Donald Duck
Reputation: 3
AES-128-GCM Tag doest not match
I'm trying to encrypt and decrypt with aes-128-gcm. But when I'm running a test I have an error :
System.Security.Cryptography.CryptographicException : The computed authentication tag did not match the input authentication tag.
I don't understand why this error appears because when I print the tag in the encrypt method and print it in the decrypt method, they are the same ? I have read that the Associated Data could change something but I didn't find something.
Here is the test
[TestCase("ABC", "ABC")]
public void TestEncrypDecrypt(string message, string expected)
{
string cle = "FnUoIZvBUzC1Q/rn5WMi7Q==";
var aes = new AESEncryption(cle);
var crypted = aes.Encrypt(message);
Assert.That(aes.Decrypt(crypted), Is.EqualTo(expected));
}
And here is my class :
public class AESEncryption : IEncryption
{
private byte[] KEY { get; set; }
private byte[] TAG { get; set; }
public AESEncryption(string key)
{
KEY = Convert.FromBase64String(key);
TAG = new byte[16];
}
public string Encrypt(string message)
{
byte[] plainText = Encoding.UTF8.GetBytes(message);
byte[] ciphertext = new byte[plainText.Length];
using (AesGcm aesGcm = new AesGcm(KEY))
{
aesGcm.Encrypt(
new byte[]{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B },
plainText,
ciphertext,
TAG);
}
return Convert.ToBase64String(ciphertext);
}
public string Decrypt(string message)
{
byte[] cipherText = Encoding.UTF8.GetBytes(message);
byte[] plainText = new byte[cipherText.Length];
using (AesGcm aesGcm = new AesGcm(KEY))
{
aesGcm.Decrypt(new byte[] { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B },
cipherText,
TAG,
plainText);
Console.WriteLine("d1 " + Convert.ToBase64String(TAG));
}
return Convert.ToBase64String(plainText);
}
}
Thanks a lot !
Upvotes: 0
Views: 6064
Answers (1)
glihm
Reputation: 1246
You have just missed the ToBase64String and Encoding.GetBytes order:
public class AESEncryption
{
private byte[] KEY { get; set; }
private byte[] TAG { get; set; }
private byte[] NONCE { get; set; }
public AESEncryption(string key)
{
KEY = Convert.FromBase64String(key);
TAG = new byte[16];
NONCE = new byte[12] { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B };
}
public string Encrypt(string message)
{
byte[] plainText = Encoding.UTF8.GetBytes(message);
byte[] ciphertext = new byte[plainText.Length];
using (AesGcm aesGcm = new AesGcm(KEY))
{
aesGcm.Encrypt(
NONCE,
plainText,
ciphertext,
TAG);
}
Debug.WriteLine("e " + Convert.ToBase64String(TAG));
return Convert.ToBase64String(ciphertext);
}
public string Decrypt(string message)
{
Debug.WriteLine("d " + Convert.ToBase64String(TAG));
// Notice here -> First get byte from the encoded base64.
byte[] cipherText = Convert.FromBase64String(message);
byte[] plainText = new byte[cipherText.Length];
using (AesGcm aesGcm = new AesGcm(KEY))
{
aesGcm.Decrypt(
NONCE,
cipherText,
TAG,
plainText);
}
// Notice here -> then get back the string from plain text.
return Encoding.UTF8.GetString(plainText);
}
}
Then,
string cle = "FnUoIZvBUzC1Q/rn5WMi7Q==";
var aes = new AESEncryption(cle);
var crypted = aes.Encrypt("Hello");
Debug.WriteLine($"DECRYPT TEST: {aes.Decrypt(crypted)}");
// Prints "Hello"
Upvotes: 1
Related Questions
- Using the AesGcm class
- AES_GCM in .net with streams
- C# BouncyCastle Mac check in GCM failed Error when used Tag as Base 64 String
- javax.crypto.AEADBadTagException: Tag mismatch for AES/GCM/No Padding encryptor/decryptor
- AES GCM implementation in c#
- Java AES GCM javax.crypto.AEADBadTagException: Tag mismatch
- System.Security.Cryptography.CryptographicException: "The parameter is incorrect" / Aes 256 Gcm Decryption
- C# AES Decryption - mac check in GCM failed
- Java AES GCM Tag mismatch
- Tag mismatch error in AES-256-GCM Decryption using Java