My application accesses an electronic token to decrypt the response coming from the server
The session key from the server is encrypted using: -
RSA / ECB / OAEPWITHSHA-256ANDMGF1PADDING
I am using the SunPKCS11 provider to implement access to crypto tokens. Whenever I try to decrypt this using the above mechanism, i.e. with RSA / ECB / OAEPWITHSHA-256ANDMGF1PADDING , I get: -
**javax.crypto.BadPaddingException: doFinal() failed
at sun.security.pkcs11.P11RSACipher.implDoFinal(P11RSACipher.java:328)
at sun.security.pkcs11.P11RSACipher.engineDoFinal(P11RSACipher.java:353)
at javax.crypto.Cipher.doFinal(DashoA13*..)
Below is my code: -
private static final String TRANSFORMATION = "RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING";
private static final String SECURITY_PROVIDER = "BC";
private static final String DIGEST_ALGORITHM = "SHA-256";
private static final String MASKING_FUNCTION = "MGF1";
The code fragment in which the error occurs looks as follows: -
private byte[] decryptSecretKeyData(byte[] encryptedSecretKey, byte[] iv, PrivateKey privateKey) throws Exception {
try {
Cipher rsaCipher = Cipher.getInstance(TRANSFORMATION, SECURITY_PROVIDER);
System.out.println("Cipher block initialized"); - **Printed**
PSource pSrc = (new PSource.PSpecified(iv));
System.out.println("PSource inisitialized"); - **Printed**
rsaCipher.init(Cipher.DECRYPT_MODE, privateKey,
new OAEPParameterSpec(DIGEST_ALGORITHM, MASKING_FUNCTION,
MGF1ParameterSpec.SHA256, pSrc));
System.out.println("Here after cipher initilaization"); - **Not Printed***
return rsaCipher.doFinal(encryptedSecretKey);
} catch (GeneralSecurityException e) {
System.out.println("GeneralSecurityException is "+e.getMessage());
throw new Exception("Failed to decrypt AES secret key using RSA.", e);
}
}
I am stuck here and could not decrypt the OAEP transformation.