Home.... | log in.... | Pub my question! | Sign-up....
Java-index >> Security >> Cryptography

javax.crypto.BadPaddingException: Given final block not properly padded

Folks:

I am getting the error (subject line) - when I try to decrypt on Solaris 10 OS. It works fine on Windows 2003 and Linux and also on Solaris 9.0. Any clues about this.

The stack trace is:

javax.crypto.BadPaddingException: Given final block not properly padded

at com.sun.crypto.provider.SunJCE_h.b(DashoA12275)

at com.sun.crypto.provider.SunJCE_h.b(DashoA12275)

at com.sun.crypto.provider.BlowfishCipher.engineDoFinal(DashoA12275)

at javax.crypto.Cipher.doFinal(DashoA12275)

at com.powerup.configmgr.util.commandline.credentials.CryptoHelper.decrypt(CryptoHelper.java:123)

The line number 123 is the line below correspoinding to doFinal method call.

publicstaticsynchronizedbyte[] decrypt(byte[] input)

throws Exception

{

byte[] ret =null;

//System.out.println("ENCRYPTED INPUT= "+input);

Cipher c = getCipher();

c.init(Cipher.DECRYPT_MODE,getSecretKey(),getSalt());

if(input !=null)

ret = c.doFinal(input);

else

ret =newbyte[0];

//System.out.println("DECRYPTED INPUT="+ret);

return ret;

}

[1740 byte] By [veejnasa] at [2007-10-3 5:16:33]
«« How to copy a text file into an string array?
»» VolatileImage
# 1

Possiblilities

1) You converted the encrypted data to a String using something like

String encryptedAsString = new String(encryptedAsByte);

which , depending on the default chaaracter encoding, may not be reversible.

2) Your decryption key is not the key used to encrypt.

3) Your decryption IV is not the IV used to encrypt.

I bet it is number 1!

sabre150a at 2007-7-14 23:23:12 > top of Java-index,Security,Cryptography...
# 2

Thanks for your input...

It is none of the the above. I debugged all day to find that - Cust1-RW get different set of encrypted bytes on Solaris 10 - that cannot be decrypted ever. The same string - encryption works good on Linux and Windows.

The character hyphen is throwing it off...

Here are the byte arrays:

Linux: Input Bytes:67, 117, 115, 116, 49, 45, 82, 87 --> Encrypted Byte Array: 47, 119, 105, -95, 119, 41, -22, -47, 109, -13, 60, 7, -103, -23, 124, 31

Solaris: Input Bytes: 67, 117, 115, 116, 49, 45, 82, 87 --> Encrypted Byte Array: 47, 119, 105, -95, 119, 41, -22, -47, 99,34, -104, 93, 66, 71, -91, 63

Thanks for your help in advance

- Sanjeev

veejnasa at 2007-7-14 23:23:12 > top of Java-index,Security,Cryptography...
# 3
What is your key and IV?
sabre150a at 2007-7-14 23:23:12 > top of Java-index,Security,Cryptography...
# 4

Here is my class - that does the encrypt and decrypt - I have KEY and SALT - defined.

/*

import java.io.ByteArrayInputStream;

import java.io.ByteArrayOutputStream;

import java.io.File;

import java.io.FileInputStream;

import java.io.FileOutputStream;

import java.security.NoSuchAlgorithmException;

import javax.crypto.Cipher;

import javax.crypto.CipherInputStream;

import javax.crypto.CipherOutputStream;

import javax.crypto.NoSuchPaddingException;

import javax.crypto.spec.IvParameterSpec;

import javax.crypto.spec.SecretKeySpec;

public class CryptoHelper {

public final static int BASE64 = 0;

private final static byte[] KEY = { (byte)164, (byte)208, (byte)200, (byte)118,

(byte)112, (byte)181, (byte)82, (byte)74,

(byte)30, (byte)179, (byte)9, (byte)125,

(byte)95, (byte)97, (byte)51, (byte)226};

private final static byte[] SALT = {(byte)129, (byte)187, (byte)151, (byte)73,

(byte)225, (byte)239, (byte)49, (byte)24};

private final static String CIPHER= "Blowfish/CBC/PKCS5Padding";

private final static String SECRET_KEY= "Blowfish";

private static Cipher cipher;

private static IvParameterSpec salt;

private static SecretKeySpec secretKey;

private static Cipher getCipher() throws NoSuchAlgorithmException, NoSuchPaddingException{

if( cipher == null ){

cipher = Cipher.getInstance(CIPHER);

}

return cipher;

}

private static SecretKeySpec getSecretKey() throws NoSuchAlgorithmException{

if( secretKey == null ){

secretKey = new SecretKeySpec(KEY, SECRET_KEY);

}

return secretKey;

}

private static IvParameterSpec getSalt() throws NoSuchPaddingException{

if( salt == null ){

salt = new IvParameterSpec(SALT);

}

return salt;

