Error decrypting in java

Question

I'm trying to encrypt/decrypt a String in Java. No problem concerning the encryption then stored a in sqlite table. But I always get the same error trying to decrypt it :

"java.security.InvalidKeyException : no IV set when one expected"

Here is my code snippet :

public String encrypt(String password){
    try
    {
        String key = "mysecretpassword";
        SecretKeySpec keySpec = null;
        keySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES");
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
        cipher.init(Cipher.ENCRYPT_MODE, keySpec);
        return new String(cipher.doFinal(password.getBytes()));
    }
    catch (Exception e)
    {
        return null;
    }
}

public String decrypt(String password){
    try
    {
        String key = "mysecretpassword";
        SecretKeySpec keySpec = null;
        keySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES");
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
        cipher.init(Cipher.DECRYPT_MODE,keySpec);
        return new String(cipher.doFinal(password.getBytes()));
    }
    catch (Exception e)
    {
        System.out.println(e);
        return null;
    }
}

What am I doing wrong?

Having same issue, don't understand, why it works on encrypt and fails on decrypt? unless by not setting a IV in encrypt a random one is generated? — scottyab, Sep 25 '14 at 16:30
Just to follow up my previous comment. Yes, you need to set a IV similar to how @Udo has shown below. — scottyab, Sep 29 '14 at 08:02
Possible duplicate of [Decrypting error : "no iv set when one expected"](http://stackoverflow.com/questions/11503157/decrypting-error-no-iv-set-when-one-expected) — rds, Nov 05 '15 at 12:43

Udo Klimaschewski · Accepted Answer · 2013-05-19T16:59:48.743

10

You will need to specify an initialization vector in the cipher.init() method:

IvParameterSpec ivSpec = new IvParameterSpec(ivBytes);
cipher.init(Cipher.DECRYPT_MODE,keySpec, ivSpec);

See: http://docs.oracle.com/javase/1.5.0/docs/api/javax/crypto/spec/IvParameterSpec.html

The initialization vector should be a random byte array, for a discussion see:

http://en.wikipedia.org/wiki/Initialization_vector

edited May 19 '13 at 16:59

answered Nov 06 '12 at 15:19

Udo Klimaschewski

5,150
1
28
41

Thanks ! The documentation and your snippet have been very helpful ! – MademoiselleLenore Nov 07 '12 at 07:59

score 1 · Answer 2 · answered Nov 06 '12 at 15:14

You need an appropriate AES key, try with:

 String key = "mysecretpassword";
 KeySpec spec = new PBEKeySpec(key.toCharArray(), Salt, 12345678,256);
 SecretKey encriptionKey = factory.generateSecret(spec);
 Key encriptionKey = new SecretKeySpec(encriptionKey.getEncoded(), "AES");

Error decrypting in java

2 Answers2