PBE; final block not properly padded help!
Hi there,
I'm having problems decrypting passwords using password based encryption (PBE), throwing me a "final block not properly padded" exception.
The passwords are also encrypted uses PBE in a seperate class called the PasswordEncryption. The code necessary to generate the Cipher is in a seperate method which is passed a String to determined if it would be initialized in "encrypt" or "decrypt" mode.
The class where the passwords are decrypted, UserManager, is passed the encrypted passwords as a String. It calls the PasswordEncryption class gets getcipher() to get the Cipher, and then decrypts the password. The data is read from the database by another class which reads database info, and passed in as a string to the decrypting class. The decrypting class converts the string to a byte[].
Below I have the UserManager class and PasswordEncryption class:
public class UserManager
implements SecurityServerInterface, PETComponent {
public UserManager() {
private static String decryptPassword(String asPassword) throws
SecurityException {
PasswordEncryption passwordEncryption = new PasswordEncryption();
Cipher pbeCipher = passwordEncryption.getCipher("decrypt");
String clearText = new String();
byte[] encryptedPassword = asPassword.getBytes();
try {
//This is where decryption failed! Given final block not properly padded
byte[] cipherText = pbeCipher.doFinal(encryptedPassword);
System.out.println(cipherText);
System.out.println("test cipher text");
clearText = new String(cipherText);
System.out.println("original:" + asPassword);
System.out.println("decrypted:" + clearText);
catch (IllegalBlockSizeException e) {
System.out.println(e.getMessage());
String illegalBlock = e.getMessage();
throw new SecurityException(illegalBlock);
catch (BadPaddingException e) {
System.out.println(e.getMessage());
String badPadding = e.getMessage();
throw new SecurityException(badPadding);
catch(Exception e) {
System.out.println(e.getMessage());
String exception = e.getMessage();
throw new SecurityException(exception);
System.out.println(clearText);
return clearText;
public class PasswordEncryption {
public static void main(String[] args) throws PETDBException,
SecurityEncryptionException {
PasswordEncryption encryptor = new PasswordEncryption();
ArrayList mainList = encryptor.getAllPasswords();
mainList = encryptor.encryptAllPasswords(mainList);
encryptor.updateAllPasswords(mainList);
public PasswordEncryption() {
//Get passwords from the user table of the database, e.g, loginName and passwords
private ArrayList getAllPasswords() throws PETDBException {
ArrayList passwordList = new ArrayList();
DBConnection.setConnection("jdbc:mysql://localhost/Mysql/data/pet?user=root&password=");
DBConnection dbCon = DBConnection.createConnection();
Connection con = dbCon.getConnection();
System.out.println(con);
try {
String allPasswordQuery = " SELECT " + DBColumns.USPASSWD.trim() + " , " +
DBColumns.USLOGINNAME.trim() + " from " + DBColumns.USER;
Statement stmt = con.createStatement();
ResultSet rs;
rs = stmt.executeQuery(allPasswordQuery);
if (rs.isFirst()) {
throw new PETDBException("No password found in the database.");
while (rs.next()) {
UserDO loUserDO = new UserDO();
loUserDO.setPassword(rs.getString(DBColumns.USPASSWD));
loUserDO.setLoginName(rs.getString(DBColumns.USLOGINNAME));
passwordList.add(loUserDO);
catch (SQLException sql) {
String sqlError = sql.getMessage();
throw new PETDBException(sqlError);
return passwordList;
private ArrayList encryptAllPasswords(ArrayList aoPasswordList) throws
SecurityEncryptionException {
// Encrypt the password
Cipher pbeCipher = getCipher("encrypt");
Iterator passwordIterator = aoPasswordList.iterator();
UserDO loUserDO = new UserDO();
try {
while (passwordIterator.hasNext()) {
loUserDO = (UserDO) passwordIterator.next();
String lsPassword = loUserDO.getPassword();
byte[] clearTextPassword = lsPassword.getBytes();
byte[] cipherText = pbeCipher.doFinal(clearTextPassword);
String cipherString = new String(cipherText);
loUserDO.setPassword(cipherString);
System.out.println(cipherString);
catch (IllegalBlockSizeException e) {
throw new SecurityException("Can't encrypt password, illegal block size");
catch (BadPaddingException e) {
throw new SecurityException("Can't encrypt password, bad padding");
System.out.println(aoPasswordList);
return aoPasswordList;
public Cipher getCipher(String mode) {
PBEKeySpec pbeKeySpec;
PBEParameterSpec pbeParamSpec;
SecretKeyFactory keyFac;
// Salt
byte[] salt = {
(byte)0xc7, (byte)0x73, (byte)0x21, (byte)0x8c,
(byte)0x7e, (byte)0xc8, (byte)0xee, (byte)0x99
// Iteration count
int count = 20;
// Create PBE parameter set & a SecretKey
pbeParamSpec = new PBEParameterSpec(salt, count);
SecretKey pbeKey;
// Use our own encryption password.
// Collect the password as char array and convert
// it into a SecretKey object, using a PBE key
// factory.
