I have one server and two clients. The server runs with Java and Jersey (Rest). One client is a Java client and the other is an Android client.
I want to send message encrypted with AES. So I have this code (on the server and clients) :
cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
public String crypterMessage(String message) {
cipher.init(Cipher.ENCRYPT_MODE, key);
String messageCrypte = new String(Hex.encodeHex(cipher.doFinal(message.getBytes())));
mIv = cipher.getIV();
return messageCrypte;
}
public String decrypterMessage(String messageCrypte) {
IvParameterSpec ivParameterSpec = new IvParameterSpec(mIv);
cipher.init(Cipher.DECRYPT_MODE, obtenirCleSecrete(), ivParameterSpec);
return new String(cipher.doFinal(Hex.decodeHex(messageCrypte.toCharArray())));
}
When I send encrypted message from the Java Client, the server decrypt it and crypt the response. The Java Client decrypt the response. It works perfectly.
But when the Android client send a encrypted message, the server can't decrypt it. I have a BadPaddingException : "Given final block not properly padded" on the server.
The server and the java client use SunJCE and the Android client uses AndroidOpenSSL as provider.
What's the problem with Android ?
PS : I use Hex.encode and Hex.decode from org.apache.commons. And I use Spring on Android.
EDIT
I found the problem but I don't know why. I have this code :
KeyGenerator generateurCle = KeyGenerator.getInstance("AES");
SecureRandom securite = SecureRandom.getInstance("SHA1PRNG");
securite.setSeed(mCleCryptage.toByteArray());
generateurCle.init(128, securite);
mCleSecrete = generateurCle.generateKey();
The variable "mCleCryptage" is the same for the server and clients. But "mCleSecrete" differs between server and Android client. Server and Java Client have the same secret key.
I don't understand because all have the same class, the same code.
