AES Encryption in Golang and Decryption in Java

Question

I have the following AES Encryption function written in Golang.

func encrypt(key []byte, text string) string {
    plaintext := []byte(text)

    block, err := aes.NewCipher(key)
    if err != nil {
        panic(err)
    }

    ciphertext := make([]byte, aes.BlockSize+len(plaintext))
    iv := ciphertext[:aes.BlockSize]
    if _, err := io.ReadFull(rand.Reader, iv); err != nil {
        panic(err)
    }

    stream := cipher.NewCFBEncrypter(block, iv)
    stream.XORKeyStream(ciphertext[aes.BlockSize:], plaintext)

    return base64.URLEncoding.EncodeToString(ciphertext)
}

I am struggling to understand the flow to decrypt the generated text using Java. Any help will be highly appreciated!

Here is the Scala code, Not sure what's the problem with it.

def decode(input:String) = {
    val keyBytes = Hex.decodeHex("someKey".toCharArray)
    val inputWithoutPadding = input.substring(0,input.size - 2)
    val inputArr:Seq[Byte] = Hex.decodeHex(inputWithoutPadding.toCharArray)

    val skSpec = new SecretKeySpec(keyBytes, "AES")
    val iv = new IvParameterSpec(inputArr.slice(0,16).toArray)
    val dataToDecrypt = inputArr.slice(16,inputArr.size)

    val cipher = Cipher.getInstance("AES/CFB/NoPadding")
    cipher.init(Cipher.DECRYPT_MODE, skSpec, iv)
    cipher.doFinal(dataToDecrypt.toArray)
}

Answer 1

Java decoder (see also online runnable demo, open and click "Execute"):

String decode(String base64Text, byte[] key) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
    byte[] inputArr = Base64.getUrlDecoder().decode(base64Text);
    SecretKeySpec skSpec = new SecretKeySpec(key, "AES");
    Cipher cipher = Cipher.getInstance("AES/CFB/NoPadding");
    int blockSize = cipher.getBlockSize();
    IvParameterSpec iv = new IvParameterSpec(Arrays.copyOf(inputArr, blockSize));
    byte[] dataToDecrypt = Arrays.copyOfRange(inputArr, blockSize, inputArr.length);
    cipher.init(Cipher.DECRYPT_MODE, skSpec, iv);
    byte[] result = cipher.doFinal(dataToDecrypt);
    return new String(result, StandardCharsets.UTF_8);
}

Kevin in comments has offered this demo of the original Go encoder, where we can see the result of:

encrypt([]byte("0123456789abcdef"), "test text 123")

is c1bpFhxn74yzHQs-vgLcW6E5yL8zJfgceEQgYl0=.

Let's see how the Java decoder above deals with that input:

String text = "c1bpFhxn74yzHQs-vgLcW6E5yL8zJfgceEQgYl0=";
byte[] key = "0123456789abcdef".getBytes();
System.out.println(decode(text, key));

Prints test text 123 ✔

---

Scala version (online runnable demo):

def decode(input:String, key:String) = {
    val cipher = Cipher.getInstance("AES/CFB/NoPadding")
    val blockSize = cipher.getBlockSize()
    val keyBytes = key.getBytes()
    val inputArr = Base64.getUrlDecoder().decode(input)
    val skSpec = new SecretKeySpec(keyBytes, "AES")
    val iv = new IvParameterSpec(inputArr.slice(0, blockSize).toArray)
    val dataToDecrypt = inputArr.slice(blockSize, inputArr.size)
    cipher.init(Cipher.DECRYPT_MODE, skSpec, iv)
    new String(cipher.doFinal(dataToDecrypt.toArray))
}

def main(args: Array[String]) {
    print(decode("c1bpFhxn74yzHQs-vgLcW6E5yL8zJfgceEQgYl0=", "0123456789abcdef"));
}

I think the only error in the Scala version is using Hex.decodeHex. You need a Base64 decoder that uses the URL-safe alphabet as described in RFC 4648, which java.util.Base64 offers (since Java 8) with its getUrlDecoder().