1

I am trying to encrypt a string in ruby and descrypt in Android. I'm pretty unfamiliar with ciphering, but I've done some reading and I think I'm close to getting to work. however, I'm still getting an error on the Android side that I just do not understand how to fix. I understand what padding is and that it's not correct, but what do I need to change to make this work? My ruby and java code are below. Thank you!!!

Ruby:

shared_key = "123456789012345678901234"      
cipher = OpenSSL::Cipher::Cipher.new("des3")
cipher.encrypt
cipher.key = shared_key
ciphertext = cipher.update(secret)
ciphertext << cipher.final
Rails.logger.debug(ciphertext);

encrypted_secret = Base64.encode64(ciphertext)
Rails.logger.debug(encrypted_secret);
render json: { 'token' => token, 'secret' => encrypted_secret }, status: :ok

Java:

    SecretKey key = new SecretKeySpec(SHARED_DECRYPTION_KEY.getBytes("UTF8"), "DESede");
    byte[] encryptedSecretBytes = Base64.decode(secret);     
    Cipher cipher = Cipher.getInstance("DESede"); // cipher is not thread safe
    cipher.init(Cipher.DECRYPT_MODE, key);
    byte[] plainTextSecretBytes = (cipher.doFinal(encryptedSecretBytes));
    String decryptedSecret = Base64.encodeBytes(plainTextSecretBytes);

and the exception I get in Android:

05-14 19:03:11.500: W/System.err(22175): javax.crypto.BadPaddingException: pad block corrupted
05-14 19:03:11.500: W/System.err(22175):    at com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher.engineDoFinal(BaseBlockCipher.java:709)
05-14 19:03:11.500: W/System.err(22175):    at javax.crypto.Cipher.doFinal(Cipher.java:1111)
05-14 19:03:11.500: W/System.err(22175):    at com.cdlcollege.saas.Credentials.storeServerAccessCredentials(Credentials.java:85)
deepwinter
  • 4,568
  • 2
  • 31
  • 37

1 Answers1

0

Pad block corrupted means the wrong key was used to decrypt or the data was altered between encryption and decryption.

If I had to guess, I suspect you are creating a key in the wrong manner. Instead of calling getBytes(), I'm guessing you should have done a hex conversion.

See Convert hex string to byte [] for example Android code for performing this task.

Side note: don't just specify "DESede" for a cipher. Specify the mode and padding as well. E.g. "DESede/CBC/PKCS5Padding". That ensures you get exactly what you want, rather than crypto provider defaults (which may vary across phones).

Community
  • 1
  • 1
Duncan Jones
  • 67,400
  • 29
  • 193
  • 254
  • ok interesting i'll check on these and see where it gets me. thanks for the pointers. – deepwinter May 15 '14 at 17:17
  • thanks for the help, it definitely set me on the right track. I also found that this question: http://stackoverflow.com/questions/11266556/encrypt-in-ruby-and-decrypt-in-java-why-is-it-not-working is close to a duplicate, and contains some code that helped me get this working with AES encryption. – deepwinter May 19 '14 at 23:51
  • @deepwinter What was the root cause of the problem? – Duncan Jones May 20 '14 at 07:30
  • i fixed the pad block corrupted issue by doing a Base64.decode on the key rather than getBytes(). i then had problems setting key which was the correct length, but once I followed the AES example (and AES is recommended anyway) i figure most things out. the main thing with this is, as you say, making sure you convert your text strings and other variables to bytes in a consistent way. – deepwinter May 20 '14 at 18:24