the AES encryption code below gives a BadPaddingException for the decryption part

Question

This is my encryption method which i have created to enter the salt, iv, encrypted text into a mysql database for future reference. the values of salt, iv and encrypted text are stored in blob, blob and longblob datatype respectively (in mysql).

package enigma;

import java.sql.*;

import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.InvalidParameterSpecException;
import java.security.spec.KeySpec;
import java.sql.ResultSet;
import java.util.Arrays;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;

/**
 *
 * @author
 */
public class encryptedtexttomysql {


/**
 *
 * @author USER
     * @param plaintext
 */
public void enc(String plaintext){

try{
        Class.forName("java.sql.Driver");
        Connection con = DriverManager.getConnection("jdbc:mysql://localhost/test","root","student");
        Statement stmt = con.createStatement();             
         // password to encrypt the file
         String password = "student";
         // salt is used for encoding
          byte[] salt = new byte[8];
            SecureRandom secureRandom = new SecureRandom();
            secureRandom.nextBytes(salt);
            SecretKeyFactory factory = SecretKeyFactory
                    .getInstance("PBKDF2WithHmacSHA1");
            KeySpec keySpec = new PBEKeySpec(password.toCharArray(), salt, 65536,
                    128);
            SecretKey secretKey = factory.generateSecret(keySpec);
            SecretKey secret = new SecretKeySpec(secretKey.getEncoded(), "AES");
            //
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            AlgorithmParameters params = cipher.getParameters();
            byte[] iv = params.getParameterSpec(IvParameterSpec.class).getIV();
            cipher.init(Cipher.ENCRYPT_MODE, secret , new IvParameterSpec(iv));
            //file encryption method
            byte[] output = cipher.doFinal((plaintext).getBytes());                
            String query = "INSERT INTO enc values(\""+salt +"\",\""+ iv+"\",\""+ output+"\");";
        stmt.executeUpdate(query);
            System.out.println("File Encrypted.");
            stmt.close();
        con.close();
        System.out.println("connection successful !");
}
catch(  ClassNotFoundException | SQLException | InvalidKeyException | NoSuchAlgorithmException | InvalidKeySpecException | InvalidParameterSpecException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e){
    System.out.println(e);
}       catch (InvalidAlgorithmParameterException ex) {
            Logger.getLogger(encryptedtexttomysql.class.getName()).log(Level.SEVERE, null, ex);
        }

    }

}

This method is created to accept the values from the database and then use it to decrypt the encrypted text. the values of salt,iv,encrytedtext in the database is stored in blob, blob, longblob datatype

package enigma;

import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.InvalidParameterSpecException;
import java.security.spec.KeySpec;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;

/**
 *
 * @author
 */
public class decryptetextfrommysql {

    public String dec(){
byte [] salt;
byte [] enctext ;
byte[]  output = null;
    //this is to get values from the mysql database    
try{
        Class.forName("java.sql.Driver");
        Connection con = DriverManager.getConnection("jdbc:mysql://localhost/test","root","student");
        Statement stmt = con.createStatement();
        String sql = ("SELECT * FROM enc;");
        ResultSet rs = stmt.executeQuery(sql);
        byte [] iv = null;
        while(rs.next()) { 
        salt = rs.getBytes("salt");
        iv = rs.getBytes("iv");
        enctext= rs.getBytes("encryptedtext");
        }
        String password = "student";
        salt = new byte[8];
        enctext = new byte[64];
    SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
    KeySpec keySpec = new PBEKeySpec(password.toCharArray(), salt, 65536, 128);
    SecretKey tmp = factory.generateSecret(keySpec);
    SecretKey secret = new SecretKeySpec(tmp.getEncoded(), "AES");
        // file decryption method
    Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        iv = new byte[16];
    cipher.init(Cipher.DECRYPT_MODE, secret, new IvParameterSpec(iv));
        output = cipher.update(enctext);
    output = cipher.doFinal();
      //printing out the confirmation  
    System.out.println("File Decrypted! hurray !");
    System.out.println("File Decrypted.");
        stmt.close();
        con.close();
        rs.close();
    System.out.println("connection successful !");
}
catch(ClassNotFoundException | SQLException ex){
    System.out.println(ex);
}
catch(NoSuchAlgorithmException | InvalidKeySpecException | NoSuchPaddingException | InvalidKeyException | InvalidAlgorithmParameterException | IllegalBlockSizeException | BadPaddingException ex) {
Logger.getLogger(decryptetextfrommysql.class.getName()).log(Level.SEVERE, null, ex);
System.out.println(ex);
}
    return new String(output);      
}

