7

In Android/java app,

byte[] data = ":ʺ$jhk¨ë‹òºÃ"; // fetched from php server..
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, mKeyspec);
return new String(cipher.doFinal(data));

The above code always throws BadPaddingException: pad block corrupted for following 16 byte encypted data

data = ":ʺ$jhk¨ë‹òºÃ" (the data is 16 chars)

The key is 16 bytes long.

Why does it throw this exception when the data is already the size of a block.? and no padding is needed.

Note: The encrypted data is fetched from a php server.

Edit:

After changing to
Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding");
from
Cipher cipher = Cipher.getInstance("AES");

the decrypt method succeeds, but gives this output enter image description here

Cœur
  • 37,241
  • 25
  • 195
  • 267
Ron
  • 24,175
  • 8
  • 56
  • 97
  • Cipher.doFinal takes a byte array and not a string as parameter. – jarnbjo Mar 01 '13 at 12:49
  • yes.. it is byte array.. – Ron Mar 01 '13 at 12:55
  • give us some more information about the data you receive and if that's everything you are doing to decrypt? – hardartcore Mar 01 '13 at 12:58
  • @Android-Developer That's the data available for encryption. I get it as a base 64 string, decode it before passing it to this decrypt method. The above code is the whole decrypt method. key is 16 bytes. – Ron Mar 01 '13 at 13:01
  • @userSeven7s: The string you are using in your example and code is 13 characters long. What is the actual data you are trying to decrypt? – jarnbjo Mar 01 '13 at 13:22
  • the string is "Test" that I get from server, encrypted and base64 encoded. I decode it first then pass it to decrypt method. It is 16 bytes. I checked the length attrib while debugging.. – Ron Mar 01 '13 at 13:25
  • do you know how the string is encrypted in php side? – hardartcore Mar 01 '13 at 13:51
  • @Android-Developer Its encrypted by another client app, that stores it on this server. When my app fetches the data, the php picks the encrypted data from db, base64 encodes it and sends it to me. – Ron Mar 01 '13 at 14:22
  • so at least you need to know the way it's encrypted by the other client app – hardartcore Mar 01 '13 at 14:30
  • See [this](http://stackoverflow.com/questions/11292413/decrypting-does-not-happen-correctly/11292474#11292474) similar question/answer – David Kroukamp Mar 01 '13 at 15:04
  • @Android-Developer the other client app uses Rijndael implementation in C++.. I think the problem is padding.. the C++ uses null char to pad. – Ron Mar 02 '13 at 03:12
  • Rijndael is the same as AES, but I didn't get what you mean by uses null char to pad? – hardartcore Mar 02 '13 at 07:10
  • @Android-Developer.. null char : '\0' – Ron Mar 02 '13 at 07:24
  • @Android-Developer Also check this question. http://stackoverflow.com/q/15170808/857361 – Ron Mar 02 '13 at 07:28
  • You really should learn the distinction between strings and bytes. Encryption performs on bytes, and those bytes may take any value, including values that cannot be decoded into printable characters. To alleviate this you can use hexadecimal encoding or base 64 encoding. Hex is preferred for debugging purposes. – Maarten Bodewes Mar 02 '13 at 14:19

2 Answers2

10

In most cases which I've been dealing with BadPaddingException was when I was trying to decrypt something which was encrypted on server side with different padding or in some cases it wasn't even decrypted. So first of all I suggest you to look at the way and be sure that the server is returning your string not only Base64 encoded, but encrypted with AES too. Another thing to be careful is if the encryption on server side is using some kind of padding like : AES/CBC/NoPadding , AES/CBC/PKCS5Padding or AES/CBC/PKCS7Padding. In that cases you have to use the same padding in Android so you can decrypt the String.

hardartcore
  • 16,886
  • 12
  • 75
  • 101
1

To encrypt a fixed length of only 16 bytes of data, using a method that requires no initialization vector, Change AES to AES/ECB/NoPadding.

WPrecht
  • 1,340
  • 1
  • 17
  • 29