char[] password = new String("cmuw-team5").toCharArray();
pbeKeySpec = new PBEKeySpec(password);
try {
keyFac = SecretKeyFactory.getInstance("PBEWithMD5AndDES");
pbeKey = keyFac.generateSecret(pbeKeySpec);
catch (NoSuchAlgorithmException e) {
throw new SecurityException("Can't collect password as a char array");
catch (InvalidKeySpecException e) {
throw new SecurityException("Can't convert password into a SecretKey Object");
// Create PBE Cipher
Cipher pbeCipher;
try {
pbeCipher = Cipher.getInstance("PBEWithMD5AndDES");
catch(NoSuchAlgorithmException e) {
throw new SecurityException("Can't create a PBE Cipher, no such algorithm");
catch(NoSuchPaddingException e) {
throw new SecurityException("Can't create a PBE Cipher, no such padding");
// Initialize PBE Cipher with key and parameters
if (mode == "encrypt") {
try {
pbeCipher.init(Cipher.ENCRYPT_MODE, pbeKey, pbeParamSpec);
catch(InvalidKeyException e) {
throw new SecurityException("Can't initialize PBE Cipher with key");
catch(InvalidAlgorithmParameterException e) {
throw new SecurityException("Can't initialize PBE Cipher with parameters");
if (mode == "decrypt") {
try {
pbeCipher.init(Cipher.DECRYPT_MODE, pbeKey, pbeParamSpec);
catch(InvalidKeyException e) {
throw new SecurityException("Can't initialize PBE Cipher with key");
catch(InvalidAlgorithmParameterException e) {
throw new SecurityException("Can't initialize PBE Cipher with parameters");
return pbeCipher;
//Get encrypted passwords out of the ArrayList and update the database
private void updateAllPasswords(ArrayList aoUpdatePasswordList) throws
PETDBException {
DataService dataService = new DataService();
Iterator getEncryptPassword = aoUpdatePasswordList.iterator();
String lsUpdatePassword = new String();
String lsUserName = new String();
Statement stmt;
DBConnection dbCon = DBConnection.createConnection();
Connection con = dbCon.getConnection();
try {
stmt = con.createStatement();
System.out.println(stmt);
catch (SQLException sql) {
String sqlError = sql.getMessage();
System.out.println(sqlError);
throw new PETDBException(sqlError);
while (getEncryptPassword.hasNext()) {
UserDO loUser = (UserDO) getEncryptPassword.next();
lsUpdatePassword = loUser.getPassword();
lsUserName = loUser.getLoginName();
String allUpdatePassword = " UPDATE " + DBColumns.USER + " SET " +
DBColumns.USPASSWD + " = " + "'" + lsUpdatePassword + "'" + " WHERE "
+ DBColumns.USLOGINNAME + " = " + "'" + lsUserName + "'";
System.out.println(allUpdatePassword);
try {
int returnValue = stmt.executeUpdate(allUpdatePassword);
System.out.println(returnValue);
catch (SQLException sql) {
String sqlError = sql.getMessage();
throw new PETDBException(sqlError);
try {
con.commit();
con.close();
catch (SQLException sql) {
String sqlError = sql.getMessage();
throw new PETDBException(sqlError);
Thanks for the prompt response! I got this example
from the Sun Java cryptography extensions web page at:
http://java.sun.com/j2se/1.4.2/docs/guide/security/jce/
CERefGuide.html#PBEExThe code I'm pointing out did not come from there. Nowhere in Sun's examples do you see them creating Strings directly from ciphertext. (Which is good, because if you did, their examples wouldn't work). To give some more context on where the problem is:private ArrayList encryptAllPasswords(ArrayList aoPasswordList) throws SecurityEncryptionException {
// Encrypt the password
Cipher pbeCipher = getCipher("encrypt");
Iterator passwordIterator = aoPasswordList.iterator();
UserDO loUserDO = new UserDO();
try {
while (passwordIterator.hasNext()) {
loUserDO = (UserDO) passwordIterator.next();
String lsPassword = loUserDO.getPassword();
byte[] clearTextPassword = lsPassword.getBytes();
byte[] cipherText = pbeCipher.doFinal(clearTextPassword);
// DOING THE FOLLOWING TO CIPHERTEXT TURNS IT INTO GARBAGE!
String cipherString = new String(cipherText);
loUserDO.setPassword(cipherString);
System.out.println(cipherString);
} catch (IllegalBlockSizeException e) {
throw new SecurityException("Can't encrypt password, illegal block size");
} catch (BadPaddingException e) {
throw new SecurityException("Can't encrypt password, bad padding");
System.out.println(aoPasswordList);
return aoPasswordList;
}(Note: Please use the [ code ] tags when you post code - it makes it MUCH easier to figure out what you're doing.)
Also, my decryption code in the UserManager class does
work for two out of 8 users....I can't really figure
out why it's working for Only 2 users, and not the
rests. It's possible that the ciphertext is successfully string-able in those two cases (although I doubt it). But I can absolutely guarantee to you that trying to treat ciphertext as a String will turn your ciphertext into grabage, and that will result in a BadPaddingException when you decrypt. You need to stop doing that.
If you need to treat ciphertext or keys as Strings, the right way to do it is to Base64-encode the byte[] into a String, and then Base64-decode when you want to decrypt.
Grant
Similar Messages
-
Given final block not properly padded : PLEASE HELP!!
hi guys
please can you help me with the following error that i am getting.
i appear to be encyrpting ok as image a am readin in and the file reading out are the same size.
but i am getting this pading error. been at it all day and cant find the answer to this error.
Exception: javax.crypto.BadPaddingException: Given final block not properly padd
ed
javax.crypto.BadPaddingException: Given final block not properly padded
at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
at com.sun.crypto.provider.AESCipher.engineDoFinal(DashoA13*..)
at javax.crypto.Cipher.doFinal(DashoA13*..)
at Securitytest.decrypt(Securitytest.java:208)
at Securitytest.byteConvert(Securitytest.java:117)
at Securitytest.main(Securitytest.java:265)
the code i am using is the following. please help me i am going mad! the iv is the same for reading in and out and the secret key appears to be the same.