}

public static synchronized void writeEncrypted(File file, String value)

throws Exception

{

Cipher c = getCipher();

c.init(Cipher.ENCRYPT_MODE,getSecretKey(),getSalt());

FileOutputStream fos = new FileOutputStream( file );

try{

CipherOutputStream cos = new CipherOutputStream(fos,c);

try{

ByteArrayInputStream bais = new ByteArrayInputStream( value.getBytes() );

byte[] buf = new byte[8];

int len = bais.read(buf);

while(len > 0){

cos.write(buf,0,len);

len = bais.read(buf);

}

}finally{

cos.close();

}

}finally{

fos.close();

}

}

public static synchronized byte[] encrypt(byte[] input)

throws Exception

{

Cipher c = getCipher();

c.init(Cipher.ENCRYPT_MODE,getSecretKey(),getSalt());

return c.doFinal(input);

}

public static synchronized byte[] decrypt(byte[] input)

throws Exception

{

Cipher c = getCipher();

c.init(Cipher.DECRYPT_MODE,getSecretKey(),getSalt());

return c.doFinal(input);

}

public static synchronized String readEncrypted(File file)

throws Exception

{

String returnVal = null;

Cipher c = getCipher();

c.init(Cipher.DECRYPT_MODE,getSecretKey(),getSalt());

FileInputStream fis = new FileInputStream(file);

try{

CipherInputStream cis = new CipherInputStream(fis,c);

try{

ByteArrayOutputStream baos = new ByteArrayOutputStream();

byte[] buf = new byte[8];

int len = cis.read(buf);

while(len > 0){

baos.write(buf,0,len);

len = cis.read(buf);

}

returnVal = baos.toString();

}finally{

cis.close();

}

}finally{

fis.close();

}

return returnVal;

}

}

veejnasa at 2007-7-14 23:23:12 > top of Java-index,Security,Cryptography...
# 5
My new find is that if I remove the hyphen and make the string Cust1-RW to Cust1RW - it works - so it is the hyphen that is making encrypt in Solaris to behave different.- Sanjeev
veejnasa at 2007-7-14 23:23:12 > top of Java-index,Security,Cryptography...
# 6
I can see nothing obviously wrong and, using Linux FC5, I get the same result that you do. In order to help in diagnosign the problem, I can only suggest that you try it using DES or AES to see if you get the same problem.
sabre150a at 2007-7-14 23:23:12 > top of Java-index,Security,Cryptography...
# 7
!!!!!!! How are you converting the String to bytes? You should force character set used so that it is the same on all platforms. The safest is "utf-8".
sabre150a at 2007-7-14 23:23:12 > top of Java-index,Security,Cryptography...
# 8
I am doing "Cust1-RW".getBytes(). I am using the default encoding...is that what you are hinting?- Sanjeev
veejnasa at 2007-7-14 23:23:12 > top of Java-index,Security,Cryptography...
# 9
Also if I have to set the character set - how do I do that?
veejnasa at 2007-7-14 23:23:12 > top of Java-index,Security,Cryptography...
# 10

> I am doing "Cust1-RW".getBytes(). I am using the

> default encoding...is that what you are hinting?

> - Sanjeev

This is almost certainly the cause of your problem since it uses the default platform character encoding which is probably different on each platform. Try using

"Cust1-RW".getBytes("utf-8").

sabre150a at 2007-7-14 23:23:12 > top of Java-index,Security,Cryptography...
# 11
I dont think it is the encoding - because the getBytes() returned the exact same byteArray in both the OS...67, 117, 115, 116, 49, 45, 82, 87 for Cust1-RW.- Sanjeev
veejnasa at 2007-7-14 23:23:12 > top of Java-index,Security,Cryptography...
# 12
> I dont think it is the encoding - because the> getBytes() returned the exact same byteArray in both> the OS...67, 117, 115, 116, 49, 45, 82, 87 for> Cust1-RW.> - SanjeevHave you tried it?
sabre150a at 2007-7-14 23:23:12 > top of Java-index,Security,Cryptography...
# 13
I am trying the getBytes("utf-8") - thank you for your patience...will let you know in 5 min.- Sanjeev
veejnasa at 2007-7-14 23:23:12 > top of Java-index,Security,Cryptography...
# 14

setting utf-8 does not make any difference - This is not about encoding - this is about error in encrypting. I know C Solaris 10 has changed they way things work in encryption -http://www.onjava.com/pub/a/onjava/2004/07/07/javavsdotnet.html

I am clue less at this point..

Thaks in advance.

- Sanjeev

veejnasa at 2007-7-14 23:23:12 > top of Java-index,Security,Cryptography...
# 15
> I am clue less at this point..That makes two of us. Sorry I could not help.
sabre150a at 2007-7-21 10:57:08 > top of Java-index,Security,Cryptography...
Security
Cryptography

Security New Topic

Security Hot Topic

Security

All Classified