Win a copy of Microservices Testing (Live Project) this week in the Spring forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • Ron McLeod
  • Jeanne Boyarsky
  • Paul Clapham
Sheriffs:
  • Liutauras Vilda
  • Henry Wong
  • Devaka Cooray
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Al Hobbs
  • Carey Brown
Bartenders:
  • Piet Souris
  • Mikalai Zaikin
  • Himai Minh

bad padding exception

 
Ranch Hand
Posts: 237
MyEclipse IDE Firefox Browser Tomcat Server
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
i am getting javax.crypto.BadPaddingException: Given final block not properly padded
at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)




what would be the solution,when i comment initilizeKey() method in decryptValue method it is working.
but in my case i will be calling encryptValue one time and later decryptValue method.not both at a time.
any suggestion please.

Thanks,
 
Ranch Hand
Posts: 781
Netbeans IDE Ubuntu Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Your initializeKey() method creates a random key each time it is called. Your encryptValue() method calls initializeKey() and creates a random key to encrypt with. Your decryptValue() method calls initializeKey() and creates another random, most probably different key from that used in the encryption key, to decrypt with. AES must use the same key for encryption and decryption.

The key should be generated once and saved. You can use a password protected Java Keystore for this.

P.S. You do realise that ECB block mode is considered insecure since it allows forgery though splicing. You should change to use one of the feedback modes such as CBC; this will eliminate this particular insecurity.
 
sudheer kiran
Ranch Hand
Posts: 237
MyEclipse IDE Firefox Browser Tomcat Server
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi thanks for the reply,when i use key store i am getting "should be 16 bit padding error".
 
James Sabre
Ranch Hand
Posts: 781
Netbeans IDE Ubuntu Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

sudheer kiran wrote:hi thanks for the reply,when i use key store i am getting "should be 16 bit padding error".



Then you are using it wrongly! Not being a mind reader I can't help without seeing the code.

As I said in one of your other threads in this forum, you need to do some reading. By doing as you are doing and cobbling together code from random sources found on the Internet you might end up with something that encrypts and decrypts but based on what you have posted so far it will be insecure.

Bye

P.S. Paraphrasing error messages like that helps nobody.
 
sudheer kiran
Ranch Hand
Posts: 237
MyEclipse IDE Firefox Browser Tomcat Server
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hey James very thanks.i have only got three days for for to complete module so i been looking for quick solutions.
you are right i should go through complete book.

 
James Sabre
Ranch Hand
Posts: 781
Netbeans IDE Ubuntu Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

sudheer kiran wrote:hey James very thanks.i have only got three days for for to complete module so i been looking for quick solutions.
you are right i should go through complete book.



I find it hard to believe that any lecturer/teacher would give you just 3 days to complete a cryptography assignment starting from zero knowledge without providing appropriate course material.
 
Consider Paul's rocket mass heater.
reply
    Bookmark Topic Watch Topic
  • New Topic