03\x57\x1f\xc9\xec\x47\xef\x58\xe5\x8e\x21\xfc\xe5\xc1" +
"\x0a\xa7\x3a\x62\xb9\xe5\x8a\x74\x3b\xcd\xcc\x3a\xff\x1e\xa8\xab" +
"\x99\x64\xf4\x53\x5b\x85\x97\x73\x5f\x3d\xa5\xf6\xae\x63\xb9\x37" +
"\x06\x25\xa2\x0d\x63\x3e\x9c\xf2\x98\x6d\x4d\x11\x89\x89\x12\x4f" +
"\x0d\xdf\xee\x95\x6e\x47\xcb\x5c\xbc\x36\x17\xc5\x20\xb0\x75\x62" +
"\x0b\x37\xae\x40\x56\xf3\xa1\xaf\x83\x35\x1f\xda\x63\x4d\xfb\x44" +
"\x60\x55\xc7\x5f\x71\x43\xa5\x60\x01\x49\xdb\x33\x38\x93\xc0\xec" +
"\xb0\xef\x39\x44\xe2\xa6\x45\x42\xe9\xa4\x37\x5b\xf1\x52\x68\x98" +
"\x58\xfe\xd8\xb2\x1a\xde\xd0\xea\xb0\xaf\xb1\x11\x90"
plaintext = decrypt_aes_gcm(unwrapped_key, iv, tag, encrypted_data)
# plaintext = "\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\x13\xe3\x60\x10\x9a" +
# "\xc1\xc8\xc1\x20\xc0\x20\x35\x91\x51\x48\xde\x35\x2f\xb9" +
# "\xa8\xb2\xa0\x24\x35\x45\xa1\x24\xb3\x24\x27\x95\x8b\x0b" +
# "\x21\x90\x94\x9f\x52\x29\x25\xc0\xc5\x02\x52\x0b\x54\x0d" +
# "\xa6\x35\x18\xc1\x22\x8c\x40\x11\x79\x29\x30\xad\xc1\x24" +
# "\x25\xc6\xc5\x01\x94\xfb\x0f\x04\xfc\x40\x75\x70\xb6\x92" +
# "\x0c\x97\x14\x97\xc0\xbb\x7f\x02\xb7\xa2\x2a\x9d\x55\x3b" +
# "\x76\xe5\x9e\x7a\xf4\x72\xfb\x1b\x21\x26\x0e\x79\x20\x66" +
# "\xd4\xe2\xe0\x10\x10\x02\x9a\x29\xc1\xa8\x05\xe2\xb1\x71" +
# "\xf0\x09\x31\x49\x30\x02\x00\xd1\x69\x5a\x2d\x9d\x00\x00\x00"
My Java Code:
public static String decryptSymmetric128BitHexKeyUTF8(String ciphertext, String iv, String tag, String key) throws Exception {
String algorithm = "AES/GCM/NoPadding";
byte[] ciphertextBytes = Base64.getDecoder().decode(ciphertext);
byte[] ivBytes = Base64.getDecoder().decode(iv);
byte[] tagBytes = Base64.getDecoder().decode(tag);
byte[] keyBytes = key.getBytes("UTF-8");
// Fix: concatenate ciphertext and tag
byte[] ciphertextTagBytes = new byte[ciphertextBytes.length + tagBytes.length];
System.arraycopy(ciphertextBytes, 0, ciphertextTagBytes, 0, ciphertextBytes.length);
System.arraycopy(tagBytes, 0, ciphertextTagBytes, ciphertextBytes.length, tagBytes.length);
Cipher cipher = Cipher.getInstance(algorithm);
SecretKey secretKey = new SecretKeySpec(keyBytes, "AES");
GCMParameterSpec gcmParameterSpec = new GCMParameterSpec(128, ivBytes);
cipher.init(Cipher.DECRYPT_MODE, secretKey, gcmParameterSpec);
//boolean isAuth = cipher.getParameters().getParameterSpec(GCMParameterSpec.class).getIV() ==
System.out.println("Key "+ (cipher.getParameters().getParameterSpec(GCMParameterSpec.class).getIV() == tagBytes));
byte[] decrypted = cipher.doFinal(ciphertextTagBytes);
return new String(decrypted, "UTF-8");
}