pad block corrupted?

Question

I have been using the following two methods to encrypt and decrypt sensitive info.

public static String encryptSensitiveInfo(String strToEncrypt,
                                          String saltToEncrypt) throws Exception {

    String encryptedString = "";
    byte[] encryptedValue;

    Key key = new SecretKeySpec(saltToEncrypt.getBytes(), "AES");
    Cipher cipher = Cipher.getInstance("AES");
    cipher.init(Cipher.ENCRYPT_MODE, key);

    encryptedValue = cipher.doFinal(strToEncrypt.getBytes());
    encryptedString = new String(Base64.encodeBase64(encryptedValue));

    encryptedValue = null;
    return encryptedString;
}



public static String decryptSensitiveInfo(String strToDecrypt,
                                          String saltToDecrypt) throws Exception {

    String decryptedString = "";
    byte[] decryptedValue;

    Key key = new SecretKeySpec(saltToDecrypt.getBytes(), "AES");
    Cipher cipher = Cipher.getInstance("AES");
    cipher.init(Cipher.DECRYPT_MODE, key);

    decryptedValue = cipher.doFinal(Base64.decodeBase64(strToDecrypt
            .getBytes()));
    decryptedString = new String(decryptedValue);

    decryptedValue = null;
    return decryptedString;
}

At the time of decryption I get "pad block corrupted" execption. Any help to resolve this issue would be very much appreciated. Thanks in advance.

Check this https://stackoverflow.com/questions/4560461/decryption-error-pad-block-corrupted — Crammeur, Jul 24 '18 at 14:25
Possible duplicate of [Decryption Error: Pad block corrupted](https://stackoverflow.com/questions/4560461/decryption-error-pad-block-corrupted) — Crammeur, Jul 24 '18 at 14:33
@crammeur - Thanks. Will take a look. This decryption have been creeping up off late and throws up once in a blue moon — Indark, Jul 24 '18 at 14:44
`Cipher.getInstance("AES");` don't do this. Always specify the full *algorithm/mode/padding* transformation string. Also, there is no Base64 class in android that has the methods you are using. You need to tell us what software you are using. — President James K. Polk, Jul 24 '18 at 15:08
Hello James, I'm using this in my android code. Ain't using any specific software — Indark, Jul 25 '18 at 10:48
`decodeBase64` uses Apache Commons Codec.. I would call that "specific software". — Maarten Bodewes, Jul 31 '18 at 00:52
**Warning**: The code above is clearly not secure. It uses ECB mode to encrypt data and it relies on the default character encoding, to name just two issues. — Maarten Bodewes, Jul 31 '18 at 00:59

score 0 · Answer 1 · answered Jul 31 '18 at 00:58

You're correctly performing base 64 on the ciphertext because the ciphertext consists of random looking bytes. However, you forget to do the same with your key (which, inexplicably, is called saltToDecrypt in your code). If the keys do not match or if the ciphertext has become corrupted then you will almost certainly run into a BadPaddingException.

If the amount of ciphertext has changed an IllegalBlockSizeException is more likely and if the key isn't of the right size for AES, an InvalidKeyException.

pad block corrupted?

1 Answers1