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.PrintStream;
import java.security.interfaces.RSAPrivateKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.RSAPrivateKeySpec;
import javax.imageio.stream.FileImageInputStream;
import java.security.*;
import java.io.*;
import javax.crypto.*;
import javax.crypto.spec.*;
import sun.misc.*;
import java.lang.*;
public class Securitytest{
public static void imageConvert( ) throws Exception {
try{
System.out.println("please select the file to encrypt");
BufferedReader fileInput = new BufferedReader(new InputStreamReader(System.in));
String filetoread = null;
filetoread = fileInput.readLine();
System.out.println("please select the file to save to");
BufferedReader fileOutput = new BufferedReader(new InputStreamReader(System.in));
String filetostore = null;
filetostore = fileOutput.readLine();
FileImageInputStream input = new FileImageInputStream(new File(filetoread));
ByteArrayOutputStream output = new ByteArrayOutputStream();
PrintStream stream = new PrintStream(output);
byte[] buffer = new byte[1024];
byte[] data = null;
int numberBytesRead = 0;
while ((numberBytesRead = input.read(buffer)) != -1)
output.write(buffer, 0, numberBytesRead);
data = output.toByteArray();
System.out.println("encrytped" + buffer);
System.out.println("going to encrypt");
byte[] imageOutput = encrypt(data);
System.out.println("back to imageconvert");
System.out.println("encrytped" + buffer);
FileOutputStream imageOut = new FileOutputStream(new File(filetostore));
imageOut.write(imageOutput,0,imageOutput.length);
imageOut.close();
//BASE64Encoder encoder = new BASE64Encoder();
//String enc = encoder.encodeBuffer(imageOutput);
//FileWriter fw = new FileWriter(filetostore);
FileOutputStream fos = new FileOutputStream(filetostore);
fos.write(imageOutput);
fos.close();
System.out.println("sent to file");
output.close();
input.close();
} catch(Exception ex) {
System.out.println("Exception: " + ex);
ex.printStackTrace();
public static void byteConvert()throws Exception{
try{
System.out.println("please select the file to decrypt");
BufferedReader fileInput = new BufferedReader(new InputStreamReader(System.in));
String filetoread = null;
filetoread = fileInput.readLine();
System.out.println("please select the file to save to");
BufferedReader fileOutput = new BufferedReader(new InputStreamReader(System.in));
String filetostore = null;
filetostore = fileOutput.readLine();
FileInputStream fis = new FileInputStream(filetoread);
byte[] decrypt = new byte[fis.available()];
fis.read(decrypt);
fis.close();
//String dec = new String(decrypt);
//BASE64Decoder decoder = new BASE64Decoder();
//byte[] byteSeed = decoder.decodeBuffer(dec);
// FileInputStream input = new FileInputStream(new File(filetoread));
// ByteArrayOutputStream inStream = new ByteArrayOutputStream();
// PrintStream stream = new PrintStream(inStream);
// PrintStream stream = new PrintStream(input);
// BASE64Decoder decoder = new BASE64Decoder();
// String dec = decoder.decodeBuffer(stream);
// String dec = new String(stream);
// byte[] decryptionBytes = inStream;
// byte[] s = decrypt(dec);
// decryptionBytes =(byte [])stream.readStream();
// stream.close();
// for(int i=0; i < decryptionBytes.length; i++)
// System.out.print(decryptionBytes);
byte[] imageOutput = decrypt(decrypt);
//byte[] imageOutput = decrypt(decrypt);
FileOutputStream imageOut = new FileOutputStream(new File(filetostore));
imageOut.write(imageOutput,0,imageOutput.length);
imageOut.close();
}catch(Exception ex) {
System.out.println("Exception: " + ex);
ex.printStackTrace();
//new being used for AES
public static byte[] encrypt(byte[] imageBytes) throws Exception {
byte[] iv = new byte[] {(byte)0x2A, (byte)0x98, (byte)0xB2, (byte)0xBA, (byte)0x99, (byte)0xC0,
(byte)0xF1, (byte)0x22, (byte)0x72, (byte)0x54, (byte)0xBC,
(byte)0xB5, (byte)0x34, (byte)0x2F, (byte)0xBA, (byte)0xC4};
byte[] encrypte = new byte[imageBytes.length];
//System.out.println("Imagebyte length: " + imageBytes.length);
System.out.println("in encrypt");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
SecretKey secretKeySpec = AESkeyGeneration();
//IvParameterSpec ivSpec = new IvParameterSpec();
//Cipher.getIV()
System.out.println("read out" + secretKeySpec);
//IvParameterSpec iv = new IvParameterSpec(IV_BYTE_ARRAY);
cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, new IvParameterSpec (iv));
//byte[] encrypted = cipher.doFinal(imageBytes);
FileOutputStream fos = new FileOutputStream("c:/text.txt");
CipherOutputStream cOut = new CipherOutputStream(fos, cipher);
// Your plaintext MUST be multiple of 16 bytes because NoPadding requires your input text
// to be a multiple of block size.
cOut.write(imageBytes);
cOut.close();
return cipher.doFinal(imageBytes);
//return encrypted;
public static byte[] decrypt(byte[] bytesIn) throws Exception{
byte[] iv = new byte[] {(byte)0x2A, (byte)0x98, (byte)0xB2, (byte)0xBA, (byte)0x99, (byte)0xC0,
(byte)0xF1, (byte)0x22, (byte)0x72, (byte)0x54, (byte)0xBC,
(byte)0xB5, (byte)0x34, (byte)0x2F, (byte)0xBA, (byte)0xC4};
System.out.println("in decrypt");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
System.out.println("cipher instance");
SecretKey secretKeySpec = AESkeyGeneration();
System.out.println("key" + secretKeySpec);
System.out.println("keyRead in");
//PrivateKey prvk = loadPrvkey();
System.out.println("read out" + secretKeySpec);
cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, new IvParameterSpec (iv));
System.out.println("Decrypt mode");
return cipher.doFinal(bytesIn);
//byte[] decodeData= cipher.doFinal(bytesIn);
//return decodeData;
private static SecretKeySpec AESkeyGeneration() {
SecretKeySpec secretKeySpec = null;
try {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128);
SecretKey skey = kgen.generateKey();
byte[] key = skey.getEncoded();
secretKeySpec = new SecretKeySpec(key, "AES");
FileOutputStream fosKey = new FileOutputStream ("c:/AES.key");
fosKey.write (key);
fosKey.close();
}catch(Exception e) {
System.out.println("error in keygen = "+e);
return secretKeySpec;
public static void main (String[] unused) throws Exception {
System.out.println("***********************************************");
System.out.println("*** Biometric Encrytion Program ***");
System.out.println("***********************************************");
System.out.println("Please select a process");
System.out.println("e for encryption ");
System.out.println("d for decrytion");
boolean choose = false;
BufferedReader userInput = new BufferedReader(new InputStreamReader(System.in));
String choice = null;
choice = userInput.readLine();
if (choose = choice.equals("e")){
imageConvert();
System.out.println("Encryption");
else
System.out.println("Decryption");
byteConvert();
}sorry i misinterepreted something. that program failured for some input only
-
BadPaddingException: Given final block not propertly padded -- Help Please
I keep getting --Exception in thread "main" javax.crypto.BadPaddingException: Given final block not properly padded.
