This week's book giveaway is in the Clojure forum.
We're giving away four copies of Clojure in Action and have Amit Rathore and Francis Avila on-line!
See this thread for details.
Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Need help in password Encryption and Decryption

 
Preethi Chandramouly
Greenhorn
Posts: 1
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I need help in password encryption and decryption. I'm using DES Algorithm for encryption and decryption. It works well when I'm trying to encrypt and decrypt a string . But I'm storing the encrypted string in the database. encryption works well. but when i tried to decrypt it is throwing some "BadPaddingException : Given final block not properly padded "..

Please help me..

Here is the code i used for decryption.

ecipher = Cipher.getInstance("DESede");
dcipher.init(Cipher.DECRYPT_MODE, key);
/*.......*/

public String decrypt(String str) {
try {
// Decode base64 to get bytes
byte[] dec = new sun.misc.BASE64Decoder().decodeBuffer(str);

// Decrypt
byte[] utf8 = dcipher.doFinal(dec);

// Decode using utf-8
return new String(utf8, "UTF8");
} catch (javax.crypto.BadPaddingException e) {
} catch (IllegalBlockSizeException e) {
} catch (UnsupportedEncodingException e) {
} catch (java.io.IOException e) {
}
return null;
}

Thanks in advance.

Regards,
Preethi.
 
srinivasa raghavan ambikapathy
Greenhorn
Posts: 4
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Refer here
Padding Exception

Get back if it still doesnt work.
 
James Sabre
Ranch Hand
Posts: 781
Java Netbeans IDE Ubuntu
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
When using ECB block mode as you are, bad padding exception has two standard causes :-

1) The key used to decrypt is not the same as the key used to encrypt.
2) The ciphertext has been corrupted.

Since you are Base64 encoding the ciphertext my best guess, and without seeing more of your code it is only a guess, is that your database is truncating your ciphertext. When you decided on the database column width, did you take into account the up to 8 bytes of padding needed and the more than 33% increase in size of the ciphertext caused by the Base64 encoding?

P.S. It is generally considered insecure to encrypt passwords. Passwords should be digested together with a random salt.
PP.S. ECB block mode is generally considered insecure since it allows forgery by the splicing of ciphertext.
PPP.S. sun.misc.BASE64Decoder() is a private class that should not be used since it may be removed in later Java releases. There are free Base64 libraries; for example, Google "Jakarta Commons Codec" .
PPPP.S. That exception handling is very poor. When using the JCE just about all exceptions are fatal and should most definitely not be just silently ignored.
 
Seetharaman Venkatasamy
Ranch Hand
Posts: 5575
Eclipse IDE Java Windows XP
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Welcome to JavaRanch Preethi and srinivas
 
Jesper de Jong
Java Cowboy
Saloon Keeper
Pie
Posts: 15150
31
Android IntelliJ IDE Java Scala Spring
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Welcome to JavaRanch.

Not an answer to your question, but I hope this is useful anyway: Why are you encrypting and decrypting passwords?

It is almost always wrong to store encrypted passwords. Instead of encrypting and decrypting passwords, you should use a one-way hash algorithm on passwords, and store the hash in the database. When someone wants to login, you hash the text they entered with the same algorithm and compare that hash to the one stored in the database. To make it more secure, you should properly salt the hash.

That method is more secure than encrypting and decrypting passwords, because there is no way to get the password back from the hash. Hash algorithms are like a valve: you can go from the input to the output, but there's no way to get from the output back to the input.

For details about how this works, see Cryptographic hash function on Wikipedia.
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic