Error: Given final block not properly padded while do Java AES decryption of Javascript CryptoJS Encryption

Question

Hallo Guys currently i having a problem while doing decryption of CryptoJS encryption from my java code, i have verified that CryptoJS encryption result should be hex value, but currently seems java code keep throwing a:

Exception in thread "main" javax.crypto.BadPaddingException: Given final block not properly padded

For your reference this is my javascript code for AES encryption (Use cryptoJS from NPM Library):

 const cryptoJS = require('crypto-js');
    
    const IV = cryptoJS.lib.WordArray.random(16);
    
    const keyString = 'test';
    
    var key = cryptoJS.SHA256(keyString);
    
    function encrypt(data) {
    
        // 1. first encode UTF-8 wordaArray
        // 2. do encrypt AES to string
        // 3. encode b64 wordArray and toString with Hex
    
        const val = cryptoJS.enc.Utf8.parse(JSON.stringify(data));
    
        const encrypted = cryptoJS.AES.encrypt(val, key, { iv: IV }).toString();
    
        console.log('------');
        console.log('encrypted aes: ' + encrypted);
        console.log('------');
    
        let b64 = cryptoJS.enc.Base64.parse(encrypted).toString(cryptoJS.enc.Hex);
    
        return b64;
    }

   const encryptedData = encrypt(data);
   console.log('encrypted payload: ');
   console.log(encryptedData);
   console.log('------------------')
   console.log('KEY: ');
   console.log(key.toString());
   console.log('------------------')
   console.log('IV: ');
   console.log(IV.toString());

Java Code, please note key, iv, and hex is value generated from javascript code above:

public static void main(String[] args) throws Exception {
        String hex = "155ee32f893b7c6d77b182afde0fc04f89c68c669d1b698808b2b8781dc9f97848d493f218b878180b52290d436480a04e32648d0251f4de51e789d219539dda958bc8669dc3b67fcac46ff87a5231010ee1f17c0894c67f8b6aa9cd60c52f5400c608526f471ff24ad6e60e3c5816ee9ac1503ce67ce07196fb7f308d03de086388fd904712a79b44268f47af1d7b38f9a9e51aa250016ce88692f7f8b7e2b1f1de4de747dd71019b2c9f8bf187804863998ca3c76c89c853a5ed2b0a424d48719e2c912381e310d5a453ceebbf4deaba965c353979f5c1c202ffb75e08088fc162e12e3f91a0178d14fd4c18788d3fc9867ae7182fff4410e45b726110f4ff6123381a517f0406f786a007e309a2f28cc18f25d1279d2b17d80dbb2d1e99fa68ccb3f18d3d854d824da8f7bcb22ffff3ad05d97e3a10f421ae6e21d232f5cf067242183d04337cc6ee97b6de1cb6d1f223beba4d95c1636b3a4f9a1d137679c04f59b1edd0b60c5bf939134f9c9dc286d65dc0f0941afc0fd1596665594893f72aedd774e97bd069a23a718b91fda6161e034baeac04fb0ee5386d6aca95977f4b7a6e5ef7b76fe8437746fc5f80f1fdf91d10291b5a872ccf319c5f7cffee0381702a5710a445a7b9fd01fc74192e280530b3b81de19ae807a5c23a31ae28f2ca5c92c3a02128eeb6b3930843a0b726be9340d13a24f97c36d0c051281e812c9227ac96f2070f36cf53e4a872bb3727ec961efadc6e6f059c5c6ee4e73ee69914ca12f683e6fc16f89b693d0d31fb0b24f31e3584ce2574ed3f300a40c21f2a68a8858c0d5564f0ddd4a088aaa76971a3ed45e3d49fc1e629ea2bd6662b970edf138430b1b0b3fcd7d2ae9b5171826cdeb441fa650691fda18ebc9fdaab68c30c93ee1b70cca40fd03ea082bb72ef026c9f3d6228bbf4150d796e238c5cb2cb3beda98440fb33d2d94df3203e577df2907111cd84b2a44f286ae4ca0d427bc1da44b9afcc9cd1ac2885cad61518bf395f2e677d69833d0ed2ed5aa91281ecc0e2189666b9ac519105e02d2d282d6c38c3d247e2866859589acc939b4d230059cab7128f3a4151cd48807617ade0748b2cf3b2036a66aa3f840d5a94378976d61b8c54fd52bc62092b9cfb80df1f0802b9b335716b1d00ff96ed7b56ad6c4b4fc26551ea501db81df20f0745c792bd15a5a8a19c6691b7090dab99d33e398cea242504cefb811853041e685d0bddeb0712f76d0e6134f60ab6dad7097eab4f80eab4235ab91d97bcb194306f1edcffc1b8f3e8f023497902b05975aa7495f66edb8cf26898812352d73cbf29a41a51f999f7431148e9c24961702ad27bbfcbdfa72f46985797afbd70910f14f31e5dc62e50fd338c2b12d0289b1a71fd195a402be67f7ef894a22c52a98b6cb1b386a2319b9239df43b816f7ca122c5238b0b989e44c39539e7229b55b7ac25f6c45c9a455a14a7e36957427357c1ac59f9e2493f23a57fa7cd482e8408cf1878af875c10dcb82cc6fe392a1d7085d6fe906b80cd7239a150d442d30f8c3031c975b4b860106f09f58b96300284d733efdf4123d7e2abe5c201fc7720c7f30b17f308eaa07f3dfe522bff2faee04eb289f41c95302bc67cb3d9efa5abfe7d1ed99d86d3b09c524b5d6efc37bb0580640578234f7f33868d1f21b84f9140c22c223f1e835cca137861710d135fe229fe1e1b2";
        String iv = "80bde9630fd9a26d5f97ff130dacb7eb";
        String key = "9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08";