I know the problem lies with me writing to the encrypted text file or at some point when I'm actually reading it. Here's the code of these points......
ciph.init(Cipher.ENCRYPT_MODE, skeySpec);
/* The encryption begins */
byte[] textBytesEncrypted = ciph.doFinal(textBytes);
String bText = Base64.encodeBytes(textBytesEncrypted);
// pw is a PrintWriter, I've also tried to use a FileOutputStream object
// and write the entire byte array to a data file (without converting to
// a String -- but that also resulted with the same exception being
// thrown
pw.write(bText);
pw.close();
public void decryptFile()
throws IOException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException,
IllegalBlockSizeException, BadPaddingException
/* These lines will be writing and reading to the files */
FileInputStream in = new FileInputStream(new File("C://outfile.txt"));
PrintWriter pw = new PrintWriter(new File("C://outfile3.txt"));
boolean done = false;
int i = 0;
ArrayList<Byte> bytearr = new ArrayList<Byte>();
/* This loop places each of the bytes into an Array List, I'm using this because of the
automatic resizing */
while(!done)
int next = in.read();
if(next == -1) done = true;
else{
bytearr.add(i, (byte)next);
i++;
/* This variable retrieves the size of the array list in which the array will be set to */
int length = bytearr.size();
byte[] textBytes = new byte[length];
/* This loop will move the Array List of bytes into the above array of bytes for future use */
for(int j=0; j<length; j++)
textBytes[j] = bytearr.get(j);
ciph.init(Cipher.DECRYPT_MODE, skeySpec);
/* The encryption begins */
byte[] textBytesEncrypted = ciph.doFinal(textBytes);
String text= new String(textBytesEncrypted);
pw.write(text);
in.close();
pw.close();
Any help would be greatly appreciated.You have not really supplied enough code to say exactly what is wrong BUT I would bet it is because you are treating files as containing chars and lines instead of just bytes.
My suggestion - read the input files as bytes and encrypt/decrypt using CipherInputStream. -
Unexpected Expection in perform: Given final block not properly padded
Hi folks,
I am trying to encrypt some data and passing through the url and getting it back and decrypting it. But it's working every time and some times it's giving the below exception.
Unexpected Expection in perform: Given final block not properly padded
javax.crypto.BadPaddingException: Given final block not properly padded
Here is the code i am using to encrypt and decrypt it..
SecretKey key = EncryptDecrypt.getHardCodedKey();
String encriptedCSID = EncryptDecrypt.encryptString(key, Integer.toString(customerId));
String encriptedAgreementId = EncryptDecrypt.encryptString(key, Integer.toString(agreementId));
Here are the other methods tooo
public static String encryptString(SecretKey key, String input) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalStateException, IllegalBlockSizeException, BadPaddingException, UnsupportedEncodingException {
Cipher cipher = Cipher.getInstance("DESede");
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] inputBytes = input.getBytes();
byte[] encryptedBytes= cipher.doFinal(inputBytes);
String encryptedString = new sun.misc.BASE64Encoder().encode(encryptedBytes);
return URLEncoder.encode(encryptedString, "UTF-8");
//return encryptedString;
public static String decryptString(SecretKey key, String encryptedString) throws IOException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
// TODO Auto-generated method stub
String ka = URLDecoder.decode(encryptedString, "UTF-8");
byte[] encryptedBytes = new sun.misc.BASE64Decoder().decodeBuffer(ka);
Cipher cipher = Cipher.getInstance("DESede");
cipher.init(Cipher.DECRYPT_MODE, key);
byte[] recoveredBytes = cipher.doFinal(encryptedBytes);
String recoveredString = new String(recoveredBytes);
return recoveredString;
public static SecretKey getHardCodedKey() throws InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException {
byte[] keyBytes = { 37, -51, -14, -113, -2, 124, -50, -125, -2, 118, 28, 94, -45, -3, -125, 22, 93, 81, 91, -53, 124, 28, 31, 127 };
DESedeKeySpec keySpec = new DESedeKeySpec(keyBytes);
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DESede");
SecretKey key = keyFactory.generateSecret(keySpec);
return key;
SecretKey key = EncryptDecrypt.getHardCodedKey();
String decryptedCustomerID = EncryptDecrypt.decryptString(key, customerId);
String decryptedAgreementId = EncryptDecrypt.decryptString(key, agreementId);Could you please help me .. i didn't see any problem with it. some time it's giving problem and rest of the time it's working good.
Thanks,I am trying to use the Hex encoding. So when ran it as a java application which is working fine. And whn i incorporated the same in my code and deployed the ear.. i am getting this exception.
And i have included the jar file in the ear. I didn't understand wht's happeining.. any help?
4 gov.ed.telework.delegate.TeleworkDelegate - got RemoteException RemoteException occurred in server thread; nested exception is:
java.rmi.RemoteException: ; nested exception is:
java.lang.NoClassDefFoundError: org.apache.commons.codec.binary.Hex
10/09 12:12:49 execute 100 WebContainer : 4 gov.ed.telework.ui.EmpTeleworkAgreementAction - Unexpected Expection: Exception occurred.. Here is the modified code.
