what is wrong in java AES decrypt function?

Question

hi,

i modified the code available on http://java.sun.com/developer/technicalArticles/Security/AES/AES_v1.html

and made encrypt and decrypt methods in program. but i am getting BadpaddingException.. also the function is returning null.. why it is happing?? whats going wrong? please help me..

these are variables i am using:

kgen = KeyGenerator.getInstance("AES");
            kgen.init(128);
            raw = new byte[]{(byte)0x00,(byte)0x11,(byte)0x22,(byte)0x33,(byte)0x44,(byte)0x55,(byte)0x66,(byte)0x77,(byte)0x88,(byte)0x99,(byte)0xaa,(byte)0xbb,(byte)0xcc,(byte)0xdd,(byte)0xee,(byte)0xff};
            skeySpec = new SecretKeySpec(raw, "AES");
            cipher = Cipher.getInstance("AES");

            plainText=null;
            cipherText=null;

following is decrypt function..

public String decrypt(String cipherText)
    {
        try
        {
            cipher.init(Cipher.DECRYPT_MODE, skeySpec);
            byte[] original = cipher.doFinal(cipherText.getBytes());
            plainText = new String(original);
        }


        catch(BadPaddingException e)
        {

        }

        return plainText;
    }

Answer 1

From the Java-Security archives

One common mistakes that people made is to put the encrypted bytes inside a string and upon decryption they use String.getBytes() to retrieve it. Since String does its own character encoding, the byte[] that you used to construct the String object and the byte[] that you get from its getBytes() are not necessarily equal.

Answer 2

Since you've shown very little code it's hard to help predict what might be causing the exception.

plainText is null because it is initialized to null and the decrypt function is throwing an exception before assigning a value to plainText.

What do you do with kgen? In the example you linked to it is used to generate the raw byte array for the secret key spec. In your variable instantiation list you manually define the raw byte array.

   KeyGenerator kgen = KeyGenerator.getInstance("AES");
   kgen.init(128); // 192 and 256 bits may not be available

   // Generate the secret key specs.
   SecretKey skey = kgen.generateKey();
   byte[] raw = skey.getEncoded();

   SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");

Answer 3

Where is cipherText actually coming from? It needs to be a "raw" byte array (not a string), and needs to have been encrypted in a way that the Cipher can understand.

AES (and block ciphers in general) can be run in different "block modes" and with different "padding", and when you instantiate a Cipher, you should indicate which block mode you're using (or which was used to originally encrypt the data). If you get a BadPaddingException when passing in raw bytes, then it generally means the data has been encrypted using a different mode or padding. (In this case, it could just be an artefact of converting the data to a String, as I think another poster has mentioned.)

Some information I've written that might be helpful:

• AES and block ciphers in Java
• block modes