}

Here is how i have called the methods and used them.

encryptedtexttomysql obj4 = new encryptedtexttomysql();
decryptetextfrommysql obj5 = new decryptetextfrommysql();
private void jButton5ActionPerformed(java.awt.event.ActionEvent evt) {                                         

    String plaintext = ta1.getText();
    obj4.enc(plaintext);
 }                                        

private void jButton6ActionPerformed(java.awt.event.ActionEvent evt) {                                         

     String a = obj5.dec();
    System.out.println(a);

here is the output exception:

javax.crypto.BadPaddingException: Given final block not properly padded
SEVERE: null
�� A� I� wd�� 彟� 6�� A� I� wd�� 彟� 6�� A� I� wd�� 彟� 6
javax.crypto.BadPaddingException: Given final block not properly padded
at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java: 966)
at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java: 824)

at com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java: 436)
at javax.crypto.Cipher.doFinal(Cipher.java: 2048)

basically there is a problem in the doFinal method.

you should pay some more attention to formatting and indentation... at least when posting code - helps a lot to increase readability and consequently readiness to help! (Also lots of empty lines and unnecessary comments) Another help would be to know exactly a which line the Exception is generated (normally included in the StackTrace of the Exception) — user85421, Dec 13 '17 at 14:28
1. The `PBEKeySpec` salt and IV do not need to e secret ad can just be prepended to the encrypted data. 2. Add sample data and provide a [mcve]. 3. As Carlos stated cleanup your code, if you don't care enough about your code why should anyone else? — zaph, Dec 13 '17 at 14:43
what about now (i.e the posted code does it have proper formating and indentation)(i am new to stack overflow). And i need to use `PBEKeySpec` with authentic salt and iv. — DAGS, Dec 14 '17 at 09:12

Ebbe M. Pedersen · Answer 1 · 2017-12-14T07:12:54.830

0

You are treating your binary data as text with this statement:

 String query = "INSERT INTO enc values(\""+salt +"\",\""+ iv+"\",\""+ output+"\");";

That will not not work, and can easily trigger the padding error you encounter. Also, your code are open to SQL injection, please use prepared statement.

Try something like this:

PreparedStatement stmt = con.prepareStatement("INSERT INTO enc (salt, iv, encryptedText) VALUES (?, ?, ?)");
stmt.setBlob(1, salt);
stmt.setBlob(2, iv);
stmt.setBlob(3, output);
stmt.executeUpdate();

edited Dec 14 '17 at 07:12

answered Dec 13 '17 at 15:38

Ebbe M. Pedersen

7,250
3
27
47

the data that is entered in mysql using the above statement inputs the data in blob datatype – DAGS Dec 13 '17 at 15:59
You build a sql statement that insert text data into a blob. The data goes from byte[] -> text -> blob - arbitrary binary data usually don't survive that. Take a look at the binary data you print out and observe the number of '�' .. these represents bytes that have been attempted to transformed into text, but could not .. the data you have in the database ain't the data you got out of encrypt. – Ebbe M. Pedersen Dec 13 '17 at 17:02
how do i store the encrypted text in mysql along with the salt and iv ? – DAGS Dec 14 '17 at 05:28
i have changed my datatype from blob to varbinary in mysql (https://stackoverflow.com/questions/11309040/mysql-byte-array-storage) – DAGS Dec 14 '17 at 06:00
The datatype is not the problem. The problem is how you insert the data. I have updated my answer. – Ebbe M. Pedersen Dec 14 '17 at 07:13
My answer is about inserting data. Inserting data don't give a result set.Are you now talking about the select ? Where are you converting int to String ? – Ebbe M. Pedersen Dec 14 '17 at 11:27
nowhere. Ebbe M.Pedersen thanks for your answer but the method stmt.setBlob shows datatype mismatch i.e. byte[] cannot be converted to blob. if instead of setBlob() i do setBytes() then this error goes but it still reports bad padding exception. – DAGS Dec 14 '17 at 11:50
what should i do ? – DAGS Dec 16 '17 at 05:28

the AES encryption code below gives a BadPaddingException for the decryption part

1 Answers1