Python AES Decryption initialization vector & key value- size issue

Question

I am writing Python Decryption logic to decrypt the message (client-side it is encrypted using Java). Python code:

 def decrypt(self, text):        
            decode = base64.b64decode(text)
            cryptor = AES.new(InKey, MODE_CBC, InIV)
            plain_text = cryptor.decrypt(decode)
            return unpad(plain_text) 
    

I have received below key & IV values (sample values) from the client team:

InKey = "6asd6587daIs8g2qvi3rJbM9sdasd6cb2kdYC0TOy5zEgTo+8LrQn0UJZAmJCtmX......"(it is length of 684 chars) InIV = "7as76cascsagoKtID7z1nUakJqzj+Dwl9cL9Q2/zBFbs0Sg3Kw6US8yvvzbkyg2bnjGHWofIWrhMQ/Bcde...." (it is length of 684 chars)

Question: While running the above python code, getting the below error. How to convert the above IV value into 16bytes in size and also key-value length?

ValueError: Incorrect IV length (it must be 16 bytes long)

existing Decryption Java Client follows Hybrid pattern(first using RSA private key to pull two params(IV & Key)...and then AES cipher to decrypt actual message):

Pseudo code:

................................
//Step-1) Generate RSA-PrivateKey
................................
RSAPrivateKey serverPrivateKey = KeyUtils.getPrivateKey("lib", PrivKey); 
/* here PrivKey refers to .der certificate 
   and FYI- KeyUtils actually refers to a class, that generate RSA PrivateKey with below code:      
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
                KeySpec ks = new PKCS8EncodedKeySpec(privKeyBytes);
            return (RSAPrivateKey)keyFactory.generatePrivate(ks);
*/
................................
//Step-2) use RSA-PrivateKey to decrypt the message
................................
MessageEncryption encryptor = new MessageEncryption(serverPrivateKey); 
/* initializes Cipher(RSA instance) with passed RSA PrivateKey 
 this.m_asymmetricalKey = serverPrivateKey;
 this.m_asymmetricalCipher = Cipher.getInstance(this.m_asymmetricalKey.getAlgorithm());
*/

encryptor.decryptMessage(JSONresponseBody);  // invokes below mentioned method
...............
decryptMessage(JSONObject jsonMessage)
{
    .............................
    IvParameterSpec initializationVector = new IvParameterSpec(this.m_asymmetricalCipher.doFinal(StringCodec.decodeBase64(jsonMessage.getString("iv").getBytes())));     
    this.m_asymmetricalCipher.init(2, this.m_asymmetricalKey);          
    Key secretKey = new SecretKeySpec(this.m_asymmetricalCipher.doFinal(StringCodec.decodeBase64(jsonMessage.getString("key").getBytes())), "AES");
    Cipher symmetricalCipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
    symmetricalCipher.init(2, secretKey, initializationVector);
    return new String(symmetricalCipher.doFinal(StringCodec.decodeBase64(jsonMessage.getString("message").getBytes())));
    .............................   

}
..............

So at Python how to get right key-size & IV, is there way to implement similar hybrid pattern at java or does it any other approach to deal with at python ?

Thanks.

Answer 1

Your Java-side code does the following things:

1. Read the PKCS8-encoded RSA key
2. Decode the base64-encoded IV
3. Decrypt the IV using the private key (a side-note: encrypting IV makes very little sense to me)
4. Decode the base64-encoded AES key
5. Decrypt the AES key using the private key
6. Decode the base64-encoded cyphertext
7. Decrypt the ciphertext using the obtained IV and AES key

You need to re-implement each of the above steps in Python. Some are trivial, like base64-decoding. The others depend on the cryptography libraries you're using.