Decryption fails for machine file from test environment

[hel-ar]

Hi, I am creating a Java client for offline validation. After I've activated a machine, I check out a machine file that includes the license, and then I decrypt it and validate it. Currently all resources I am using are in the global keygen environment, and everything works.

Now I've just started writing some tests and have set up another environment to create test resources in. The environment is shared, so that I can re-use the policies from my global environment.

The problem is that after I create a license & activate a machine in the test environment, when I checkout the machine file I get an error when I try to decrypt it. The signature itself verifies OK. All requests (create license, activate machine, check-out file) are made with the appropriate Keygen-Environment header.

Here is the code for the decryption, its (mostly) from the Java example Keygen.sh provides:

public static String decryptMachineFile(String machineFile,
			String licenseKey, String keygenPublicKey)
			throws DecryptionErrorException
	{
		JsonNode machineFileJson = decodeMachineFileToJson(machineFile);
		String encryptedData = machineFileJson.get("enc").asText();
		String encodedSignature = machineFileJson.get("sig").asText();
		String algorithm = machineFileJson.get("alg").asText();
		byte[] publicKeyBytes = Hex.decode(keygenPublicKey);

		// Verify license file algorithm
		if (!algorithm.equals("aes-256-gcm+ed25519"))
		{
			throw new DecryptionErrorException("Invalid encryption algorithm");
		}

		// Decode base64 signature and signing data to byte arrays
		byte[] signatureBytes = Base64.getDecoder().decode(encodedSignature);
		byte[] signingDataBytes = String.format("machine/%s", encryptedData)
				.getBytes();

		// Set up Ed25519 verifier
		Ed25519PublicKeyParameters verifierParams = new Ed25519PublicKeyParameters(
				publicKeyBytes, 0);
		Ed25519Signer verifier = new Ed25519Signer();

		verifier.init(false, verifierParams);
		verifier.update(signingDataBytes, 0, signingDataBytes.length);

		// Verify the signature
		boolean ok = verifier.verifySignature(signatureBytes);
		if (!ok)
			throw new DecryptionErrorException(
					"Signature of machine file is invalid!");
		try
		{
			// Parse the encrypted data
			String encodedCiphertext = encryptedData.split("\\.", 3)[0];
			String encodedIv = encryptedData.split("\\.", 3)[1];
			String encodedTag = encryptedData.split("\\.", 3)[2];

			// Decode ciphertext, IV and tag to byte arrays
			byte[] ciphertext = Base64.getDecoder().decode(
					encodedCiphertext);
			byte[] iv = Base64.getDecoder().decode(encodedIv);
			byte[] tag = Base64.getDecoder().decode(encodedTag);

			byte[] key = encodeCryptoKey(licenseKey);
			// Set up AES-256-GCM
			AEADParameters cipherParams = new AEADParameters(
					new KeyParameter(key), 128, iv, null);
			GCMBlockCipher cipher = new GCMBlockCipher(new AESEngine());

			cipher.init(false, cipherParams);

			// Concat ciphertext and authentication tag to produce cipher
			// input
			byte[] input = new byte[ciphertext.length + tag.length];

			System.arraycopy(ciphertext, 0, input, 0, ciphertext.length);
			System.arraycopy(tag, 0, input, ciphertext.length, tag.length);

			// Decrypt the ciphertext
			byte[] output = new byte[cipher.getOutputSize(input.length)];

			int len = cipher.processBytes(input, 0, input.length, output,
					0);

			// Validate authentication tag
			cipher.doFinal(output, len);

			String plaintext = new String(output);
			return plaintext;
		} catch (IllegalStateException | DataLengthException | InvalidCipherTextException | NoSuchAlgorithmException e)
		{
			throw new DecryptionErrorException(e);
		}

The call to cipher.doFinal(output, len) fails with Exception: org.bouncycastle.crypto.InvalidCipherTextException: mac check in GCM failed. Again, this only occurs with the test environment, with the global environment it works.

[ezekg]

This would mean your decryption key isn't right, i.e. you're using the wrong license key or machine fingerprint combination to decrypt the machine file. Environments change nothing about how a license/machine file is signed and encrypted.

[hel-ar]

Hi, I am definitely using the same license key for the activation, validation, and checkout. There is only one license configured currently. In fact, I am using the exact same code for the licensing logic in my tests as for the production environment. The only difference is that for the production environment I omit the Keygen-Environment header

[ezekg]

Your example is attempting to decrypt a machine file using only the license key but a machine file requires both the license key and machine fingerprint. So something's off here because this should never succeed in decrypting a machine file, only a license file:

byte[] key = encodeCryptoKey(licenseKey);

It should be:

byte[] key = encodeCryptoKey(licenseKey + machineFingerprint);

If you're still having trouble, please email the license/machine file and other info to support@keygen.sh.