0

We are trying to validate the user emails by sending an encrypted token with the email. In some occasions, it gives:

javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.

The thing is, we have a key and we are not giving IvParameterSpec a random number but a static one. I know it is not safe but, if we randomize, it does not decrypt the token when the process is restarted and such. At least the first 16 characters are not being decrypted which makes the functionality failed. Saving IVSpec is not an option also.

Any ideas what is the core of this problem? Or an alternative way to securely enc-dec in case of process restart?

Neron
  • 1,500
  • 7
  • 30
  • 52
  • When you used a random IV, did you use the *same* random IV on both sides? – Kayaman Jun 14 '22 at 13:44
  • 2
    The corrupted first block (16 bytes) points to a wrong IV for AES/CBC. So that in the case of a randomly generated IV this is available during decryption, the IV is usually concatenated with the ciphertext (IV|ciphertext). The decrypting side separates both (the IV is the first 16 bytes) and performs decryption. – Topaco Jun 14 '22 at 13:54
  • @XtremeBaumer I am 100% sure that the key is right. But when you give another IV it also gives the same error. you can check it. – Neron Jun 14 '22 at 13:55
  • @Kayaman thats the thing. If the IV is random and the process restarts, it cannot be the same. So this case, having a random IV does not work. – Neron Jun 14 '22 at 13:56
  • Well not like that it won't :D Just because the IV can be random, doesn't mean you don't have to store it to use the same one for encryption and decryption. – Kayaman Jun 14 '22 at 13:57
  • @Kayaman thats the case. I am trying to find a good way to secure the token and actually store data in it. With this way, the encryption way after process restart is not working at all. So I am not in knowledge of why people use this type of encryption by random IV at all. About storing IV, it sure can work but I am trying to research another way to not to create a persistence layer just for this tbh. In the worst case, I ll do that it seems – Neron Jun 14 '22 at 14:00
  • You should re-read Topaco's comment. – President James K. Polk Jun 14 '22 at 14:40
  • @Topaco I have encrypted the text as "iv + text" and when I decrypt, it actually did exactly like that. I think you can put as an answer and get the ok from me. Thx – Neron Jun 14 '22 at 15:13

0 Answers0