• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

String encryption/decryption - 'block not properly padded' error

 
Kevin P Smith
Ranch Hand
Posts: 362
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have two simple methods that encrypt and decrypt Strings. Now the ENCRYPT seems to be wokring OK, but the DECRYPT is giving me the following error...

Error:


Now I have this working ages ago and have only just gone back to it because I need it for an App I'm working on, I think the problem is to do with the retrieved String that is going into the Decrypter.
Here is the code for the two methods...

Encrypter


Decrypter


Any help greatly appreciated, many thanks!

KS
 
Ulf Dittmer
Rancher
Posts: 42968
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
return new String(bytes);

This is the problem. Encrypted data is binary - it can't be converted to a String this easily. If you need a string representation of encrypted data, use something like base-64 encoding. The Apache Commons Codec library has an implementation of that.
 
Kevin P Smith
Ranch Hand
Posts: 362
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Even with this



Instead of this



I still get this


and

 
Ulf Dittmer
Rancher
Posts: 42968
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
return new String(base64.encode(bytes));

Make sure the same encoding is used for creating the string, and then later for getting the byte[] back from it.

Looking at the code more closely, it seems that you are using two different keys for encryption and decryption. That wouldn't work.
 
Henry Wong
author
Marshal
Pie
Posts: 21226
81
C++ Chrome Eclipse IDE Firefox Browser Java jQuery Linux VI Editor Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Looking at the code more closely, it seems that you are using two different keys for encryption and decryption. That wouldn't work.


Agreed. It looks like....

The encrypter generates a random key for encryption. It also doesn't save the key anywhere. This mean that it will encrypt it different everytime, and there is no way to get the key for decryption.

The decrypter also generates a random key for decryption. And unless it generates a key that happen to match the random key generated during encryption, it would not decrypt correctly.

Henry
 
Kevin P Smith
Ranch Hand
Posts: 362
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
OK, would you be able to show me a quick example of how the decrypter gets the same key as the encrypter?

 
Ulf Dittmer
Rancher
Posts: 42968
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
SecretKey implements Serializable, so you can store it any way you want.

Or, for a cross-language compatible way, SecretKey.getEncoded() gets you the byte[] that makes up the key. If you store that somewhere, you can recreate the key later using "new SecretKeySpec(byte[], String)".
 
Kevin P Smith
Ranch Hand
Posts: 362
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Just so I understand, if I was to generate a SecretKey and store it to a file so that my Decrypt class could read it later... If I was to then run the Encrypt code agai, would it not over-write the old Secretkey and therefore make any data encrypted by the first Encrypt 'lost', as it's SecretKey would now be gone?
 
Henry Wong
author
Marshal
Pie
Posts: 21226
81
C++ Chrome Eclipse IDE Firefox Browser Java jQuery Linux VI Editor Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Keith Seller wrote:Just so I understand, if I was to generate a SecretKey and store it to a file so that my Decrypt class could read it later... If I was to then run the Encrypt code agai, would it not over-write the old Secretkey and therefore make any data encrypted by the first Encrypt 'lost', as it's SecretKey would now be gone?


Well. thats up to you.... As written, you generate a new key with every encrypt, so you will need to store it in a way that the decrypt can find the matching key. Personally, I would recommend have the key generation, and storage completely separated -- and have both the encrypt and decrypt get the key from this location.

Henry
 
Kevin P Smith
Ranch Hand
Posts: 362
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Got it!

I basically have a seperate method that creates a file on the server called secretkey.dat which contains the generatedKey.

Now each time the doEncryption() and doDecryption() methods run, they check to see if this file exists. If it does they read the key from the file for the encryption, that way all my encrypted adat is using the same key and therefore decryption works!

 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic