Skip to content
Advertisement

ValueError: MAC check failed when using PyCryptodome to decrypt data coming from NiFi

Can someone help me with this problem:

I am encrypting a JSON in NiFi with AES_GCM algorithm and using a KDF PBKDF2. The idea is to decrypt this JSON with a python script using PyCryptodome.

The following code is an attempt to see if the NiFi encrypted message can be decrypted:

JavaScript

I understand that in NiFi with NIFI_PBKDF2_AES_GCM_128 encryption the cipher text output consists of the salt (16-byte length), followed by the salt delimiter, UTF-8 string “NiFiSALT” (0x4E 69 46 69 53 41 4C 54) and then the IV, followed by the IV delimiter, UTF-8 string “NiFiIV” (0x4E 69 46 69 49 56), followed by the cipher text, followed by the autehnticaion tag (16-byte length), but when trying to run the above script using this structure, I get the following error:

JavaScript

I don’t understand why the authentication tag check fails.

Advertisement

Answer

Decryption fails for two reasons:

  • For PBKDF2 neither the iteration count nor the digest are explicitly specified, so the default values 1000 and SHA1 are used. However, the values to be applied are 160000 and SHA512 according to the documentation:

    JavaScript
  • The salt is not authenticated, i.e. the line cipher.update(salt) must be removed.

With these changes, authentication and decryption is successful and decryptedData is b'{"id": "123", "name": "Ronald"}'.


Note that for GCM the length 16 bytes is allowed for the nonce/IV, but the recommended length is 12 bytes. But maybe a change is beyond your control.

User contributions licensed under: CC BY-SA
8 People found this is helpful
Advertisement