AES decryption problem

We have provided an API to our clinet, which they use to encrypt the string and they will send the encrypted string as request parameter to our end.
On receiving the string we will decrypt the string before processing further.
But while decrypting we receive the below error.

Client use JDK 1.6 to encrypt and we use JDK 1.5 at our end to decrypt

javax.crypto.BadPaddingException: Given final block not properly padded
at com.sun.crypto.provider.SunJCE_h.b(DashoA12275)
at com.sun.crypto.provider.SunJCE_h.b(DashoA12275)
at com.sun.crypto.provider.AESCipher.engineDoFinal(DashoA12275)
at javax.crypto.Cipher.doFinal(DashoA12275)
at com.sbi.crypto.aes.EncryptAES.decrypt(EncryptAES.java:84)

Line 84 is byte [] ciphertext=cipher.doFinal(results);

Below is the code to encrypt

static{ Security.addProvider( new com.sun.crypto.provider.SunJCE()); Security.insertProviderAt( new com.sun.crypto.provider.SunJCE(),1); } public String encrypt(String data,String merchantCode) { String path = merchantCode + ".key"; byte[] key = null; try { key = returnbyte(path); } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } String encData=null; try{ Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding","SunJCE"); logger.info("Provider Info " + cipher.getProvider().getInfo()); byte[] keyBytes= new byte[16]; //byte[] b= path.getBytes("UTF-8"); int len= key.length; if (len > keyBytes.length) len = keyBytes.length; System.arraycopy(key, 0, keyBytes, 0, len); SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "AES"); IvParameterSpec ivSpec = new IvParameterSpec(keyBytes); cipher.init(Cipher.ENCRYPT_MODE,keySpec, ivSpec); byte[] results = cipher.doFinal(data.getBytes("UTF-8")); BASE64Encoder encoder = new BASE64Encoder(); encData= encoder.encode(results); }catch(Exception ex){ logger.info("Exception occured :" + ex); } logger.info("encrypt(String data,String merchantCode) method end"); return encData; }
Below is the code to decrypt

public String decrypt(String encData,String merchantCode) { logger.info("decrypt(String encData, String merchantCode, String delimiter) method begin"); String decdata=null; String path =merchantCode + ".key"; byte[] key = null; try { key = returnbyte(path); } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } try{ Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding","SunJCE"); logger.info("Provider Info " + cipher.getProvider().getInfo()); byte[] keyBytes= new byte[16]; //byte[] b= key.getBytes("UTF-8"); int len= key.length; if (len > keyBytes.length) len = keyBytes.length; System.arraycopy(key, 0, keyBytes, 0, len); SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "AES"); logger.info("After SecretKeySpec"); IvParameterSpec ivSpec = new IvParameterSpec(keyBytes); cipher.init(Cipher.DECRYPT_MODE,keySpec,ivSpec); BASE64Decoder decoder = new BASE64Decoder(); logger.info("before final"); byte [] results= decoder.decodeBuffer(encData); byte [] ciphertext=cipher.doFinal(results); logger.info("after"); decdata=new String(ciphertext,"UTF-8"); }catch(Exception ex){ logger.info("Exception occured :" + ex); ex.printStackTrace(); } logger.info("decrypt(String encData, String merchantCode, String delimiter) method end"); return decdata; }


Kindly help us.
Thanks in advance.

Either the base64 encoded ciphertext is getting corrupted in some way or more likely the wrong key is being used for decryption. For test purposes you should dump the bytes of the key after reading them.

P.S. Using the bytes of the key as the IV is not considered good practice.
P.P.S. your code# byte[] keyBytes= new byte[16]; # //byte[] b= path.getBytes("UTF-8"); # int len= key.length; # if (len > keyBytes.length) len = keyBytes.length; # System.arraycopy(key, 0, keyBytes, 0, len);
can be replaced by the single line
byte[] keyBytes = Arrays.copyOf(key, 16);
P.P.P.S. That exception handling is poor. If you fail to read the key then it is fatal and you cannot continue!