CODEWITHSUNDEEP
javaandroidunit-testingencryption
sergey136
sergey136

Reputation: 63

AES encryption testing (android)

I have developed an encryption program for android which is using a symmetric key to both encrypt and decrypt the data (AES algorithm). So I have been asked to verify that not only a reverse engineering is working correctly but also that only one key could be used to decrypt the data. One of the tests which I found is called The Known Answer Tests. So using provided encryption key and a test vector it is possible to compare the result.

AES Test Vectors: http://www.inconteam.com/software-development/41-encryption/55-aes-test-vectors

However, the problem is that provided key and provided data are in the HEX format.

So first of all I used provided key and created a string from it which did not work:

byte[] convertedKeyToByte = providedKey.getEncoded();
SecretKeySpec skeySpec = new SecretKeySpec(convertedKeyToByte , 0, convertedKeyToByte .length,
            AESalgorithm);

After that I converted the string to the hex using special method which also did not work due to hex was converted to hex. In general first method should work but it does not.

Please do not yell at me if I am completely wrong because I have not done encryption before.

How is it possible to prove that AES algorithm is working as well as only one key could be used to encrypt and decrypt the data?

Upvotes: 2

Views: 1591

Answers (1)

Duncan Jones
Duncan Jones

Reputation: 69389

You can test your vectors with code such as the following:

private static boolean testVector(String algorithm, String key, String iv,
        String vector, String ciphertext) throws GeneralSecurityException {

    Cipher c = Cipher.getInstance(algorithm);
    SecretKey k = new SecretKeySpec(DatatypeConverter.parseHexBinary(key),
            "AES");

    if (iv == null) {
        c.init(Cipher.ENCRYPT_MODE, k);
    } else {
        c.init(Cipher.ENCRYPT_MODE, k, new IvParameterSpec(
                DatatypeConverter.parseHexBinary(iv)));
    }

    byte[] result = c.doFinal(DatatypeConverter.parseHexBinary(vector));
    return Arrays.equals(result,
            DatatypeConverter.parseHexBinary(ciphertext));
}

Example invocation:

public static void main(String[] args) throws Exception {
    System.out.println(testVector("AES/ECB/NoPadding",
            "2b7e151628aed2a6abf7158809cf4f3c", null,
            "6bc1bee22e409f96e93d7e117393172a",
            "3ad77bb40d7a3660a89ecaf32466ef97"));
}

Your other questions, related to the ability to decrypt and the guarantee that only one key works are theoretical matters. You'll need to refer to the proofs of correctness for AES (don't have a link, sorry).

Upvotes: 1

Related Questions