This week's giveaway is in the Android forum.
We're giving away four copies of Android Security Essentials Live Lessons and have Godfrey Nolan on-line!
See this thread for details.
The moose likes Security and the fly likes BadPaddingException: pad block corruption when using Java 1.4 Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "BadPaddingException: pad block corruption when using Java 1.4" Watch "BadPaddingException: pad block corruption when using Java 1.4" New topic
Author

BadPaddingException: pad block corruption when using Java 1.4

George Redka
Greenhorn

Joined: Aug 05, 2004
Posts: 1
I'm getting a javax.crypto.BadPaddingException: pad block corrupted Exception while working on converting our existing java jdk 1.2 to java 1.4. Any suggestions would be great. Here are the specifics:

We have a web application that been running for 3+ years under java jdk 1.2 & jce_1_2.jar. Within the application we are exchanging data (XML) with a customer using the following encryption scheme:
1) We create a one time DESede key through the KeyGenerator class passing in ("DESede", "BC")
2) We encrypt the data with this one time key using ("DESede/ECB/PKCS5Padding", "BC")
3) This one time key is then encrypted using ("RSA/ECB/PKCS1Padding", "BC") and customer's public key
4) We create a signature with our private key, which they have the public key for.

This is process/api that we required to use for their API's and its worked fine under 1.2, with "ABA" as the provider. Now moving to 1.4, I'm using BouncyCastle as the provider.

Other differences, the keystore was created under 1.2 and in 1.2 it was defined as "JCEKS" provider "SunJCE" under 1.4 I changed them to "JKS" and "SUN" . I would get bad header exceptions when reading from the keystore until I changed it. I don't think its the BouncyCastle since I was able to download the 1.2 version of BC and get the existing app to work and I also got the 1.4 version of BC to work under the existing 1.2 application, but I'm not ruling it out totally yet.

So something seems to be different with the algorithms/padding, but I can't seem to find it. I tried the following: "RSA" "RSA/ECB" "RSA//PKCS1Padding" "NoPadding" also changed the DESede algorithm with no luck. All I know is that its failing on the decryption of the one time key, since its failing on the customer side, I don't have much other insight into it, other then the exception that they sent me.

More info: getting error on Java: build 1.4.2_02-b03 on Solaris 5.8
Existing application running: Java JDK_1.2.2_10 on Solaris 5.8
BouncyCastle: bcprov-jdk14-124.jar

Here is the stackTrace that I was sent:

20040804;10:29:37: javax.crypto.BadPaddingException: pad block corrupted
20040804;10:29:37: at org.bouncycastle.jce.provider.JCEBlockCipher.engineDo
Final(JCEBlockCipher.java:460)
20040804;10:29:37: at javax.crypto.Cipher.doFinal(Cipher.java:1129)
20040804;10:29:37: at com.customer.crypto.SymmetricCryptor.decrypt(SymmetricCryptor.java:105)
20040804;10:29:37: at com.customer.crypto.SymmetricCryptor.decryptToStr
ing(SymmetricCryptor.java:95)
20040804;10:29:37: at com.customer.api.Data.DataServlet doPost(DataServlet.java:88)

Thanks
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: BadPaddingException: pad block corruption when using Java 1.4
 
Similar Threads
CipherOutputStream not outputing
"javax.crypto.BadPaddingException: pad block corrupted" using BouncyCastle and DESede: How to avoid?
signer information does not match? Help...
Unknown cipher block while decrypting using BC provider
Digital Signature in PKCS 7 format with base 64 encoding