Login/Register
'BadPaddingException: pad block corrupted' while decrypting using AES/ECB
Asked Answered
javaandroidaesbadpaddingexception
S

2

7

In Android/java app,

byte[] data = ":ʺ$jhk¨ë‹òºÃ"; // fetched from php server..
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, mKeyspec);
return new String(cipher.doFinal(data));

The above code always throws BadPaddingException: pad block corrupted for following 16 byte encypted data

data = ":ʺ$jhk¨ë‹òºÃ" (the data is 16 chars)

The key is 16 bytes long.

Why does it throw this exception when the data is already the size of a block.? and no padding is needed.

Note: The encrypted data is fetched from a php server.

Edit:

After changing to
Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding");
from
Cipher cipher = Cipher.getInstance("AES");

the decrypt method succeeds, but gives this output enter image description here

Susa answered 1/3, 2013 at 12:44 Comment(15)
Cipher.doFinal takes a byte array and not a string as parameter.Letsou
yes.. it is byte array..Susa
give us some more information about the data you receive and if that's everything you are doing to decrypt?Rau
@Android-Developer That's the data available for encryption. I get it as a base 64 string, decode it before passing it to this decrypt method. The above code is the whole decrypt method. key is 16 bytes.Susa
@userSeven7s: The string you are using in your example and code is 13 characters long. What is the actual data you are trying to decrypt?Letsou
the string is "Test" that I get from server, encrypted and base64 encoded. I decode it first then pass it to decrypt method. It is 16 bytes. I checked the length attrib while debugging..Susa
do you know how the string is encrypted in php side?Rau
@Android-Developer Its encrypted by another client app, that stores it on this server. When my app fetches the data, the php picks the encrypted data from db, base64 encodes it and sends it to me.Susa
so at least you need to know the way it's encrypted by the other client appRau
See this similar question/answerLoader
@Android-Developer the other client app uses Rijndael implementation in C++.. I think the problem is padding.. the C++ uses null char to pad.Susa
Rijndael is the same as AES, but I didn't get what you mean by uses null char to pad?Rau
@Android-Developer.. null char : '\0'Susa
@Android-Developer Also check this question. https://mcmap.net/q/1480620/-encrypt-and-decrypt-doesn-39-t-give-the-same-plain-text-using-aes-ecb-nopadding/857361Susa
You really should learn the distinction between strings and bytes. Encryption performs on bytes, and those bytes may take any value, including values that cannot be decoded into printable characters. To alleviate this you can use hexadecimal encoding or base 64 encoding. Hex is preferred for debugging purposes.Canopus
R
10

In most cases which I've been dealing with BadPaddingException was when I was trying to decrypt something which was encrypted on server side with different padding or in some cases it wasn't even decrypted. So first of all I suggest you to look at the way and be sure that the server is returning your string not only Base64 encoded, but encrypted with AES too. Another thing to be careful is if the encryption on server side is using some kind of padding like : AES/CBC/NoPadding , AES/CBC/PKCS5Padding or AES/CBC/PKCS7Padding. In that cases you have to use the same padding in Android so you can decrypt the String.

Rau answered 1/3, 2013 at 13:11 Comment(2)
try using a UTF-8 charset while converting from byte[] to String.Rau
I think you are seeing this output because the string is not converted properly and it's still byte[].Rau
S
1

To encrypt a fixed length of only 16 bytes of data, using a method that requires no initialization vector, Change AES to AES/ECB/NoPadding.

Sidedress answered 1/3, 2013 at 13:12 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.