8

this code works well before android 6.0, but get an error on 6.0 if encrypted file size less than about 1k bytes.

public static byte[] decode(byte[] decrypteSrcBuffer) throws Exception {
    Key deskey = null;
    DESedeKeySpec spec = new DESedeKeySpec(mKeyBytes);
    SecretKeyFactory keyfactory = SecretKeyFactory.getInstance("desede");
    deskey = keyfactory.generateSecret(spec);
    Cipher cipher = Cipher.getInstance("desede/CBC/PKCS5Padding");
    IvParameterSpec ips = new IvParameterSpec(iv.getBytes());
    cipher.init(Cipher.DECRYPT_MODE, deskey, ips);
    byte[] decryptData = cipher.doFinal(decrypteSrcBuffer);

    return decryptData;
}

Error info:

javax.crypto.BadPaddingException: error:1e000065:Cipher functions:OPENSSL_internal:BAD_DECRYPT
at com.android.org.conscrypt.NativeCrypto.EVP_CipherFinal_ex(Native Method)
at com.android.org.conscrypt.OpenSSLCipher$EVP_CIPHER.doFinalInternal(OpenSSLCipher.java:568)
at com.android.org.conscrypt.OpenSSLCipher.engineDoFinal(OpenSSLCipher.java:350)
at javax.crypto.Cipher.doFinal(Cipher.java:2056)
Artjom B.
  • 61,146
  • 24
  • 125
  • 222
pkucamel
  • 91
  • 1
  • 1
  • 8
  • 1
    It means that either your ciphertext or your key are wrong. Check your encodings of everything. This code itself is "correct". The issue is somewhere else. Please create a [Minimal, Complete and Verifyable example](/help/mcve). – Artjom B. Aug 19 '16 at 18:46
  • **Don't use Triple DES nowadays.** It only provides at best 112 bit of security even if you use the largest key size of 192 bit. If a shorter key size is used, then it only provides 56 or 57 bits of security. AES would be faster (processors have a special AES-NI instruction set) and even more secure with the lowest key size of 128 bit. There is also a practical limit on the maximum ciphertext size with 3DES. See [Security comparison of 3DES and AES](http://security.stackexchange.com/q/26179/45523). – Artjom B. Aug 19 '16 at 18:47
  • The IV must be unpredictable (read: random). Don't use a static IV, because that makes the cipher deterministic and therefore not semantically secure. An attacker who observes ciphertexts can determine when the same message prefix was sent before. The IV is not secret, so you can send it along with the ciphertext. Usually, it is simply prepended to the ciphertext and sliced off before decryption. – Artjom B. Aug 19 '16 at 18:47
  • 1
    I had this as as others said "either your ciphertext or your key are wrong" and turn out I'd forgotten to decode me key from base64 i'd just done string.getBytes(). – scottyab Dec 07 '17 at 20:29
  • In my case this error only occur when my device running out of memory. – Mansukh Ahir Jan 21 '19 at 13:01
  • I have same issue while encrypting mp3 file in honor device(OS: Orio). while ((readLength = in.read(buff)) != -1) { outputStream.write(buff, 0, readLength); } after write in to outputStream it goes to Catch(message:javax.crypto.BadPaddingException: error:1e000065:Cipher functions:OPENSSL_internal:BAD_DECRYPT) – Muhammed Haris Jan 28 '19 at 11:17
  • I have the same issue **my code works on JVM 8** but doesn't work on android. also I'm using **AES** – Erfan Azhdari Nov 02 '19 at 21:31
  • @scottyab Can you please show in code what you did to fix it? I might have the same issue. – android developer May 07 '20 at 12:31

0 Answers0