I am working on a project for my Java programming class to create a password manager, and I am working on encrypting and decrypting my passwords.
I have the encryption piece working fine, but I keep getting an javax.crypto.AEADBadTagException: Tag mismatch! error.
Here is the full error:
Exception in thread "main" javax.crypto.AEADBadTagException: Tag mismatch! at java.base/com.sun.crypto.provider.GaloisCounterMode.decryptFinal(GaloisCounterMode.java:580) at java.base/com.sun.crypto.provider.CipherCore.finalNoPadding(CipherCore.java:1116) at java.base/com.sun.crypto.provider.CipherCore.fillOutputBuffer(CipherCore.java:1053) at java.base/com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:853) at java.base/com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:446) at java.base/javax.crypto.Cipher.doFinal(Cipher.java:2202) at PasswordVault.Decrypt(PasswordVault.java:89) at PasswordVault.main(PasswordVault.java:27)
I've been trying to figure out this error on my own through researching here, but I am not having much luck or understanding about what is going wrong.
This is my main class:
import java.io.UnsupportedEncodingException;
import java.security.*;
import java.util.ArrayList;
import java.util.Scanner;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import java.util.Base64;
public class PasswordVault {
private static ArrayList<Password> passwordVault;
public Scanner keyboard = new Scanner(System.in);
public String website;
public String username;
private String password;
private SecretKey key;
public static void main(String[] args) throws IllegalBlockSizeException, BadPaddingException, NoSuchAlgorithmException, NoSuchPaddingException, UnsupportedEncodingException, InvalidKeyException, NoSuchProviderException, InvalidAlgorithmParameterException {
passwordVault = new ArrayList<>();
addPassword();
System.out.println(passwordVault);
//byte [] passwordByte = passwordVault.get(0).getPassword().getBytes();
System.out.println(Decrypt(passwordVault.get(0).getPassword(),generateKey()));
}
public static void addPassword() throws NoSuchPaddingException, BadPaddingException, NoSuchAlgorithmException, IllegalBlockSizeException, UnsupportedEncodingException, InvalidKeyException, NoSuchProviderException, InvalidAlgorithmParameterException {
Scanner keyboard = new Scanner(System.in);
String website;
String username;
String password;
SecretKey key = null;
System.out.println("Please enter in the website that you would like to store a password:");
website = keyboard.nextLine();
System.out.println("Please enter your username");
username = keyboard.nextLine();
System.out.println("Please enter your password");
password = keyboard.nextLine();
key = generateKey();
savePassword(website,username,password,key);
}
private static ArrayList<Password>savePassword(String website, String username, String password, SecretKey key) throws IllegalBlockSizeException, BadPaddingException, NoSuchAlgorithmException, NoSuchPaddingException, UnsupportedEncodingException, InvalidKeyException, NoSuchProviderException, InvalidAlgorithmParameterException {
String encryptedPassword;
encryptedPassword = Encrypt(password,key);
String stringEncryptedPassword = new String(encryptedPassword);
Password savePass = new Password(website, username, stringEncryptedPassword);
passwordVault.add(savePass);
return passwordVault;
}
public static SecretKey generateKey() throws NoSuchPaddingException, NoSuchAlgorithmException {
SecureRandom random = SecureRandom.getInstanceStrong();
KeyGenerator keyGen = KeyGenerator.getInstance("AES");
keyGen.init(128, random);
SecretKey key = keyGen.generateKey();
return key;
}
private static String Encrypt(String password, SecretKey key) throws UnsupportedEncodingException, NoSuchPaddingException, NoSuchAlgorithmException, BadPaddingException, IllegalBlockSizeException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchProviderException {
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding", "SunJCE");
byte[] iv = new byte[12];
SecureRandom random = SecureRandom.getInstanceStrong();
random.nextBytes(iv);
GCMParameterSpec spec = new GCMParameterSpec(128, iv);
cipher.init(Cipher.ENCRYPT_MODE, key, spec);
byte [] bytePassword = password.getBytes("UTF-8");
byte [] encryptedPassword = cipher.doFinal(bytePassword);
/*Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
cipher.init(Cipher.ENCRYPT_MODE, key);
byte [] bytePassword = password.getBytes("UTF-8");
byte [] encryptedPassword = cipher.doFinal(bytePassword);
return Base64.getEncoder().encodeToString(encryptedPassword);*/
//return encryptedPassword;
return Base64.getEncoder().encodeToString(encryptedPassword);
}
private static String Decrypt(String password, SecretKey key) throws UnsupportedEncodingException, NoSuchPaddingException, NoSuchAlgorithmException, BadPaddingException, IllegalBlockSizeException, InvalidKeyException, NoSuchProviderException, InvalidAlgorithmParameterException {
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding", "SunJCE");
byte[] iv = new byte[12];
SecureRandom random = SecureRandom.getInstanceStrong();
random.nextBytes(iv);
GCMParameterSpec spec = new GCMParameterSpec(128, iv);
cipher.init(Cipher.DECRYPT_MODE, key, spec);
return new String(cipher.doFinal(Base64.getDecoder().decode(password)));
}
//byte [] byteDecryptPassword = cipher.doFinal(password);
// String newPassword = new String(password, "UTF-8");
//Cipher cipher = null;
//cipher = Cipher.getInstance("AES/GCM/NoPadding");
//cipher.init(Cipher.DECRYPT_MODE, key);
/*byte [] bytePassword = new byte[0];
bytePassword = password.getBytes("UTF-8");
byte [] encryptedPassword = new byte[0];
encryptedPassword = cipher.doFinal(bytePassword);*/
}
This is my Password object:
public class Password {
String website;
String login;
String password;
public Password(String website, String login, String password) {
this.website = website;
this.login = login;
this.password = password;
}
public String getWebsite() {
return website;
}
public void setWebsite(String website) {
this.website = website;
}
public String getLogin() {
return login;
}
public void setLogin(String login) {
this.login = login;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
@Override
public String toString(){
return "Website: " + website + " Login: " + login + " Password: " + password;
}
}
What I am hoping to get right now with my tests is a decrypted plain text version of the password that I enter in. Right now, I just keep getting this BadTag issue.
