Re: padding problem

Aaron M. Stromas (ams@us.oracle.com)
Thu, 20 May 1999 11:09:21 -0400

Date: Thu, 20 May 1999 11:09:21 -0400
From: "Aaron M. Stromas" <ams@us.oracle.com>
To: java-security@java.sun.com
Subject: Re: padding problem

--------------72B10E637A0774B50FF3FBC9
Content-Type: text/plain; charset="us-ascii"
X-Sun-Content-Length: 3121

never mind, i found my mistake - i forgot that the encrypted text (which
i loaded into ldap directory) was generated using Cipher object
instantiated

Cipher cipher = Cipher.getInstance("PBEWithMD5AndDES");

all is well now. aplogies for the false alarm.

-a

"Aaron M. Stromas" wrote:

> hi,
>
> i initialise my Cipher object as shown below for both encryption and
> decryption. my problem is that i keep getting the BadPaddingException.
> >From what i was able to gather, specifying PKCS5Padding should've
> taken care of the padding problem. obviously, i misunderstood
> something. please, advise what i am doing wrong and what i should be
> doing to correct my error. tia,
>
> here is what i do to encrypt:
>
> try {
> PBEParameterSpec paramSpec = new
> PBEParameterSpec(salt, iterations);
> PBEKeySpec keySpec = new
> PBEKeySpec(args[0].toCharArray());
> SecretKeyFactory kf =
> SecretKeyFactory.getInstance("PBEWithMD5AndDES");
> SecretKey key = kf.generateSecret(keySpec);
>
> Cipher cipher =
> Cipher.getInstance("PBEWithMD5AndDES/CBC/PKCS5Padding");
> cipher.init(Cipher.ENCRYPT_MODE, key, paramSpec);
>
> byte[] encrypted =
> cipher.doFinal(args[1].getBytes());
> String encoded = new
> String(Base64.encode(encrypted));
> .....
>
> and this is how i attempt to decrypt
>
> .....
>
> PBEParameterSpec paramSpec = new PBEParameterSpec(salt,
> iterations);
> PBEKeySpec keySpec = new PBEKeySpec(passwd.toCharArray());
> SecretKeyFactory kf =
> SecretKeyFactory.getInstance("PBEWithMD5AndDES");
> SecretKey key = kf.generateSecret(keySpec);
> cipher =
> Cipher.getInstance("PBEWithMD5AndDES/CBC/PKCS5Padding");
> cipher.init(Cipher.DECRYPT_MODE, key, paramSpec);
>
> byte[] cleartext =
> cipher.doFinal(Base64.decode(cryptotext.getBytes()));
>
> the last line results in exception:
>
> javax.crypto.BadPaddingException: Given final block not
> properly padded
> at com.sun.crypto.provider.DESCipher.engineDoFinal(Compiled
> Code)
> at com.sun.crypto.provider.DESCipher.engineDoFinal(Compiled
> Code)
> at
> com.sun.crypto.provider.PBEWithMD5AndDESCipher.engineDoFinal(Compiled
> Code)
> at javax.crypto.Cipher.doFinal(Compiled Code)
> at Ldap.decrypt(Compiled Code)
> at Ldap.search(Compiled Code)
> at Main.main(Compiled Code)
>
> i tested base64 encoding/decoding and eliminated it as a cuprit.
> again, thanks for your help.
>
>
> --
> Aaron Stromas | "Tick-tick-tick!!!... ja, Pantani is weg..."
> Oracle Corp | BRTN commentator
> +1 703.708.49.33 | L'Alpe d'Huez
> 1995 Tour de France
>
>

--
Aaron Stromas    | "Tick-tick-tick!!!... ja, Pantani is weg..."
Oracle Corp      |                             BRTN commentator
+1 703.708.49.33 |                              L'Alpe d'Huez
                                            1995 Tour de France

--------------72B10E637A0774B50FF3FBC9 Content-Type: text/html; charset="us-ascii" X-Sun-Content-Length: 5481

<!doctype html public "-//w3c//dtd html 4.0 transitional//en"> never mind, i found my mistake - i forgot that the encrypted text (which i loaded into ldap directory) was generated using Cipher object instantiated

Cipher cipher = Cipher.getInstance("PBEWithMD5AndDES");

all is well now. aplogies for the false alarm.

-a

"Aaron M. Stromas" wrote:

hi,

i initialise my Cipher object as shown below for both encryption and decryption. my problem is that i keep getting the BadPaddingException. >From what i was able to gather, specifying PKCS5Padding should've taken care of the padding problem. obviously, i misunderstood something. please, advise what i am doing wrong and what i should be doing to correct my error. tia,

here is what i do to encrypt:

 try {
                PBEParameterSpec paramSpec = new PBEParameterSpec(salt, iterations);
                PBEKeySpec keySpec = new PBEKeySpec(args[0].toCharArray());
                SecretKeyFactory kf = SecretKeyFactory.getInstance("PBEWithMD5AndDES");
                SecretKey key = kf.generateSecret(keySpec);

                Cipher cipher = Cipher.getInstance("PBEWithMD5AndDES/CBC/PKCS5Padding");
                cipher.init(Cipher.ENCRYPT_MODE, key, paramSpec);

                 byte[] encrypted = cipher.doFinal(args[1].getBytes());
                 String encoded = new String(Base64.encode(encrypted));
.....

and this is how i attempt to decrypt

.....

        PBEParameterSpec paramSpec = new PBEParameterSpec(salt, iterations);
        PBEKeySpec keySpec = new PBEKeySpec(passwd.toCharArray());
        SecretKeyFactory kf = SecretKeyFactory.getInstance("PBEWithMD5AndDES");
        SecretKey key = kf.generateSecret(keySpec);
        cipher = Cipher.getInstance("PBEWithMD5AndDES/CBC/PKCS5Padding");
        cipher.init(Cipher.DECRYPT_MODE, key, paramSpec);

        byte[] cleartext = cipher.doFinal(Base64.decode(cryptotext.getBytes()));

the last line results in exception:

        javax.crypto.BadPaddingException: Given final block not properly padded
        at com.sun.crypto.provider.DESCipher.engineDoFinal(Compiled Code)
        at com.sun.crypto.provider.DESCipher.engineDoFinal(Compiled Code)
        at com.sun.crypto.provider.PBEWithMD5AndDESCipher.engineDoFinal(Compiled Code)
        at javax.crypto.Cipher.doFinal(Compiled Code)
        at Ldap.decrypt(Compiled Code)
        at Ldap.search(Compiled Code)
        at Main.main(Compiled Code)

i tested base64 encoding/decoding and eliminated it as a cuprit. again, thanks for your help.
 

-- 
Aaron Stromas    | "Tick-tick-tick!!!... ja, Pantani is weg..."
Oracle Corp      |                             BRTN commentator
+1 703.708.49.33 |                              L'Alpe d'Huez
                                            1995 Tour de France
 
-- 
Aaron Stromas    | "Tick-tick-tick!!!... ja, Pantani is weg..."
Oracle Corp      |                             BRTN commentator
+1 703.708.49.33 |                              L'Alpe d'Huez
                                            1995 Tour de France
  --------------72B10E637A0774B50FF3FBC9--