Aes gcm nopadding in php

Question

I am trying to use AES-256 bit GCM encryption, between PHP and Java. The problem is that I receive this exception on Java side on Android:

Nội dung chính Show

What is AES
How strong is AES 256 GCM?
What is GCM mode in AES?
Is AES 128 GCM secure?

Decryption Error.!
javax.crypto.AEADBadTagException: error:1e06e065:Cipher functions:aead_aes_gcm_open:BAD_DECRYPT

the code I am using: on PHP side

$algo = 'aes-256-gcm';
$iv   = random_bytes(openssl_cipher_iv_length($algo));
$key  = "secretKey12345678998765432112345"; // 256 bit 
$data = "HelloWorld";
$ciphertext = openssl_encrypt(
 $data,
 $algo,
 $key,
 OPENSSL_ZERO_PADDING,
 $iv,
 $tag
);
echo base64_encode($key);
echo base64_encode($iv);
echo $ciphertext;

and on Java, Android, I am using this code:

static final int GCM_TAG_LENGTH = 16;
...
String decryptedText = null;
    byte[] encodedData = Base64.decode(data, Base64.DEFAULT);
    byte[] decodediv = Base64.decode(iv, Base64.DEFAULT);
    byte[] decodedKey = Base64.decode(key, Base64.DEFAULT);

    Log.e("data", new String(encodedData, 0));
    Log.e("iv", new String(decodediv, 0));
    Log.e("key", new String(decodedKey, 0));
    Log.d("test", "test");

    SecretKey originalKey = new SecretKeySpec(decodedKey, 0, decodedKey.length, "AES");

    try {
        Cipher c = Cipher.getInstance("AES/GCM/NoPadding");

        c.init(Cipher.DECRYPT_MODE, originalKey , new GCMParameterSpec(GCM_TAG_LENGTH * 8,decodediv));
        byte[] decodedData = c.doFinal(encodedData);
        decryptedText = new String(decodedData, "UTF-8");
        Log.e("MainActivity", "After decryption : "+ decryptedText);
    } catch (Exception e) {
        Log.e("MainActivity", "Decryption Error.!", e);
    }
    return decryptedText;

I am using php code from this page:

zimuel.it/blog/authenticated-encrypt-with-openssl-and-php-7-‌1

I am using php v7.1.4

What could be the exception cause?

This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters

	import javax.crypto.Cipher;
	import javax.crypto.SecretKey;
	import javax.crypto.SecretKeyFactory;
	import javax.crypto.spec.GCMParameterSpec;
	import javax.crypto.spec.PBEKeySpec;
	import javax.crypto.spec.SecretKeySpec;

	public class T {
	private final static char[] hexArray = "0123456789ABCDEF".toCharArray();
	private static String bytesToHex(byte[] bytes) {
	char[] hexChars = new char[bytes.length * 2];
	for ( int j = 0; j < bytes.length; j++ ) {
	int v = bytes[j] & 0xFF;
	hexChars[j * 2] = hexArray[v >>> 4];
	hexChars[j * 2 + 1] = hexArray[v & 0x0F];
	}
	return new String(hexChars);
	}

	public static void main(String[] args) throws Exception {
	byte[] iv = new byte[]{45,45,23,65,23,76,12,121, 45,45,23,65,23,76,12,121};
	String password = "password";
	String text = "text";
	System.out.println("IV: " + bytesToHex(iv));

	PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray(), iv, 200_000, 128);
	SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
	SecretKey pbeKey = factory.generateSecret(pbeKeySpec);
	byte[] keyBytes = pbeKey.getEncoded();
	System.out.println("KEY: " + bytesToHex(keyBytes));

	SecretKey key = new SecretKeySpec(keyBytes, "AES");

	GCMParameterSpec gcmSpec = new GCMParameterSpec(128, iv);

	Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
	cipher.init(Cipher.ENCRYPT_MODE, key, gcmSpec);
	byte[] ciphertext = cipher.doFinal(text.getBytes());

	byte[] result = new byte[iv.length + ciphertext.length];
	System.arraycopy(iv, 0, result, 0, iv.length);
	System.arraycopy(ciphertext, 0, result, iv.length, ciphertext.length);

	System.out.println(bytesToHex(result));
	}
	}




	-------------------------------------------------------




	$iv = implode(array_map("chr", array(45,45,23,65,23,76,12,121,45,45,23,65,23,76,12,121)));
	$pw = "password";
	$text = "text";
	echo 'IV: ' . bin2hex($iv) . "\n";


	// ----------------

	$key = hash_pbkdf2('sha256', $pw, $iv, 200000, 16, true);
	echo 'KEY: ' . bin2hex($key) . "\n";
	$encrypted = openssl_encrypt(
	$text,
	"aes-128-gcm",
	$key,
	$options=OPENSSL_RAW_DATA\|OPENSSL_ZERO_PADDING,
	$iv,
	$tag,
	"",
	16
	);
	$result = $iv . $encrypted . $tag;

	echo strtoupper(bin2hex($result)). "\n";

What is AES

2.1 In Java, we use AES/GCM/NoPadding to represent the AES-GCM algorithm. For the encrypted output, we prefix the 16 bytes IV to the encrypted text (ciphertext), because we need the same IV for decryption.

How strong is AES 256 GCM?

AES-256 is 340 billion-billion-billion-billion times harder to brute force than AES-128. To put this into perspective, the universe is 14 billion years old. It is therefore safe to say that even at its lower bit sizes, AES is highly resistant to brute force attacks from conventional computers.

What is GCM mode in AES?

AES-GCM is a block cipher mode of operation that provides high speed of authenticated encryption and data integrity. Todays, the level of privacy protection is insufficient and make the data is been hacked easily.

Is AES 128 GCM secure?

From a cryptographic perspective, though, both AES-CBC and AES-GCM are highly secure. GCM provides authentication, removing the need for an HMAC SHA hashing function. It is also slightly faster than CBC because it uses hardware acceleration (by threading to multiple processor cores).

programming php What is AES AES/GCM/PKCS5Padding AES/GCM/PKCS5Padding Java example AES GCM example AES-GCM padding

Aes gcm nopadding in php

What is AES

How strong is AES 256 GCM?

What is GCM mode in AES?

Is AES 128 GCM secure?

Bài Viết Liên Quan

Quảng Cáo

Có thể bạn quan tâm

Toplist được quan tâm

Quảng cáo

Xem Nhiều

Quảng cáo

Chúng tôi

Điều khoản

Trợ giúp

Mạng xã hội