Encryption with Blowfish OS compatibility ?

I am creating an encrypted license file with Java on a Linux machine. On the same linux machine I can use another program which has the same pass phrase to decrpyt this file. It works well.

If I copy that file onto a windows machine and run the same program, I get a BadPaddingException :

javax.crypto.BadPaddingException: Given final block not properly padded at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)

If I create the file on the windows machine, then I can decrypt it on the Windows machine. So it works well enough. Does anybody know whats going on here ? I am moving this app into production soon and I would like a better understanding of whats going on so I can deal with problems that might crop up.

Encryptino code :


SecretKeySpec key = new SecretKeySpec(this.convertStringToByteArray("mypassword"), "Blowfish"); // Create the secret/symmetric key KeyGenerator kgen = KeyGenerator.getInstance("Blowfish"); SecretKey skey = key; byte[] raw = skey.getEncoded(); SecretKeySpec skeySpec = new SecretKeySpec(raw, "Blowfish"); // Create the cipher for encrypting Cipher cipher = Cipher.getInstance("Blowfish"); cipher.init(Cipher.ENCRYPT_MODE, skeySpec); byte[] encrypted = cipher.doFinal( contents.toString().getBytes() );


Thanks in avance

Spunog

I would bet your problem is that you are using the no-args String.getBytes() method. This is almost always incorrect but it uses the platform's default charset. This default may be different on different platforms. By using the default charset you are risking nonportable behavior.

Always specify an explicit charset. In almost all cases you should always specify the "UTF-8" charset.

Hi Greg,

Many thanks for your response.

I read my file as follows :

SecretKeySpec key = new SecretKeySpec(new String("mypassword").getBytes(), "Blowfish");
// Read the encrypted data
FileInputStream fis = new FileInputStream(logType);
byte[] buffer = new byte[(int)new File("data").length()];

byte[] temp = new byte[new Long( DATA_FILE.length()).intValue()];
int bytesRead = fis.read(temp);
byte[] data = new byte[bytesRead];
System.arraycopy(temp, 0, data, 0, bytesRead);

// Create the cipher for encrypting
Cipher cipher = Cipher.getInstance(CompetencyService.TOKEN);
cipher.init(Cipher.DECRYPT_MODE, key);

// Decrypt the data
byte[] decrypted = cipher.doFinal(data);
String[] params = convertByteArrayToString(decrypted).split(System.getProperty("line.separator"));

The only time I use the String.readBytes() is on the passkey. Is this what you mean ?

Thanks

Spunog

Are you serious? All you have to do is read what I wrote and read the code you posted.