public static String encryptString(SecretKey key, String input) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalStateException, IllegalBlockSizeException, BadPaddingException, UnsupportedEncodingException {
Cipher cipher = Cipher.getInstance("DESede");
cipher.init(Cipher.ENCRYPT_MODE, key);
//byte[] inputBytes = input.getBytes();
byte[] inputBytes = input.getBytes("UTF-8");
byte[] encryptedBytes= cipher.doFinal(inputBytes);
//String encryptedString = new sun.misc.BASE64Encoder().encode(encryptedBytes);
String abc = org.apache.commons.codec.binary.Hex.encodeHexString(encryptedBytes);
return abc;
//return URLEncoder.encode(encryptedString, "UTF-8");
//return encryptedString;
public static String decryptString(SecretKey key, String encryptedString) throws IOException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, DecoderException {
// TODO Auto-generated method stub
byte abc[] = org.apache.commons.codec.binary.Hex.decodeHex(encryptedString.toCharArray());
//String ka = URLDecoder.decode(encryptedString, "UTF-8");
//byte[] encryptedBytes = new sun.misc.BASE64Decoder().decodeBuffer(ka);
Cipher cipher = Cipher.getInstance("DESede");
cipher.init(Cipher.DECRYPT_MODE, key);
//byte[] recoveredBytes = cipher.doFinal(encryptedBytes);
byte[] recoveredBytes = cipher.doFinal(abc);
//String recoveredString = new String(recoveredBytes);
String recoveredString = new String(recoveredBytes,"UTF-8");
return recoveredString;
}Thanks, -
Given final block not properly padded
I am working on an application that sends encrypted data over the network using Blowfish. I developed a simple server and client to test and I getting this error when I try to decrypt the cypher in the server. Here is what I do:
This happens on the client side:
I encrypt my message with this method
public byte[] encryptedMessage() throws Exception{
KeyGenerator keyGenerator = KeyGenerator.getInstance("Blowfish");
keyGenerator.init(128);
Key key = keyGenerator.generateKey();
Cipher cipher = Cipher.getInstance("Blowfish/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] plaintext = getMessage().getBytes("UTF8");
byte[] ciphertext = cipher.doFinal(plaintext);
return ciphertext;
}Then send it to the server like this:
//get my cypher from the method shown before
cipher = mc.encryptedMessage();
//put the cypher in this simple object
InformationShared cipherToSend = new InformationShared(cipher.length);
cipherToSend.setMessage(cipher);
//Send it accross through the network
Socket socket = new Socket("127.0.0.1",8085);
ObjectOutputStream out = new ObjectOutputStream(socket.getOutputStream());
out.writeObject(cipherToSend);This is what happens in the server side:
//Get the incoming object
ObjectInputStream in = new ObjectInputStream( incoming.getInputStream() );
//downcast the object
InformationShared cipherIn = (InformationShared)in.readObject();
//decypher the message in the decypher method
String result = decypher(cipherIn.getMessage());
//This is the decipher method
public String decypher(byte cipherIn[]) throws Exception{
KeyGenerator keyGenerator = KeyGenerator.getInstance("Blowfish");
keyGenerator.init(128); // need to initialize with the keysize
Key key = keyGenerator.generateKey();
Cipher ciph = Cipher.getInstance("Blowfish/ECB/PKCS5Padding");
ciph.init(Cipher.DECRYPT_MODE, key);
// Perform the decryption
byte[] decryptedText = ciph.doFinal(cipherIn);
String output = new String(decryptedText,"UTF8");;
return output;
}The error happens in the decypher method in this line:
byte[] decryptedText = ciph.doFinal(cipherIn);Thanks for any help!Hi
I am woriking on an web application that send Encrypted data over the network and stores into the databse.After that I want to retrieve that data from database then I want decrypt it by using DES.
After Encryting It is storing properly into the database but while retriving from database and want to decrypt it the It is giving exception like "javax.crypto.BadPaddingException: Given final block not properly padded"
For Encryption I am using one bean class tha are
package EncryptBean;
import java.util.*;
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import java.sql.*;
import java.security.*;
import java.security.spec.*;
import javax.crypto.spec.*;
import com.sun.crypto.provider.*;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.Cipher;
import java.security.NoSuchAlgorithmException;
import java.security.InvalidKeyException;
import java.security.InvalidAlgorithmParameterException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import sun.misc.BASE64Encoder;
import sun.misc.BASE64Decoder;
import javax.crypto.*;
public class DesEncrypterBean {
Cipher ecipher;
Cipher dcipher;
public DesEncrypterBean(SecretKey key) {
try {
ecipher = Cipher.getInstance("DES");
dcipher = Cipher.getInstance("DES");
ecipher.init(Cipher.ENCRYPT_MODE, key);
dcipher.init(Cipher.DECRYPT_MODE, key);
} catch(javax.crypto.NoSuchPaddingException e)
{System.out.println("NoSuchPaddingException : "+e);
} catch (java.security.NoSuchAlgorithmException e)
{System.out.println("NoSuchAlgorithmException : "+e);
} catch (java.security.InvalidKeyException e)
{System.out.println("InvalidKeyException : "+e); }
public String encrypt(String str) {
try {
// Encode the string into bytes using utf-8
byte[] utf8 = str.getBytes("UTF8");
// Encrypt
byte[] enc = ecipher.doFinal(utf8);
// Encode bytes to base64 to get a string
return new sun.misc.BASE64Encoder().encode(enc);
} catch (javax.crypto.BadPaddingException e) {
System.out.println("encrypt BadPaddingException : "+e);
} catch (IllegalBlockSizeException e) {
System.out.println(" encrypt IllegalBlockSizeException : "+e);
} catch (UnsupportedEncodingException e) {
System.out.println("encrypt UnsupportedEncodingException : "+e);
} catch (java.io.IOException e) {
System.out.println("encrypt IOException : "+e);
} return null;
public String decrypt(String str) {
try {
// Decode base64 to get bytes
// byte[] utf8 = str.getBytes("UTF8");
byte[] dec = new sun.misc.BASE64Decoder().decodeBuffer(str);
// Decrypt
byte[] utf8 = dcipher.doFinal(dec);
// Decode using utf-8
return new String(utf8, "UTF8");
} catch (javax.crypto.BadPaddingException e)
{System.out.println("encrypt BadPaddingException : "+e);
} catch (IllegalBlockSizeException e) {
System.out.println("encrypt IllegalBlockSizeException : "+e);
} catch (UnsupportedEncodingException e) {
System.out.println("encrypt UnsupportedEncodingException : "+e);
}catch (java.io.IOException e) {
System.out.println("encrypt IOException : "+e);
return null;
** By using bellow screen I am retrieving the data from screen and encrypting it and sended to the database I is working properly
import EncryptBean.DesEncrypterBean;
import java.util.*;
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import java.sql.*;
import java.security.*;
import java.security.spec.*;
import javax.crypto.spec.*;
import com.sun.crypto.provider.*;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.Cipher;
import java.security.NoSuchAlgorithmException;
import java.security.InvalidKeyException;
import java.security.InvalidAlgorithmParameterException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import sun.misc.BASE64Encoder;
import javax.crypto.*;
public class Secure_Encrypt extends HttpServlet
Connection con=null;
Statement stmt=null;
Cipher ecipher;
Cipher dcipher;
String uname=null,pwd=null;
ServletOutputStream sos;
SecretKey key=null;
public void doPost(HttpServletRequest req, HttpServletResponse res)throws ServletException,IOException
uname=req.getParameter("username"); pwd=req.getParameter("password");
try
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
con=DriverManager.getConnection("jdbc:odbc:GMT","sa","iqm");
stmt=con.createStatement();
sos=res.getOutputStream();
// Generate a temporary key. In practice, you would save this key.
