/------------------------------------------------------------------------------------------------
/ I have completely re-written this post to make my question clearer
/------------------------------------------------------------------------------------------------
I am trying to write a test server for a client (I am only interested in the server mechanisms not client). I wasn't able to see the codes for the client, but i know client
- performs a DH exchange with server by first accepting server p, g, server public key
- after formulating it's client shared key, client returns server it's own public key for server to establish shared key.
- immediately client sends server a verification packet that is encrypted with blowfish using shared key as the blowfish key
- server has to decode this verification msg
I have set up my server to accommodate the above description, and having prior knowledge of what the decryption outcome(verification) would be, the result is not quite what i wanted. These are my codes used for DH exchange and blowfish, which part of it might have resulted in the unexpected decryption.
//getting ready key objects KeyPairGenerator kpairGen = KeyPairGenerator.getInstance("DiffieHellman"); DHParameterSpec dhparam = new DHParameterSpec(new BigInteger(P, 16), new BigInteger(G, 16)); kpairGen.initialize(dhparam); KeyPair kpair = kpairGen.generateKeyPair(); String ServerPrivateKey = ((DHPrivateKey) kpair.getPrivate()).getX().toString(16); String ServerPublicKey = ((DHPublicKey) kpair.getPublic()).getY().toString(16); //Send server p, g, public key to client ClientHandler.write( packetBuilder(P,G,ServerPublicKey) ); //obtain client public key int byteRead = ClientHandler.read(packetBuffer); String ClientPublicKey = new String( trimPacket(packetBuffer,byteRead) ); //Generate ServerClient SharedKey KeyAgreement agreement = KeyAgreement.getInstance("DiffieHellman"); agreement.init(ServerPrivateKey); agreement.doPhase(ClientPublicKey, true); SecretKey sharedKey = agreement.generateSecret("Blowfish"); //obtain client verification int byteRead = ClientHandler.read(packetBuffer); byte[] verification = trimPacket(packetBuffer,byteRead); //Decrypt the msg Cipher blowfish = Cipher.getInstance("Blowfish/CFB/NoPadding"); blowfish.init(Cipher.DECRYPT_MODE, sharedKey, DecryptIV); byte[] result = blowfish.doFinal(p); //This result does not make any sense.
Also, after obtaining the result, i have initialized the cipher to encrypt mode and encrypted the decoded msg. The before decryption verification packet is same as the post encryption verification packet; there isn't anything wrong with the way blowfish is carried out. So what's wrong with my key?