James Sabre wrote:Your code for writing and reading the key is seriously flawed. You must close the key file when writing it and you cannot rely on the read() to read the whole of your key file when reading it. Read the Javadoc for InputStream.read(byte ) to see why. The safest way to read the file is to use DataInputStream.readFully(). For example -
Though failure of your read() to read the whole key could cause the BadPaddingException I have never seen this problem on a lightly loaded system.
The difficulty I had with your code is that you don't return the ciphertext or cleartext from your encrypt() and decrypt() methods yet you say your BadPaddingException occurs only when you do! After changing your code so it returns the cleartext/ciphertext I don't see your problem and don't get the BadPaddingException. There are three common causes of BadPaddingException. First if the key used is incorrect, second if the ciphertext is corrupted and third if you try to decrypt something that is not encrypted. From you test harness I suspect you are trying to decrypt something that has not been encrypted OR that your key is not being read or written propperly.
Note - it is considered insecure to encrypt and store passwords. It is normally better to use a randomly seeded hashing so that nobody can easily obtain the original password from the hashed password. Even if you do have to encrypt the passwords, it is not considered secure to use ECB mode (the mode you get by default) since it is open to fraud by splicing of ciphertext and more worryingly it will allow someone with access to the database to determine which people have the same password. You should use something like CBC mode with a random IV.
Nischint Ramesh wrote:
I found the problem of BadPaddingException. The application was truncating the ciphertext to 20 characters as it was a default length used in the app. Thing is , There is lots of code in between the encrypting, storing and decrypting logic above. I have just posted the logic that I thought the problem would exist.
About your note of using a one way hash algorithm for storing passwords, cannot be done in the case of my requirement, as there would be no prompting user for password and checking against the hash on the other end. I'm basically "sending the password of some machine to someone who doesn't know what his password is".
I shall look into CBC mode for block. I do not know what a IV is. Could you just guide me regarding CBC and random IV.?
Thanks a lot again.