// See also e464 Encrypting with DES Using a Pass Phrase.
key = KeyGenerator.getInstance("DES").generateKey();
// Create encrypter/decrypter class
DesEncrypterBean encrypter = new DesEncrypterBean(key);
// Encrypt
String encrypted = encrypter.encrypt(uname);
System.out.println("Don't tell anybody! "+encrypted);
stmt.execute("insert into Admin(UserName,Passward) values('"+encrypted+"','"+encrypted+"')");
System.out.println("......record saved");
sos.println("Record Saved : "+encrypted);
catch(Exception e)
{System.out.println("Exception in login" +e);}
In above Programe Woking Properly
** Bellow programe using for retrieving data from database.After retrieving data I want Decrypt it but not working properly
import EncryptBean.DesEncrypterBean;
import java.util.*;
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import java.sql.*;
import java.security.*;
import java.security.spec.*;
import javax.crypto.spec.*;
import com.sun.crypto.provider.*;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.Cipher;
import java.security.NoSuchAlgorithmException;
import java.security.InvalidKeyException;
import java.security.InvalidAlgorithmParameterException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import sun.misc.BASE64Encoder;
import javax.crypto.*;
public class Secure extends HttpServlet
Connection con=null;
Statement stmt=null;
Cipher ecipher;
Cipher dcipher;
String uname=null,pwd=null;
ServletOutputStream sos;
SecretKey key=null;
public void doPost(HttpServletRequest req, HttpServletResponse res)throws ServletException,IOException
try
{Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
con=DriverManager.getConnection("jdbc:odbc:GMT","sa","iqm");
stmt=con.createStatement();
ResultSet rs=stmt.executeQuery("select UserName,Passward from Admin");
while(rs.next())
uname=rs.getString(1);
pwd=rs.getString(2);
sos=res.getOutputStream();
// Generate a temporary key. In practice, you would save this key.
// See also e464 Encrypting with DES Using a Pass Phrase.
key = KeyGenerator.getInstance("DES").generateKey();
// Create encrypter/decrypter class
DesEncrypterBean encrypter = new DesEncrypterBean(key);
// Decrypt
uname=uname.trim();
String decrypted = encrypter.decrypt(uname);
System.out.println("Original message is! "+decrypted);
}catch(Exception e)
{System.out.println("Exception in login" +e);
In above Programe giving Exception " javax.crypto.BadPaddingException: Given final block not properly padded"
Please analyze my application and send me suitable solution for decryption
one more thing When I encrypting that time KeyGenerator generating one key.same as when I Decrypting that time also KeyGenerator generating one key but both are not same.
How can we generate both key are same -
"Given final block not properly padded" when using wrong secretKey
Hello guys, I browsed the questions in this forum regarding my problem, but somehow couldn't find a solution to this.
I generated two SecretKey key1 and key2. Now I'm using the Cipher class to encrypt a message to key1. If I try to decrypt it with key1, everything works fine. But if I try key2 I get the "Given final block not properly padded"-message in my exception backtrace instead of just unreadable stuff, which I excepted (using the wrong key). This happens regardless of the symetric algorithm I use.
Can you help me?
Thanks,
SebastianMost symmetric algorithms work on data of a given block-size. If your data isn't a multiple of that size, it's padded. This removes a clue that a cryptanalyst can use to try and break your encryption. At decrypt time, the Cipher expects to see padding-related bits at the end of the stream, so it knows how many pad-bits were stuck on to begin with. When the end of the stream doesn't match the expected padding-protocol, you get the exception noted.
Now - if you decode with the wrong key, you get junk. The chances of that junk ending with a valid padding-indicator is...small. So you're more likely to see "BadPadding" than a valid (if incorrect) plaintext.
You could use "NoPadding" on both ends, and do your own manipulation of the bit-stream to make the Cipher happy. Then, you wouldn't get BadPadding exceptions. But you'd have to write some pretty fiddly code on each end.
Anybody else want to double-check me on this? I'm away from my books at the moment. Floersh? Euxx?
Good luck,
Grant -
BadPaddingException while decripting Given final block not properly padded
Hi all,
i am using PBEWithMD5AndDES for encryption and decryption.it's working fine. but for some out onlyi am getting this error " BadPaddingException while decripting Given final block not properly padded". please help me to debug this error. my mail id is [email protected]... thanks in advance
public class Encrypter
// convert hashtable to string
public static String hashToStr(Hashtable hash)
RapidLogger.debug("||Encrypter||hashToStr||"+"Started ");
String strResult = new String();
try
Enumeration e = hash.keys();
while (e.hasMoreElements())
String tkey = (String) e.nextElement();
String tvalue = (String) hash.get(tkey);
strResult = strResult.concat("||").concat(tkey).concat("||").concat(tvalue);
catch(Exception e)
RapidLogger.error("Error ocurred while converting hashtable to string");
e.printStackTrace();
RapidLogger.debug("||Encrypter||hashToStr||"+"End ");
return strResult;
// convert string to hashtable
public static Hashtable strToHash(String str)
RapidLogger.debug("||Encrypter||strToHash||"+"Started ");
Hashtable ht = new Hashtable();
try
StringTokenizer st = new StringTokenizer(str,"||");
while (st.hasMoreTokens())
//System.out.println("Inside hash to string----> "+st.nextToken()+ st.nextElement() );
ht.put(st.nextToken(),st.nextToken());
catch(Exception e)
RapidLogger.error("Error ocurred while converting string to hashtable");
e.printStackTrace();
RapidLogger.debug("||Encrypter||strToHash||"+"End ");
return ht;
public static String encrypt(Hashtable ht)
RapidLogger.debug("||Encrypter||encrypt||"+"Started ");
try
Cipher ecipher;
// 8-byte Salt
byte[] salt = {
(byte)0xA9, (byte)0x9B, (byte)0xC8, (byte)0x32,
(byte)0x56, (byte)0x35, (byte)0xE3, (byte)0x03
