This week's book giveaway is in the OCPJP forum.
We're giving away four copies of OCA/OCP Java SE 7 Programmer I & II Study Guide and have Kathy Sierra & Bert Bates on-line!
See this thread for details.
The moose likes Security and the fly likes error coming while decrypting... Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of OCA/OCP Java SE 7 Programmer I & II Study Guide this week in the OCPJP forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "error coming while decrypting..." Watch "error coming while decrypting..." New topic
Author

error coming while decrypting...

deepak adlakha
Ranch Hand

Joined: Jul 27, 2001
Posts: 325
Can some one help me with what's wrong with this code .....

method used to generate key
================================================
public static SecretKey generateKey() throws NoSuchAlgorithmException
{
// Get a key generator for Triple DES (a.k.a DESede)
KeyGenerator keygen = KeyGenerator.getInstance("DESede");

// Use it to generate a key
return keygen.generateKey();
}

Method used for encryption
==========================
public static byte[] encrypt(final SecretKey key, final String password)
throws NoSuchAlgorithmException, InvalidKeyException,
NoSuchPaddingException, IOException
{
try
{
Cipher cipher = Cipher.getInstance("DESEDE/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] passArr = password.getBytes("UTF-8");
return cipher.doFinal(passArr);
}
catch (Throwable t)
{
t.printStackTrace();
}
return null;
}


method used for decryption
=========================================
public static byte[] decrypt(final SecretKey key, final String encryptedPassword)
throws NoSuchAlgorithmException, InvalidKeyException, IOException,
IllegalBlockSizeException, NoSuchPaddingException,
BadPaddingException
{
try
{
Cipher cipher = Cipher.getInstance("DESEDE/ECB/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, key);
byte[] bOut = cipher.doFinal(encryptedPassword.getBytes("UTF-8"));

return bOut;
}
catch(Exception ex)
{
ex.printStackTrace();
return null;
}

It encrypts the password and when i am trying to decrypt the same....i get following error

javax.crypto.BadPaddingException: Given final block not properly padded
at com.ibm.crypto.provider.DESedeCipher.engineDoFinal(Unknown Source)
at com.ibm.crypto.provider.DESedeCipher.engineDoFinal(Unknown Source)
at javax.crypto.Cipher.doFinal(Unknown Source)
at com.fmr.xtrac.commons.application.util.GenerateKey.decrypt(GenerateKey.java:146)


Can someone please point out what's wrong either in encryption method or decryption method ?
greg stark
Ranch Hand

Joined: Aug 10, 2006
Posts: 220
First mistake is to use a String to hold the encrypted bytes. A String is not a container for arbitrary bytes. Use a byte[]. You don't show the code that calls your generateKey(), encrypt, and decrypt functions, so I can only guess that you are not supplying the identical SecretKey to both encrypt and decrypt functions.


Nice to meet you.
deepak adlakha
Ranch Hand

Joined: Jul 27, 2001
Posts: 325
Thanks for the reply.

I am using string because encrypted password will be saved in the DB. If i can't use string, what else i can use? Sorry secruity is new domain for me.

Code to call generate key, encryption, decrypt is as follows:-


SecretKey key = GenerateKey.generateKey();


byte[] encrPassword = GenerateKey.encrypt(key, employee.getPassword(); // getPassword will return string


While i am returning data back to client, i need to decrypt using the same key...assume key is saved somewhere in harddrive and its retrieved before calling below method.

byte[] encrPassword = GenerateKey.decrypt(key, dbObj.getPassword();
// as this is saved retrieved from db, so i will get back string and i will convert the returned bytes into string back and return to the client.
greg stark
Ranch Hand

Joined: Aug 10, 2006
Posts: 220
If you need to store binary data in a text-compatible form, one common technique is to use base64 encoding. There are several base64 encoding packages out there, including the Apache commons code, but my favorite is at http://iharder.sourceforge.net/current/java/base64/. You need to encode the binary data for storage as a string, e.g. and when you want to convert it back to the orginal byte array later you need to decode it, e.g.
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: error coming while decrypting...