Any help is greatly appreciated.
Just to give you some idea on how you could program this, let's show you a new PasswordVault.
Your own new code fragment also works of course, currently sidesteps the required design for password storage; it is a generic GCM example which doesn't store the IV, doesn't have the vault and so on (which is probably a good idea to start off with if you cannot get GCM to work).
Note that the following code fragment is still not a secure vault, but it shows how to program the fault in an OO-fashion.
import static java.nio.charset.StandardCharsets.UTF_8;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Scanner;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
public class PasswordVault {
private static final int KEY_SIZE_BITS = 128;
private static final int GCM_TAG_SIZE_BITS = 128;
private static final int GCM_IV_SIZE_BYTES = 12;
private ArrayList<PasswordEntry> vaultBoxes;
private SecretKey key;
public PasswordVault() throws NoSuchAlgorithmException {
vaultBoxes = new ArrayList<>();
key = generateKey();
}
public void encryptAndStorePasswordEntry(PasswordEntry passwordEntry) throws GeneralSecurityException {
String encryptedPassword = encrypt(passwordEntry.getPassword(), key);
PasswordEntry savePass = new PasswordEntry(passwordEntry.getWebsite(), passwordEntry.getLogin(),
encryptedPassword);
vaultBoxes.add(savePass);
}
public PasswordEntry retrieveAndDecryptPasswordEntry() throws GeneralSecurityException {
// TODO think of a way to retrieve the password for a specific entry
PasswordEntry encryptedPasswordEntry = vaultBoxes.get(0);
String password = decrypt(encryptedPasswordEntry.getPassword(), key);
return new PasswordEntry(encryptedPasswordEntry.getWebsite(), encryptedPasswordEntry.getLogin(), password);
}
public static SecretKey generateKey() throws NoSuchAlgorithmException {
SecureRandom random = SecureRandom.getInstanceStrong();
KeyGenerator keyGen = KeyGenerator.getInstance("AES");
keyGen.init(KEY_SIZE_BITS, random);
return keyGen.generateKey();
}
public static String encrypt(String password, SecretKey key) throws GeneralSecurityException {
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
byte[] iv = generateRandomIV();
GCMParameterSpec spec = new GCMParameterSpec(GCM_TAG_SIZE_BITS, iv);
cipher.init(Cipher.ENCRYPT_MODE, key, spec);
byte[] bytePassword = password.getBytes(UTF_8);
byte[] ivCTAndTag = new byte[GCM_IV_SIZE_BYTES + cipher.getOutputSize(bytePassword.length)];
System.arraycopy(iv, 0, ivCTAndTag, 0, GCM_IV_SIZE_BYTES);
cipher.doFinal(bytePassword, 0, bytePassword.length, ivCTAndTag, GCM_IV_SIZE_BYTES);
return Base64.getEncoder().encodeToString(ivCTAndTag);
}
private static byte[] generateRandomIV() {
byte[] iv = new byte[GCM_IV_SIZE_BYTES];
SecureRandom random = new SecureRandom();
random.nextBytes(iv);
return iv;
}
public static String decrypt(String encryptedPassword, SecretKey key) throws GeneralSecurityException {
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
byte[] ivAndCTWithTag = Base64.getDecoder().decode(encryptedPassword);
GCMParameterSpec spec = new GCMParameterSpec(GCM_TAG_SIZE_BITS, ivAndCTWithTag, 0, GCM_IV_SIZE_BYTES);
cipher.init(Cipher.DECRYPT_MODE, key, spec);
byte[] plaintext = cipher.doFinal(ivAndCTWithTag, GCM_IV_SIZE_BYTES, ivAndCTWithTag.length - GCM_IV_SIZE_BYTES);
return new String(plaintext, UTF_8);
}
public static void main(String[] args) throws Exception {
PasswordVault vault = new PasswordVault();
PasswordEntry passwordEntry = readPlainPasswordEntry();
vault.encryptAndStorePasswordEntry(passwordEntry);
System.out.println(vault.vaultBoxes);
PasswordEntry decryptedPasswordEntry = vault.retrieveAndDecryptPasswordEntry();
System.out.println(decryptedPasswordEntry);
}
public static PasswordEntry readPlainPasswordEntry() {
try (Scanner keyboard = new Scanner(System.in)) {
System.out.println("Please enter in the website that you would like to store a password:");
String website = keyboard.nextLine();
System.out.println("Please enter your username");
String login = keyboard.nextLine();
System.out.println("Please enter your password");
String password = keyboard.nextLine();
return new PasswordEntry(website, login, password);
}
}
}
As you will see, I've renamed quite a lot of variables as well and introduced multiple constants. I've made the vault one object with state, which consists of the key and the secure entries.
Of course, in the end you want to serialize the vault to store the encrypted values without the key, which must be stored / retrieved / derived from somewhere else. You don't want to mix retrieving the password and storing the password entries (which I've renamed, because a website and login is not part of a password).
I've also simplified the exception handling and String handling (if you ever perform new String(string) then you might be surprised that it consists of return string; internally). To handle crypto exceptions well, take a look at this answer of mine.
OK, hopefully this helps you along. Good luck with the rest of it.