Hi...again,
I'm using TripleDES (DESede) algorithm between
servlet and J2ME application to encrypt data. Servlet uses libraries on javax.crypto-package and the other one Bouncy Castle's similar. Both application has exactly same encryption keys, but servlet throws an exception "Given final block not properly padded" while trying to decrypt received data.
Debugging shows that communication works and both application can encrypt/decrypt own data, but there is something what makes this modules incompatible to decrypt data from the other module.
J2ME app:
cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new DESedeEngine()));
cipher.init(true, new KeyParameter(cryptoKey));
byte[] plainBytes = plainText.getBytes();
byte[] encryptedBytes = new byte[cipher.getOutputSize(plainBytes.length)];
int oLen = cipher.processBytes(plainBytes, 0, plainBytes.length, encryptedBytes, 0);
try{
cipher.doFinal(encryptedBytes, oLen);
}catch (CryptoException ce){
throw new Exception("ERROR:\n- Encryption error.");
}
Servlet:
// Create the cipher
DESede = Cipher.getInstance("DESede");
DESede.init(Cipher.DECRYPT_MODE, cryptoKey);
...
stringFromClient = new
String(DESede.doFinal(readBytes));
-> above throws exception "Given final block not properly padded".
I have a feeling that the block size might cause this, but how to effect/ensure the situation? Also I'm wondering why user (user of the function) have to worry about details (processBytes, doFinal, etc) of the encryption/decryption? This does not follow main principles of object oriented programming (encapsulation).
br,
Jorma