// Iteration count
int iterationCount = 19;
// Create the key
String passPhrase = "Rendezvouzs@*&%!$";
KeySpec keySpec = new PBEKeySpec(passPhrase.toCharArray(), salt, iterationCount);
SecretKey key = SecretKeyFactory.getInstance(
"PBEWithMD5AndDES").generateSecret(keySpec);
ecipher = Cipher.getInstance(key.getAlgorithm());
// Prepare the parameter to the ciphers
AlgorithmParameterSpec paramSpec = new PBEParameterSpec(salt, iterationCount);
// Create the ciphers
ecipher.init(Cipher.ENCRYPT_MODE, key, paramSpec);
String param = new String();
if(!ht.isEmpty())
param = hashToStr(ht);
// Encode the string into bytes using utf-8
byte[] utf8 = param.getBytes("UTF8");
// Encrypt
byte[] enc = ecipher.doFinal(utf8);
// Encode bytes to base64 to get a string
RapidLogger.debug("||Encrypter||encrypt||"+"End ");
return new sun.misc.BASE64Encoder().encode(enc);
catch (javax.crypto.NoSuchPaddingException nspe)
RapidLogger.error("NoSuchPaddingException in constructor"+nspe.getMessage());
catch (java.security.spec.InvalidKeySpecException ikse)
RapidLogger.error("InvalidKeySpecException in constructor"+ikse.getMessage());
catch (java.security.NoSuchAlgorithmException nsae)
RapidLogger.error("NoSuchAlgorithmException in constructor"+nsae.getMessage());
catch (java.security.InvalidKeyException ike)
RapidLogger.error("InvalidKeyException in constructor"+ike.getMessage());
catch (java.security.InvalidAlgorithmParameterException iape)
RapidLogger.error("InvalidAlgorithmParameterException in constructor"+iape.getMessage());
catch (javax.crypto.BadPaddingException bpe)
RapidLogger.error("BadPaddingException while encripting "+bpe.getMessage());
catch (IllegalBlockSizeException ibse)
RapidLogger.error("IllegalBlockSizeException while encripting "+ibse.getMessage());
catch (UnsupportedEncodingException ue)
RapidLogger.error("UnsupportedEncodingException while encripting "+ue.getMessage());
catch (java.io.IOException ioe)
RapidLogger.error("IOException while encripting "+ioe.getMessage());
RapidLogger.debug("||Encrypter||encrypt||"+"End ");
return null;
public static Hashtable decrypt(String str)
RapidLogger.debug("||Encrypter||decrypt||"+"Started ");
try
Cipher dcipher;
// 8-byte Salt
byte[] salt = {
(byte)0xA9, (byte)0x9B, (byte)0xC8, (byte)0x32,
(byte)0x56, (byte)0x35, (byte)0xE3, (byte)0x03
// Iteration count
int iterationCount = 19;
// Create the key
String passPhrase = "Rendezvouzs@*&%!$";
KeySpec keySpec = new PBEKeySpec(passPhrase.toCharArray(), salt, iterationCount);
SecretKey key = SecretKeyFactory.getInstance(
"PBEWithMD5AndDES").generateSecret(keySpec);
dcipher = Cipher.getInstance(key.getAlgorithm());
// Prepare the parameter to the ciphers
AlgorithmParameterSpec paramSpec = new PBEParameterSpec(salt, iterationCount);
// Create the ciphers
dcipher.init(Cipher.DECRYPT_MODE, key, paramSpec);
// Decode base64 to get bytes
byte[] dec = new sun.misc.BASE64Decoder().decodeBuffer(str);
// Decrypt
byte[] utf8 = dcipher.doFinal(dec);
// Decode using utf-8
String decryptStr = new String(utf8, "UTF8");
Hashtable ht = new Hashtable();
ht = strToHash(decryptStr);
RapidLogger.debug("||Encrypter||decrypt||"+"End ");
return ht;
catch (javax.crypto.NoSuchPaddingException nspe)
RapidLogger.error("NoSuchPaddingException in constructor"+nspe.getMessage());
catch (java.security.InvalidKeyException ike)
RapidLogger.error("InvalidKeyException in constructor"+ike.getMessage());
catch (java.security.spec.InvalidKeySpecException ikse)
RapidLogger.error("InvalidKeySpecException in constructor"+ikse.getMessage());
catch (java.security.InvalidAlgorithmParameterException iape)
RapidLogger.error("InvalidAlgorithmParameterException in constructor"+iape.getMessage());
catch (java.security.NoSuchAlgorithmException nsae)
RapidLogger.error("NoSuchAlgorithmException in constructor"+nsae.getMessage());
catch (javax.crypto.BadPaddingException bpe)
RapidLogger.error("BadPaddingException while decripting "+bpe.getMessage());
catch (IllegalBlockSizeException ibe)
RapidLogger.error("IllegalBlockSizeException while decripting "+ibe.getMessage());
catch (UnsupportedEncodingException ue)
RapidLogger.error("UnsupportedEncodingException while decripting "+ue.getMessage());
catch (java.io.IOException ioe)
RapidLogger.error("IOException while decripting "+ioe.getMessage());
RapidLogger.debug("||Encrypter||decrypt||"+"End ");
return null;
regards,
Rajasorry i misinterepreted something. that program failured for some input only
-
Restart fixes BadPaddingException: Given final block not properly padded ??
(I have seen quite a few posts on this and other forums regarding BadPaddingExceptions, however all of them seem to be easily reproducible. This one is random and has been impossible for us to reproduce in a test environment.)
Anyone have any idea why we might encounter this problem during decryption (e.g cipher.doFinal(<base64 encoded byte[]>) ) , but restarting the JVM clears it up?
Once it starts happening, all decryption fails with "BadPaddingException: Given final block not properly padded"
and once we restart the JVM, all is well again.
We are currently running j2sdk1.4.2_04 and are using PBEWithMD5AndDES.
Any help is much appreciated,
-MarcI have plenty of ideas for what is wrong but why should I enumerate them. It would be much quicker if you posted (using [code] tags) your encryption and decryption code.
Edited by: sabre150 on Nov 29, 2007 12:09 PM -
Exception: Given final block not properly padded
Hi,
I generated an password encrypted RSA private key using the following openssl command.
openssl pkcs8 -topk8 -in private.pem -outform DER -out private.der -v2 des3
I am using the following piece of code to decrypt private.der using a password entered by the user.
For now, I assume that the password is of 24 bytes long.
1. The following method throws an exception saying "Given final block not properly padded."
How can I fix it?
2. Since private.der is created by openssl, I didn't provide salt and iv paramters.
Are they embedded in the file itself?
Does the objects in the following method takes care of them automatically?
