• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

BadPaddingException with DES

 
Greenhorn
Posts: 13
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi!
I have an exception when I am decrypting a SealedObject:
javax.crypto.BadPaddingException: Given final block not properly padded
I encrypt my SealedObject using a DES key. This key is saved as a variable and passed to the decryption method and used to decrypt the SealedObject. This is the code for it

I'd appreciate ann help,
Thanks,
B
 
Ranch Hand
Posts: 127
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am facing the same problem. Do you have any solution. If yes, can you please post it. Thanks in advance..

Regards,
Bhiku
 
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Resurrecting this topic again. Has anyone determined a cause or a solution to this?

Thanks,
Abe
 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
It sounds like the last block of data does not have the necessary length. Encryption algorithms frequently can not encrypt data chunks of arbitrary size, but need a fixed size. So the last block of data needs to be padded in order to reach that size.
 
Greenhorn
Posts: 9
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
My 2 cents, just faced similar problem.

Make sure you store your generated keys and encrypted passwords as byte[] (byte array) and NOT in Strings.

http://archives.java.sun.com/cgi-bin/wa?A2=ind0111&L=java-security&F=&S=&P=7565

"One common mistakes that people made is to put the encrypted bytes inside a
string and upon decryption they use String.getBytes() to retrieve it.
Since String does its own character encoding, the byte[] that you used to
construct the String object and the byte[] that you get from its getBytes()
are not necessarily equal."

If you REALLY need a String to store, you can convert the byte array to hexadecimal then back to the byte array when you need to decrypt, just don't use a .getBytes() to get your byte array back from the hex, write a hex to byte array conversion function.

Hope this helps!
 
Ranch Hand
Posts: 65
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Treating ciphertext as a String is definitely a prime cause of "BadPaddingException". The other main contender is using the wrong key, or the right key that has itself been subjected to the tango.

Note that different encodings will certainly cause you grief - but many standard encodings don't provide characters for every possible byte-combination. In that case, staying in the same encoding will still trash your ciphertext/key.

The moral? When you live in cipher-land, there are only bytes; all else is fiction. Strings are evil - eeeeviiiiiiilll, I tell you!

More generally, consider that a cipher is essentially an execution of an algorithm on a stream of bits (the cipher/plaintext) in the context of a second stream of bits (the key), resulting in a stream of bits. There's very little the Cipher "knows" about the result; the padding blocks are the only thing the Cipher really has control over. Using the wrong key, or trashing your key or ciphertext, or using the wrong mode or padding-scheme, all can/will end up throwing BPE, because that's one of the few errors a Cipher can really be cognizant of.

Good luck,
Grant

[Edited to fix the code-sample slightly, and to note "Holy Thread Necromancy, Batman!" Didn't see how old the original post was...]
[ January 09, 2006: Message edited by: Grant Gainey ]
 
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I think I am experiencing this problem when encrypting with 256 bit AES encryption. I think I have corrected the problem and I'm ready to test. However, I don't have a string that reliably fails decryption so I can't be certain my fix truly works. I'm looking for a test case that will fail in my old algorithm. Anyone know how I can find or generate a string that will fail?
 
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Regarding the earlier comment 'create your own byte array conversion function', I thought I'd share a solution I found in the hopes of saving others some time and trouble.
You case use BASE64Encoder and BASE64Decoder (sun.misc package classes provided by JDK) to convert between String and byte[].

For example:


where the byte[]s are equal.

HTH
-Trey
 
Ranch Hand
Posts: 2308
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
How are you encrypting ? Please post the code for that too.

One more thing is you are providing only the algorithm , no mode , nor the padding.I think all the block ciphers need to have a padding associated , so that in case of incomplete block they can use the padding.
 
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,
I too am facing the same exception BadPaddingException: Given final block not properly padded

I have tried converting the ChiperText String to bytes using the Base64Decoder as well as String.getBytes(). even after doing this I see the same Exception.
In my case The encryption is being done in Dot Net code. and the decryption happens in Java Code.
I suspect the Issue here in the Below Code:
The Encryption Algorithm is TripleDES ( DESede).
and to encrypt the mode and padding is given as below:
Mode: CBC
Padding = Padding.Zeros

But I am not sure which Padding mode to be used. I am using CBC/PKCS5Padding mode/padding.

Can any one specify which is the equivalent Padding mode to the DotNet Zeros Padding.

You Suggestions are most awaited..
Thanks
 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

I have tried converting the ChiperText String to bytes using the Base64Decoder


This sounds fishy. Are you certain that the string has been base-64 encoded before? If you're at least superficially familiar with that encoding, you can tell by looking at the string.
 
