tags:

views:

4471

answers:

1
+2  Q: 

Java Cipher - AES Padding Problem

Hi all

I am using a AES cipher with a 16 byte block size.

If I try and encrypt a 16 byte string I have no problems, but any other length not a multiple of 16 is throwing an exception.

I know with 3-DES you can specify a padding type as part of the algorithm and it's handled with no extra work (e.g. DES/CBC/PKCS5Padding), but is there a way to specify this with AES?

Or do I need to pad the pytes manually to a multiple of 16, and then strip them when I decrypt? Here is an abbreviated code sample. 

encrypt = Cipher.getInstance("AES", provider);
encrypt.init(Cipher.ENCRYPT_MODE, key) ;
byte[] encrypted = encrypt.doFinal(plainTxt.getBytes()) ;

Any and all replies appreciated!

Thanks in advance, Ciarán

+2  A: 

It should work exactly the same with AES, i.e. the padding mode has to be specified together with the cipher. Which padding modes are implemented depends on the provider and should be described in its documentation.

According to the JCE documentation: http://java.sun.com/j2se/1.5.0/docs/guide/security/jce/JCERefGuide.html#AppA standard padding modes like PKCS5Padding should be always supported (at least, that's how I interpret it).

Michael Borgwardt  2008-12-05 01:13:05
Boy am I familiar with that page :) When you say the provider, do you mean the implementation of the JCE I am using? I will check the docs for that.
Ciaran Archer  2008-12-05 08:02:31
Yes, the provider (the second parameter in the getInstance() method) basically implements the Cipher interface. You can have more than one cryptography provider active. Sun's JDK comes with the SunJCE provider pre-installed
Michael Borgwardt  2008-12-05 09:56:56
Since I was coding a 'proof of concept' of the AES through Java/Coldfusion, I implemented my own padding using method 2 described here: http://www.di-mgt.com.au/cryptopad.html. I might take a closer look for the real thing. I'll mark this as the answer though.
Ciaran Archer  2008-12-05 16:03:02

related questions

Java Time Zone is messed up
Eclipse on win64
Automate builds for Java RCP for deployment with JNLP
Why are professors or schools picking Java over C++ to teach to students?
Is there a real benefit of using J#?
Public/Popular Websites using JavaServer Faces
Why can't I use a try block around my super() call?
Accessing post variables using Java Servlets
Personal Linux web server
Is this really widening vs autoboxing?
How can I Java webstart multiple, dependent, native libraries?
Why can't I call toString() on a Java primitive?
How do I use Java to read from a file that is actively being written?
What code analysis tools do you use for your Java projects?
IllegalArgumentException or NullPointerException for a null parameter?
How do I configure and communicate with a serial port?
What is the best way to parse strings in Java
Getting started with a custom JXTA PeerGroup
Creating a custom button in Java
How to get started "writing" a code coverage tool?
Which Build-/Configuration Management Tool?
What is the difference between an int and an Integer in Java/C#?
What is the meaning of the type safety warning in certain Java generics casts?
How would you access Object properties from within an object method?
Converting CSV File to XML in Java