1

I'm trying to encrypt a message in javascript (using crypto-js library) and to decrypt it in java.

This is the javascript code:

var key = CryptoJS.enc.Utf8.parse(aesPassword);
var ive  = CryptoJS.enc.Utf8.parse(aesIv);
var encryptedData = CryptoJS.AES.encrypt(dataToEncrypt, key, {mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7, iv: ive});

And this is the java code:

final Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        final SecretKeySpec key = new SecretKeySpec(aesPassword().getBytes("UTF-8"), "AES");
        cipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(aesIv().getBytes("UTF-8")));
        byte[] decrypted = cipher.doFinal(DatatypeConverter.parseBase64Binary(message));

But when I try to decrypt in Java this exception is thrown: javax.crypto.BadPaddingException: Given final block not properly padded

password: 6h2faBePVxpgyFSN iv: NKOzRKrmEMKs1kE4 data to encrypt: "{token: cMGOIrYlJm9lPhPW}"

Any help?

Thanks in advance

Giamma
  • 808
  • 2
  • 10
  • 21
  • 1
    Are you sure they're compatible? – evolutionxbox Apr 20 '17 at 11:36
  • Yes. In other cases I encrypt with java and decrypt in javascript and it works fine – Giamma Apr 20 '17 at 12:16
  • Your code looks correct. Please [edit] your question to include your key and IV. You should encode the byte array of the key and IV as Hex to compare them between JavaScript and Java. – Artjom B. Apr 20 '17 at 18:56
  • If you're using only symmetric encryption you need the exact same key at the server and the client. If you send the encryption key from the server to the client or the other way around you need to encrypt your symmetric encryption key. The easiest way to do this would be to use TLS. If you use TLS, then the data as well as key are encrypted, so you don't need to encrypt it yourself. This doesn't provide any security, just a little bit of obfuscation. You should read: https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2011/august/javascript-cryptography-considered-harmful/ – Artjom B. Apr 20 '17 at 18:56
  • I know tls is the best way but I was only playing with cryptography to improve the security of login method. Edited the original post with key and iv – Giamma Apr 21 '17 at 06:03
  • you are playing around with crypto, yes... but you will not be able to improve anything this way... if you want a secure login, you want TLS ... – DarkSquirrel42 Apr 21 '17 at 08:15

1 Answers1

0

I may be wrong, but I think BadPaddingException in this case means that you don't possess the correct key to successfully perform the decryption.The exception essentially means that the key is either too short or too long (I think). 

Try{
    String decrypted = aes.decrypt(...);
    System.out.println(decryted);
}catch(Exception e){

}

Something like the code above may work, as System.out is only reached when the BadPaddingException isn't caught, this could be used in a loop when trying possible keys for decryption, for example, if you were trying to calculate all possible keys for the decryption.

Plumbus
  • 31
  • 1
  • 1
  • 6
  • 1
    The key is correct and it is used to encrypt messages in java and decrypt messages in javascript. The key is always the same – Giamma Apr 20 '17 at 12:18