Test User
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
HI while encrypting Code is not using Bas64Endoder to encode . They have written there own custom Method to Encode the bytes to String
and have a custom Method to Decode the string before decrypting.
The whole process of encrypting and decrypting works fine if its totally done in Dot Net.
But If I try to Encrypt in Dotnet and try tp decrpyt in Java. I am getting the Badpadding Exception.
The Padding Mode used in Dotnet code in Padding.Zeros. But I do not find the equivalent padding mode in Java ( JCE). Could any one suggest how it can be done.

I found that if the Dotnet COde uses padding Mode as PKCS7 then it could be decrpted in my Java code using PKCS5PAdding... But our requirement is it needs to be done PAddingZeros in Dot net and have to get a solution in Java?
You Suggestions are welcome
 
Sheriff
Posts: 67746
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
"Test User",

There aren't many rules that you need to worry about here on the Ranch, but one that we take very seriously regards the use of proper names. Please take a look at the JavaRanch Naming Policy and adjust your display name to match it.

In particular, your display name must be a first and a last name separated by a space character, and must not be obviously fictitious.

Thanks!
bear
JavaRanch Sheriff
 
Ranch Hand
Posts: 43
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello I'm facing the same problem and so far I could have not found any solution to come around it, I tried getting the char array from the string and then converting to byte each char from it but I get the same result, I also try the BASEDecoder algorithm but it's the same, I'm saving the bytes I'm getting into a file using the FileOutputStream and then the FileInputStream, but everytime I read the password from the file I get the error, has anyone found a way to do this?.. the code works as long as you encrypt and decrypt using the very same string, but once I store the bytes and try to retrieve those I get the error.. please help.. thanks.

Regards.
 
Ranch Hand
Posts: 220
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Serch Hdez wrote:Hello I'm facing the same problem and so far I could have not found any solution to come around it, I tried getting the char array from the string and then converting to byte each char from it but I get the same result, I also try the BASEDecoder algorithm but it's the same, I'm saving the bytes I'm getting into a file using the FileOutputStream and then the FileInputStream, but everytime I read the password from the file I get the error, has anyone found a way to do this?.. the code works as long as you encrypt and decrypt using the very same string, but once I store the bytes and try to retrieve those I get the error.. please help.. thanks.

Regards.



Perhaps you can show us the code that works and the code that doesn't work.
 
Serch Hdez
Ranch Hand
Posts: 43
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Sure here is the code that works:


But when I put some methods to save the encrypted text and then to read it from the file I got the error:



So the first code works but this second one with file functionality won't work... any ideas?.. thank you.
 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

strEncryptedText = new String(result);


This is wrong. You simply can't convert a byte[] that holds binary data into a String. If you need to treat a byte[] as String (why?), run it through base-64 or something similar.
 
Serch Hdez
Ranch Hand
Posts: 43
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Ulf Dittmer wrote:

strEncryptedText = new String(result);


This is wrong. You simply can't convert a byte[] that holds binary data into a String. If you need to treat a byte[] as String (why?), run it through base-64 or something similar.



Yeah but well, the error does not happen there.. it happens when I do the cipher



so, do you know why? I'm reading bytes... but still getting the padding exception...
 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You're using different keys for encryption and decryption. "generateKey" create a random key, which will be different each time.

Also, don't use "DES" as the cipher, use "DESede". DES is obsolete these days, but Triple-DES (a.k.a. DESede) is still OK to use.
 
Serch Hdez
Ranch Hand
Posts: 43
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Ulf Dittmer wrote:You're using different keys for encryption and decryption. "generateKey" create a random key, which will be different each time.

Also, don't use "DES" as the cipher, use "DESede". DES is obsolete these days, but Triple-DES (a.k.a. DESede) is still OK to use.



Ok thanks for your reply, do you know how I could create a key so I can use it in both encryption and decryption?.. thanks.
 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You'll have to store the key that is used for encryption somewhere, so that you can retrieve it for decryption.
 
Greenhorn
Posts: 1
Python PHP Fedora
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Trey Howard wrote:Regarding the earlier comment 'create your own byte array conversion function', I thought I'd share a solution I found in the hopes of saving others some time and trouble.
You case use BASE64Encoder and BASE64Decoder (sun.misc package classes provided by JDK) to convert between String and byte[].

For example:


where the byte[]s are equal.

HTH
-Trey




Thanks. Solution helped a lot.
 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic