0

Im trying to decrypt the encrypted xml file. Im getting it as a inputstream as follows.I have the correct encrypt key. but each time my program returns empty string. Every time i enter the correct key. but each time it returns Badpadding Exception.

   try{
                InputStream is = new ByteArrayInputStream(decryption.getFileData().getBytes());
                String xmlEncryptedStr = getStringFromInputStream(is);
               String xmlStr = CipherUtils.decrypt(xmlEncryptedStr, new  Long(key));
               .......

here is my CipherUtils.java class 

.........

     public static String decrypt(String strToDecrypt,Long key)
        {
            String keyString=String.format("%016d", key);
            //System.out.println("decrypt keyString :"+keyString);
            return decrypt(strToDecrypt, keyString.getBytes());
        }


        public static String decrypt(String strToDecrypt,byte[] key)
        {
            if(strToDecrypt==null)
                return strToDecrypt;
            try
            {
                Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
                final SecretKeySpec secretKey = new SecretKeySpec(key, "AES");
                cipher.init(Cipher.DECRYPT_MODE, secretKey);

                final String decryptedString = new String(cipher.doFinal(Base64.decodeBase64(strToDecrypt)));
                System.out.println("CipherUtils.decryptedString :"+decryptedString);
                return decryptedString;
            }
            catch (Exception e)
            {
                log.error("Ops!", e);
            }
            return null;
        }

.......

For more information here is my encrypting code

   public static String encrypt(String strToEncrypt,Long key)
        {
            String keyString=String.format("%016d", key);
            //System.out.println("encrypt keyString :"+keyString);
            return encrypt(strToEncrypt,keyString.getBytes());
        }



        public static String encrypt(String strToEncrypt,byte[] key)
        {
            if(strToEncrypt==null)
                return strToEncrypt;
            try
            {
                Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
                final SecretKeySpec secretKey = new SecretKeySpec(key, "AES");
                cipher.init(Cipher.ENCRYPT_MODE, secretKey);
                final String encryptedString = Base64.encodeBase64String(cipher.doFinal(strToEncrypt.getBytes()));
              //  System.out.println("CipherUtils.encrypt :"+encryptedString);
                return encryptedString;
            }
            catch (Exception e)
            {
                e.printStackTrace();
            }
            return null;

        }
Nwn
  • 561
  • 2
  • 9
  • 33
  • 2
    Without showing the encryption code we'd just be guessing. I won't do that but maybe someone else will. – President James K. Polk Mar 09 '18 at 04:28
  • Do not use ECB mode in new work and update legacy work ASAP, it is not secure, see [ECB mode](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Electronic_Codebook_.28ECB.29), scroll down to the Penguin. Instead use CBC mode with a random IV, just prefix the encrypted data with the IV for use in decryption, it does not need to be secret. – zaph Mar 09 '18 at 04:52
  • I have added encrypting information about the problem – Nwn Mar 09 '18 at 04:59
  • 1
    A padding error generally, especially given that the same padding is explicitly specified for both encryption and decryption, that the decryption failed. In order to test decrypt with no padding and examine the decrypted data. Ensure the key is exactly the correct size and encodings are matching. It is easier to debug without nested function calls, make the Base64 encoding/decoding a separate step. – zaph Mar 09 '18 at 05:06
  • please Explain that I didnt get it – Nwn Mar 09 '18 at 05:08
  • zaph can you explain it by using example – Nwn Mar 09 '18 at 05:21
  • "explain it" is vague, what does "it" stand for? – zaph Mar 09 '18 at 05:22
  • 1
    Here is the deal: If the decryption fails, meaning it did not decrypt to the correct result, the padding also did not decrypt correctly and there is a "padding error" but it is not an error in the padding, it is an overall decryption error. Print out the key and data and verify them, that means putting the Base64 encoding/decoding in separate statements. The add the to the question. The encrypted data should be displayed in hex, it is not a displayable string. – zaph Mar 09 '18 at 05:25
  • 1
    To put it another way that may be clearer: modern symmetric ciphers like AES are bijections, so if you decrypt with ciphertext or key or IV when used (not for ECB) wrong by even one bit, you don't get an error from the cipher just garbage data, which if padding was used almost always causes a padding error. Thus receiving a padding error almost always means you decrypted with the wrong ciphertext or key or IV. @zaph: don't bother with the semantic insecurity of ECB, a keyspace of 10^16 can be totally broken in days by commodity hardware. – dave_thompson_085 Mar 09 '18 at 08:22
  • @dave_thompson_085 Well put. I was putting off bringing up the key space issue but brought up ECB mode for future readers. – zaph Mar 09 '18 at 11:57

1 Answers1

0

I am sorry I couldn't comment so I am writing in answers section. I faced this issue when I was using different keys though I was passing the same but i used CBC methodology.

Just to note that have you checked that encryption is also done by the AES/ECB/PKCS5Padding and not other format like AES/CBC/PKCS5Padding

Also check if key format for encryption is also having the same format like %016d of your keyValue. Also the key is 16 char long.

I created a simple AES and DESede encryption utility and it worked fine.

private static final byte[] keyValue = new String(
        "CjxI&S@V&#DSA_S0dA-SDSA$").getBytes();

public static void main(String[] args) throws Exception {
    Client cli = new Client();
    System.out.println(cli.encrypt("your password for encryption"));

    Client cli1 = new Client();
    System.out.println(cli1.decrypt("fTsgVQtXvv49GynHazT4OGZ4Va1H57d+6AM+44Ex040="));
}
public String encrypt(String Data) throws Exception {
    Key key = new SecretKeySpec(keyValue, "AES");
    Cipher c = Cipher.getInstance("AES/ECB/PKCS5Padding");
    c.init(Cipher.ENCRYPT_MODE, key);
    byte[] encVal = c.doFinal(Data.getBytes());
    String encryptedValue = DatatypeConverter.printBase64Binary(encVal);
    // String encryptedValue = new BASE64Encoder().encode(encVal);
    return encryptedValue;
}

public String decrypt(String encryptedData) throws Exception {
    Key key = new SecretKeySpec(keyValue, "AES");
    Cipher c = Cipher.getInstance("AES/ECB/PKCS5Padding");
    c.init(Cipher.DECRYPT_MODE, key);
    byte[] decordedValue = DatatypeConverter
            .parseBase64Binary(encryptedData);
    byte[] decValue = c.doFinal(decordedValue);
    String decryptedValue = new String(decValue);
    return decryptedValue;
}
Sagar Kharab
  • 369
  • 2
  • 18