        byte[] keyByte = DatatypeConverter.parseHexBinary(key);
        byte[] ivByte = DatatypeConverter.parseHexBinary(iv);
    
        SecretKeySpec keySpec = new SecretKeySpec(keyByte, 0, 16, "AES");

        IvParameterSpec ivSpec = new IvParameterSpec(ivByte);

        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec);

        byte[] decrypted = cipher.doFinal(DatatypeConverter.parseHexBinary(hex));

        return new String(decrypted, "UTF-8");

}

Please help to suggest if i used wrong approach during decrypt, thank you very much for the help!

Your key is 32 bytes, i.e. use `SecretKeySpec keySpec = new SecretKeySpec(keyByte, 0, 32, "AES")` or shorter `SecretKeySpec keySpec = new SecretKeySpec(keyByte, "AES")`. — Topaco, Feb 19 '22 at 12:47
Hallo Bro @Topaco, Appreciate your question, sorry I just tried as your comment, but seems its issue if used this: I got this error: Exception in thread "main" java.security.InvalidKeyException: Illegal key size — Steven Y., Feb 19 '22 at 12:51
I can' t reproduce this, s. online: https://www.jdoodle.com/iembed/v0/noQ — Topaco, Feb 19 '22 at 13:11
@Topaco, I just notice you are using HexFormat.of().parseHex(), may i check with you currently i am using jdk7, i see that jdk7 not available for this features, do you have any suggestion for the parse hex? — Steven Y., Feb 19 '22 at 13:22
With regard to Java 7, if the problem persists after the suggested fix, _additionally_ check whether the _Unlimited Strength Jurisdiction Policy_ is installed, see e.g. [here](https://stackoverflow.com/q/41580489). If not, this is to be installed! Regarding hex encoding: `DatatypeConverter.parseHexBinary()` works as well. I used `HexFormat` only for the online demo to avoid the dependency on `DatatypeConverter`. `HexFormat` is available from Java 17 on. For earlier versions see e.g. here: https://stackoverflow.com/a/140861/9014097. — Topaco, Feb 19 '22 at 13:54
Thank you very much @Topaco, you are right need install Unlimited Strength Jurisdiction Policy and its working now if apply: SecretKeySpec keySpec = new SecretKeySpec(keyByte, "AES") — Steven Y., Feb 19 '22 at 14:09

Error: Given final block not properly padded while do Java AES decryption of Javascript CryptoJS Encryption

0 Answers0