AES 128 Encryption in Angular 4 and decryption in Java

Question

I am using a CryptoJS(AES) for encryption in Angular 4 using below code:

const key = CryptoJS.enc.Utf8.parse('7061737323313233');
const iv = CryptoJS.enc.Utf8.parse('7061737323313233');
const encrypted = CryptoJS.AES.encrypt('String to encrypt', key, {
  keySize: 16,
  iv: iv,
  mode: CryptoJS.mode.ECB,
  padding: CryptoJS.pad.Pkcs7
});
console.log('Encrypted :' + encrypted);

and below java code to decrypt using AES:

import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.Base64;

import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;

public class Encryption {

private static SecretKeySpec secretKey;
private static byte[] key;

public static void setKey(String myKey)
{
    MessageDigest sha = null;
    try {
        key = myKey.getBytes("UTF-8");
        sha = MessageDigest.getInstance("SHA-1");
        key = sha.digest(key);
        key = Arrays.copyOf(key, 16);
        secretKey = new SecretKeySpec(key, "AES");
    }
    catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    }
    catch (UnsupportedEncodingException e) {
        e.printStackTrace();
    }
}

public static String encrypt(String strToEncrypt, String secret)
{
    try
    {
        setKey(secret);
        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5PADDING");
        cipher.init(Cipher.ENCRYPT_MODE, secretKey);
        return Base64.getEncoder().encodeToString(cipher.doFinal(strToEncrypt.getBytes("UTF-8")));
    }
    catch (Exception e)
    {
        System.out.println("Error while encrypting: " + e.toString());
    }
    return null;
}

public static String decrypt(String strToDecrypt, String secret)
{
    try
    {
        setKey(secret);
        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5PADDING");
        cipher.init(Cipher.DECRYPT_MODE, secretKey);
        return new String(cipher.doFinal(Base64.getDecoder().decode(strToDecrypt)));
    }
    catch (Exception e)
    {
        System.out.println("Error while decrypting: " + e.toString());
    }
    return null;
}
 }

and

public class Test {
public static void main(String[] args) {
    final String secretKey = "7061737323313233";
    String originalString = "Response from angular";
    String decryptedString = Encryption.decrypt(originalString, secretKey);
    System.out.println(decryptedString);
}
 }

Angular and java both code works fine if i run it independently for Encryption and Decryption. but when i encrypt using angular and decrypt using java it gives error:

Error while decrypting: javax.crypto.BadPaddingException: Given final block not properly padded

Now my issues are there is a diffrence of padding in angular and java. In angular it is Pkcs7 and in java it is Pkcs5 but this link Padding says both are same then, why this error is comming. Please help me

Answer 1

My code to generate key was generating bad key in java. So i changed it to :

 Key key = new SecretKeySpec(key.getBytes("UTF-8"),"AES" );

Now its working fine

Answer 2

This is a little problematic because of the difference in Javascript and Java libraries.

Please follow the below code which worked for me and I was successfully able to encrypt the data in Java and decrypt in Java.

import java.security.Key;
import java.util.Base64;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;

public class Crypt {

    private static final String ALGO = "AES"; // Default uses ECB PKCS5Padding

    public static String encrypt(String Data, String secret) throws Exception {
        Key key = generateKey(secret);
        Cipher c = Cipher.getInstance(ALGO);
        c.init(Cipher.ENCRYPT_MODE, key);
        byte[] encVal = c.doFinal(Data.getBytes());
        String encryptedValue = Base64.getEncoder().encodeToString(encVal);
        return encryptedValue;
    }

    public static String decrypt(String strToDecrypt, String secret) {

        try {
            Key key = generateKey(secret);
            Cipher cipher = Cipher.getInstance(ALGO);
            cipher.init(Cipher.DECRYPT_MODE, key);
            return new String(cipher.doFinal(Base64.getDecoder().decode(strToDecrypt)));
        } catch (Exception e) {
            System.out.println("Error while decrypting: " + e.toString());
        }
        return null;
    }

    private static Key generateKey(String secret) throws Exception {
        byte[] decoded = Base64.getDecoder().decode(secret.getBytes());
        Key key = new SecretKeySpec(decoded, ALGO);
        return key;
    }

    public static String decodeKey(String str) {
        byte[] decoded = Base64.getDecoder().decode(str.getBytes());
        return new String(decoded);
    }

    public static String encodeKey(String str) {
        byte[] encoded = Base64.getEncoder().encode(str.getBytes());
        return new String(encoded);
    }

    public static void main(String a[]) throws Exception {
        /*
         * Secret Key must be in the form of 16 byte like,
         *
         * private static final byte[] secretKey = new byte[] { ‘m’, ‘u’, ‘s’, ‘t’, ‘b’,
         * ‘e’, ‘1’, ‘6’, ‘b’, ‘y’, ‘t’,’e’, ‘s’, ‘k’, ‘e’, ‘y’};
         *
         * below is the direct 16byte string we can use
         */
        String secretKey = "mustbe16byteskey";
        String encodedBase64Key = encodeKey(secretKey);
        System.out.println("EncodedBase64Key = " + encodedBase64Key); // This need to be share between client and server

        // To check actual key from encoded base 64 secretKey
        // String toDecodeBase64Key = decodeKey(encodedBase64Key);
        // System.out.println("toDecodeBase64Key = "+toDecodeBase64Key);
        String toEncrypt = "Please encrypt this message!";
        System.out.println("Plain text = " + toEncrypt);

        // AES Encryption based on above secretKey
        String encrStr = Crypt.encrypt(toEncrypt, encodedBase64Key);
        System.out.println("Cipher Text: Encryption of str = " + encrStr);

        // AES Decryption based on above secretKey
        String decrStr = Crypt.decrypt(encrStr, encodedBase64Key);
        System.out.println("Decryption of str = " + decrStr);
    }
}

<!DOCTYPE html>
<html>

<body>
    <h2>Java JavaScript Encryption & Decryption</h2>
    <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/crypto-js.min.js"></script>
    <script type="text/javascript">
        console.log('crypto - js’, CryptoJS);
        var encryptedBase64Key = 'bXVzdGJlMTZieXRlc2tleQ==’;
        var parsedBase64Key = CryptoJS.enc.Base64.parse(encryptedBase64Key);
        var encryptedData = null;
        {
            // Encryption process
            var plaintText = "Please encrypt this message!”;
            // console.log( "plaintText = " + plaintText );
            // this is Base64-encoded encrypted data
            encryptedData = CryptoJS.AES.encrypt(plaintText, parsedBase64Key, {
                mode: CryptoJS.mode.ECB,
                padding: CryptoJS.pad.Pkcs7
            });
            console.log("encryptedData = " + encryptedData);
        }
        {
            // Decryption process
            var encryptedCipherText = 'U2WvSc8oTur1KkrB6VGNDmA3XxJb9cC+T9RnqT4kD90=’; // or encryptedData;
            var decryptedData = CryptoJS.AES.decrypt(encryptedCipherText, parsedBase64Key, {
                mode: CryptoJS.mode.ECB,
                padding: CryptoJS.pad.Pkcs7
            });
            // console.log( "DecryptedData = " + decryptedData );
            // this is the decrypted data as a string
            var decryptedText = decryptedData.toString(CryptoJS.enc.Utf8);
            console.log("DecryptedText = " + decryptedText);
        }
    </script>
</body>

</html>