• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Jeanne Boyarsky
  • Tim Cooke
Sheriffs:
  • Liutauras Vilda
  • paul wheaton
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
  • Frits Walraven
Bartenders:
  • Piet Souris
  • Himai Minh

String encryption/decryption - 'block not properly padded' error

 
Ranch Hand
Posts: 362
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have two simple methods that encrypt and decrypt Strings. Now the ENCRYPT seems to be wokring OK, but the DECRYPT is giving me the following error...

Error:


Now I have this working ages ago and have only just gone back to it because I need it for an App I'm working on, I think the problem is to do with the retrieved String that is going into the Decrypter.
Here is the code for the two methods...

Encrypter


Decrypter


Any help greatly appreciated, many thanks!

KS
 
Rancher
Posts: 43027
76
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

return new String(bytes);


This is the problem. Encrypted data is binary - it can't be converted to a String this easily. If you need a string representation of encrypted data, use something like base-64 encoding. The Apache Commons Codec library has an implementation of that.
 
Kevin P Smith
Ranch Hand
Posts: 362
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Even with this



Instead of this



I still get this


and

 
Ulf Dittmer
Rancher
Posts: 43027
76
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

return new String(base64.encode(bytes));


Make sure the same encoding is used for creating the string, and then later for getting the byte[] back from it.

Looking at the code more closely, it seems that you are using two different keys for encryption and decryption. That wouldn't work.
 
author
Posts: 23919
142
jQuery Eclipse IDE Firefox Browser VI Editor C++ Chrome Java Linux Windows
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Looking at the code more closely, it seems that you are using two different keys for encryption and decryption. That wouldn't work.



Agreed. It looks like....

The encrypter generates a random key for encryption. It also doesn't save the key anywhere. This mean that it will encrypt it different everytime, and there is no way to get the key for decryption.

The decrypter also generates a random key for decryption. And unless it generates a key that happen to match the random key generated during encryption, it would not decrypt correctly.

Henry
 
Kevin P Smith
Ranch Hand
Posts: 362
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
OK, would you be able to show me a quick example of how the decrypter gets the same key as the encrypter?

 
Ulf Dittmer
Rancher
Posts: 43027
76
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
SecretKey implements Serializable, so you can store it any way you want.

Or, for a cross-language compatible way, SecretKey.getEncoded() gets you the byte[] that makes up the key. If you store that somewhere, you can recreate the key later using "new SecretKeySpec(byte[], String)".
 
Kevin P Smith
Ranch Hand
Posts: 362
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Just so I understand, if I was to generate a SecretKey and store it to a file so that my Decrypt class could read it later... If I was to then run the Encrypt code agai, would it not over-write the old Secretkey and therefore make any data encrypted by the first Encrypt 'lost', as it's SecretKey would now be gone?
 
Henry Wong
author
Posts: 23919
142
jQuery Eclipse IDE Firefox Browser VI Editor C++ Chrome Java Linux Windows
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Keith Seller wrote:Just so I understand, if I was to generate a SecretKey and store it to a file so that my Decrypt class could read it later... If I was to then run the Encrypt code agai, would it not over-write the old Secretkey and therefore make any data encrypted by the first Encrypt 'lost', as it's SecretKey would now be gone?



Well. thats up to you.... As written, you generate a new key with every encrypt, so you will need to store it in a way that the decrypt can find the matching key. Personally, I would recommend have the key generation, and storage completely separated -- and have both the encrypt and decrypt get the key from this location.

Henry
 
Kevin P Smith
Ranch Hand
Posts: 362
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Got it!

I basically have a seperate method that creates a file on the server called secretkey.dat which contains the generatedKey.

Now each time the doEncryption() and doDecryption() methods run, they check to see if this file exists. If it does they read the key from the file for the encryption, that way all my encrypted adat is using the same key and therefore decryption works!

 
no wonder he is so sad, he hasn't seen this tiny ad:
Free, earth friendly heat - from the CodeRanch trailboss
https://www.kickstarter.com/projects/paulwheaton/free-heat
reply
    Bookmark Topic Watch Topic
  • New Topic