java - Netty StreamCorruptedException After Keyexchange

Question

I am trying to build an encrypted Netty connection using AES. RSA is helping me to transmit the AES key and the iv.

Server and client have the same key and iv after the exchange. I am creating ciphers to actually de- and encrypt stuff with it. When I am running the server on my pc in eclipse with the Cp1252 encoding it's working fine. As soon as I change the encoding to UTF-8 (encoding my client is written in) or run the server on my Linux system its not working anymore.

I saw that i can get the iv from the cipher with cipher.getIV(); unfortunately they're not the same so that might be the problem.

Exception (client)

Server output

As you can see the AES key and IV are the same.

This is how I'm generating the Cipher

public static Cipher generateCipher(byte[] secret, int mode, byte[] iv) {
        KeySpec spec = new PBEKeySpec(new String(secret).toCharArray(), iv, 65536, 128);
        try {
            byte[] key = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(spec).getEncoded();
            SecretKeySpec secretKey = new SecretKeySpec(key, "AES");

            Cipher cipher = Cipher.getInstance("AES/CFB8/NoPadding");
            IvParameterSpec parameterSpec = new IvParameterSpec(secretKey.getEncoded());

            cipher.init(mode, secretKey, parameterSpec);
            return cipher;

        } catch (Exception e) {
            e.printStackTrace();
        }

        return null;
    }

This is how I print the Strings

byte[] aesKey = CryptionUtils.decryptRSA(packet.getKey(), rsaKeys.getPrivate());
byte[] iv = CryptionUtils.decryptRSA(packet.getIv(), rsaKeys.getPrivate());

if (iv.length != 12 || aesKey.length != 16) {
        server.sendPacket(ip, new KickPacket(EnumKickPacket.INVALID_AES_INFO.ordinal()));
        server.disconnectClient(ip, EnumKickPacket.INVALID_AES_INFO.name());
}

Cipher decryptCipher = CryptionUtils.generateCipher(aesKey, Cipher.DECRYPT_MODE, iv);
Cipher encryptCipher = CryptionUtils.generateCipher(aesKey, Cipher.ENCRYPT_MODE, iv);

System.out.println("IV: " + Base64.getEncoder().encodeToString(iv));
System.out.println("AESKey: " + Base64.getEncoder().encodeToString(aesKey));
System.out.println("DecryptCipher: " + Base64.getEncoder().encodeToString(decryptCipher.getIV()));
System.out.println("EncryptCipher: " + Base64.getEncoder().encodeToString(encryptCipher.getIV()));

question from:https://stackoverflow.com/questions/65602215/netty-streamcorruptedexception-after-keyexchange

Answer 1

new String(secret, Charset.forName("UTF-8") Fixed the issue.