CODEWITHSUNDEEP
javapythonencryptionaes
Martol1ni
Martol1ni

Reputation: 4702

AES Java to Python

This is an AES encryption code I've gotten from a Java source. This bugs me, as the Cipher itself doesn't use any initial vector in it's initialization - thus I can't seem to to the same thing in Python. Can anyone with a Java background help me understand what this actually does?

byte key[] = {0x13, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, (byte) 0xB4, 0x00, 0x00, 0x00, 0x1B, 0x00, 0x00, 0x00, 0x0F, 0x00, 0x00, 0x00, 0x33, 0x00, 0x00, 0x00, 0x52, 0x00, 0x00, 0x00};
SecretKeySpec skeySpec = new SecretKeySpec(key, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] myIv = {70, 114, 122, 82, 70, 114, 122, 82, 70, 114, 122, 82, 70, 114, 122, 82}
byte[] newIv = cipher.doFinal(myIv);

Upvotes: 1

Views: 1363

Answers (2)

Maarten Bodewes
Maarten Bodewes

Reputation: 93968

The code uses "AES" as algorithm string, which (indeed) resolves to "AES/ECB/PKCS5Padding". It seems you can use AES.MODE_ECB in python using PyCrypto, so it should be no problem replicating that. You may have to implement PKCS#7 padding/unpadding yourself though (or use one of the many examples on the internet). You would not need any IV because ECB doesn't use an IV.

As why a static key is used and why a static IV is being encrypted (with padding) is unknown to me. That can only be clarified by the author of the code. It certainly does not follow best practice.

Upvotes: 1

Artjom B.
Artjom B.

Reputation: 61892

Java has providers which implement some schemes. A scheme is chosen from a string, in your case Cipher.getInstance("AES"). Since it is not possible to run plain AES in Java, it selects some defaults to make it a complete scheme.

It is necessary to determine the mode of operation and optionally the padding mode. Most providers in Java default to "AES/ECB/PKCS5Padding" when they see "AES".

Now for byte[] newIv = cipher.doFinal(myIv). This line encrypts the plaintext (myIv) with AES in ECB mode and applies PKCS#7 padding. ECB mode doesn't use an IV, so this is bad variable naming, because myIv is not an IV for the encryption.

This is a post that shows how padding and unpadding can be done.

Upvotes: 2

Related Questions