13

So I am working on a personal project for myself, and I am trying to encrypt files on my phone. These files can be anything i.e Documents, photos, etc. Right now I am trying to get this working properly. When ever I run the encryption it seems to work properly and encrypt the files. When I run the decrypt, sometimes it works and other times it doesn't. When it fails I generally get a "Error while finalizing cipher, pad block corrupted" error. I'm also not using different test files, so it isn't like some files work and others don't. It's the same two files I try each time. 

public static void encryptfile(String path,String Pass) throws IOException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException {
    FileInputStream fis = new FileInputStream(path);
    FileOutputStream fos = new FileOutputStream(path.concat(".crypt"));
    byte[] key = (salt + Pass).getBytes("UTF-8");
    MessageDigest sha = MessageDigest.getInstance("SHA-1");
    key = sha.digest(key);
    key = Arrays.copyOf(key,16);
    SecretKeySpec sks = new SecretKeySpec(key, "AES");
    Cipher cipher = Cipher.getInstance("AES");
    cipher.init(Cipher.ENCRYPT_MODE, sks);
    CipherOutputStream cos = new CipherOutputStream(fos, cipher);
    int b;
    byte[] d = new byte[8];
    while((b = fis.read(d)) != -1) {
        cos.write(d, 0, b);
    }
    cos.flush();
    cos.close();
    fis.close();
}

public static void decrypt(String path,String Pass) throws IOException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException {
    FileInputStream fis = new FileInputStream(path);
    FileOutputStream fos = new FileOutputStream(path.replace(".crypt",""));
    byte[] key = (salt + Pass).getBytes("UTF-8");
    MessageDigest sha = MessageDigest.getInstance("SHA-1");
    key = sha.digest(key);
    key = Arrays.copyOf(key,16);
    SecretKeySpec sks = new SecretKeySpec(key, "AES");
    Cipher cipher = Cipher.getInstance("AES");
    cipher.init(Cipher.DECRYPT_MODE, sks);
    CipherInputStream cis = new CipherInputStream(fis, cipher);
    int b;
    byte[] d = new byte[8];
    while((b = cis.read(d)) != -1) {
        fos.write(d, 0, b);
    }
    fos.flush();
    fos.close();
    cis.close();
}

Currently the Salt and Password are static and do not change for testing purposes. Still get errors about half the time.

Does anyone have any ideas on why this happens? I have been searching around and I have found a couple things to try, none of which worked. I have looked through some of the following questions for solutions:

Android decryption: Error while finalizing cipher

last block incomplete with CipherInputStream/CipherOutputStream, even with padding AES/CBC/PKCS5Padding

Encryption error on Android 4.2

Decrypting error : "no iv set when one expected"

How to handle "last block incomplete in decryption"

Encryption and decryption of image file

Tips on encryption/decryption of images in java using AES

Any help is greatly appreciated! I think I am just missing something simple...

Update!

People were right when it was the salt. When I removed the salt, the problem was solved... Did a little more digging, turns out salt+Pass was the issues, but because the salt was a byte[] and Pass was a string. I changed salt to String and then used salt.concat(Pass) and the problem was solved!

Community
  • 1
  • 1
Linux4Hope
  • 233
  • 2
  • 8
  • I personally would be interested to see what you tried to implement. It could also help others as they can see which options have been tried (even if they were implemented incorrectly). – Bono Jan 23 '15 at 17:13
  • @Bono I have added links that I thought would be helpful to me, but ended up not helping me to much. I have tried things like making it so doesn't have padding, uses CBC instead of EBC (Which I would like to do anyways). At one point I even had it converting the Base64 :P – Linux4Hope Jan 23 '15 at 17:21
  • It seems like the salt is most likely the problem, as a salt consists of random bytes, but it is given as a string. How did you create the salt? – Maarten Bodewes Jan 23 '15 at 18:32
  • @MaartenBodewes I wish it was, but the Salt is currently fixed for testing :/ – Linux4Hope Jan 23 '15 at 23:09
  • This error could occur for wrong keys, garbled ciphertext or - only for pretty short ciphertext - because of a wrong IV value. If you enter the wrong password this will be the only way of detecting it (if no authentication tag is present). – Maarten Bodewes Jan 25 '15 at 01:05
  • @MaartenBodewes currently I'm just using set variables for the password and salt. This is so I can test the encryption and make sure I don't have those kinds of problems. I can double check this by logging the keys. Any other ideas? – Linux4Hope Jan 26 '15 at 11:24

1 Answers1

10

maybe I'm missing something but on my side it works without a problem. Can you try the following class simply changing the fileToBeCrypted, fileToBeDecrypted and fileDecryptedOutput variables?

package test;

import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;

import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.SecretKeySpec;

public class TestCrypt{

    private static final String salt = "t784";
    private static final String cryptPassword = "873147cbn9x5'2 79'79314";
    private static final String fileToBeCrypted = "c:\\Temp\\sampleFile.conf";
    private static final String fileToBeDecrypted = "c:\\Temp\\sampleFile.conf.crypt";
    private static final String fileDecryptedOutput = "c:\\Temp\\sampleFile.conf.decrypted";

    public static void main(String[] args) throws Exception
    {
        for (int i=0; i<100; i++)
        {
            encryptfile(fileToBeCrypted, cryptPassword);
            decrypt(fileToBeDecrypted, cryptPassword, fileDecryptedOutput);
            System.out.println(i);
        }
    }

    public static void encryptfile(String path,String password) throws IOException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException {
        FileInputStream fis = new FileInputStream(path);
        FileOutputStream fos = new FileOutputStream(path.concat(".crypt"));
        byte[] key = (salt + password).getBytes("UTF-8");
        MessageDigest sha = MessageDigest.getInstance("SHA-1");
        key = sha.digest(key);
        key = Arrays.copyOf(key,16);
        SecretKeySpec sks = new SecretKeySpec(key, "AES");
        Cipher cipher = Cipher.getInstance("AES");
        cipher.init(Cipher.ENCRYPT_MODE, sks);
        CipherOutputStream cos = new CipherOutputStream(fos, cipher);
        int b;
        byte[] d = new byte[8];
        while((b = fis.read(d)) != -1) {
            cos.write(d, 0, b);
        }
        cos.flush();
        cos.close();
        fis.close();
    }

    public static void decrypt(String path,String password, String outPath) throws IOException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException {
        FileInputStream fis = new FileInputStream(path);
        FileOutputStream fos = new FileOutputStream(outPath);
        byte[] key = (salt + password).getBytes("UTF-8");
        MessageDigest sha = MessageDigest.getInstance("SHA-1");
        key = sha.digest(key);
        key = Arrays.copyOf(key,16);
        SecretKeySpec sks = new SecretKeySpec(key, "AES");
        Cipher cipher = Cipher.getInstance("AES");
        cipher.init(Cipher.DECRYPT_MODE, sks);
        CipherInputStream cis = new CipherInputStream(fis, cipher);
        int b;
        byte[] d = new byte[8];
        while((b = cis.read(d)) != -1) {
            fos.write(d, 0, b);
        }
        fos.flush();
        fos.close();
        cis.close();
    }

}

I can iterate many times without an error! I'm using Oracle JDK 1.8 but running in 1.7 compatibility mode.

Hope this helps you out.

Bye Piero

Piero Ottuzzi
  • 193
  • 1
  • 7