Thanks.
public byte[] readDES3EncryptedPrivateKey2(final String password,
final String privateKeyFilePath)
throws Exception
File privateKeyFile = new File(privateKeyFilePath);
byte[] encryptedPrivateKey = FileUtils.readFileToByteArray(privateKeyFile);
final byte[] passwordInBytes = password.getBytes("UTF-8");
DESedeKeySpec keySpec = new DESedeKeySpec(passwordInBytes);
SecretKey key = SecretKeyFactory.getInstance(DES3).generateSecret(keySpec);
javax.crypto.EncryptedPrivateKeyInfo epki = new javax.crypto.EncryptedPrivateKeyInfo(
encryptedPrivateKey);
AlgorithmParameters ap = epki.getAlgParameters();
des3Cipher.init(Cipher.DECRYPT_MODE, key, ap);
// Error: Given final block not properly padded
return des3Cipher.doFinal(epki.getEncryptedData());
}I've run into similar things. Have you tried padding the data you are trying decrypt to the block size of DES3?
-
Javax.crypto.BadPaddingException: Given final block not properly padded
import java.security.*;
import javax.crypto.*;
public class Cryptographer
private final String DEFAULT_KEY="1111111111111111";
private String KEY;
public Cryptographer(String key)
if((key==null)||key.equals(""))
this.KEY = DEFAULT_KEY;
else
this.KEY = key;
public byte[] encrypt(String toEncrypt)
if((toEncrypt==null)||(toEncrypt.trim().equals("")))
return null;
try
return DESEncrypt(toEncrypt,KEY);
catch(Exception e)
e.printStackTrace();
return null;
public String decrypt(byte[] bytes)
if(bytes==null)
return null;
try
return DESDecrypt(bytes,KEY);
catch(Exception e)
e.printStackTrace();
return null+"hi";
public String ToMac(byte[] bytes,String key)
if(bytes==null)
return null;
try
return getMac(bytes,KEY);
catch(Exception e)
return null;
private byte[] DESEncrypt(String toEncrypt, String key)
throws Exception
// create a binary key from the argument key (seed)
SecureRandom sr = new SecureRandom(key.getBytes("UTF-8"));
KeyGenerator kg = KeyGenerator.getInstance("DES");
kg.init(56,sr);
SecretKey sk = kg.generateKey();
// do the encryption with that key
Cipher cipher = Cipher.getInstance("DES");
//DES/CFB8/NOPadding;DES/OFB32/PKCS5Padding;DESEDE/ECB/PKCS5Padding;DES/ECB/NOPadding==DES
cipher.init(Cipher.ENCRYPT_MODE, sk);
byte[] encrypted = cipher.doFinal(toEncrypt.getBytes("UTF-8"));
return new sun.misc.BASE64Encoder().encode(encrypted).toUpperCase().getBytes();
//return encrypted;
private String DESDecrypt(byte[] toDecrypt, String key)
throws Exception
// create a binary key from the argument key (seed)
SecureRandom sr = new SecureRandom(key.getBytes("UTF-8"));
KeyGenerator kg = KeyGenerator.getInstance("DES");
kg.init(56,sr);
SecretKey sk = kg.generateKey();
// do the decryption with that key
Cipher cipher = Cipher.getInstance("DES");
cipher.init(Cipher.DECRYPT_MODE, sk);
byte[] decrypted = cipher.doFinal(toDecrypt);
return new sun.misc.BASE64Encoder().encode(decrypted).toUpperCase();
//return new String(decrypted,"UTF-8");
//create mac String; byte[] to be maced
private String getMac(byte[] bytes,String key)
byte[] bmac =null;
try
// create a binary key from the argument key (seed)
SecureRandom sr = new SecureRandom(key.getBytes());
KeyGenerator kg = KeyGenerator.getInstance("DES");
kg.init(56,sr);
SecretKey sk = kg.generateKey();
Mac mac = Mac.getInstance("HmacMD5");
//HmacMD5;HmacSHA1;PBEWith<mac> e.g PBEWithHmacSHA1
mac.init(sk);
bmac = mac.doFinal(bytes);
catch(Exception e)
e.printStackTrace();
return new String(bmac);
public String byte2hex(byte[] b) //��������������
String hs="";
String stmp="";
for (int n=0;n<b.length;n++)
stmp=(java.lang.Integer.toHexString(b[n] & 0XFF));
if (stmp.length()==1) hs=hs+"0"+stmp;
else hs=hs+stmp;
if (n<b.length-1) hs=hs+"";
return hs.toUpperCase();
public static void main(String args[])
throws Exception
String key = new String("1111111111111111");
Cryptographer c = new Cryptographer(key); //use key to initialize the class
String str = new String("4A6C98EAEF14EAB6");
byte[] b = c.encrypt(str); //to encrypt data
System.out.println(b.length);
System.out.println("Encrypted data:"+new String(b)+":"+new String(c.byte2hex(b))); //println Encrypt data
String st = c.decrypt(str.getBytes()); //to decrypt data
System.out.println(st.getBytes().length);
System.out.println(st.length());
System.out.println("Decrypted data:"+st+":"+c.byte2hex(st.getBytes())); //println decrypt data
please help me! thaxOne: Use the [ code ] tags. Please. It'll only help you get answers.
Two: encrypt() is returning the getBytes() of the result of Base64'ing the ciphertext. Bad. The whole POINT to Base64 is to produce Strings from byte[]'s. Don't use Base64 to produce a byte[]. Change encrypt() to return the byte[] directly.
Three: Given that encrypt() is returning the byte[] from the Base64 - decrypt() needs to be ready to UNDO that. It isn't. decrypt() assumes the byte[] it's getting is the ciphertext. That's not what you're giving to it. It's very, very unhappy.
Four: your main() isn't even handing decrypt() the (bogus) return from encrypt(). Your main() is asking decrypt() to decrypt your plaintext. That trick never works...
Five: your choice of variable names in your main() is...suboptimal. If you'd chosen names that reflected the purpose of the variable (things like, say, 'plaintext' and 'ciphertext'), some of this would have been obvious.
Try the following:import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
public class Cryptographer {
private final String DEFAULT_KEY = "1111111111111111";
private String KEY;
public Cryptographer(String key) {
if ((key == null) || key.equals("")) {
this.KEY = DEFAULT_KEY;
} else {
this.KEY = key;
public byte[] encrypt(String toEncrypt) {
if ((toEncrypt == null) || (toEncrypt.trim().equals("")))
return null;
try {
return DESEncrypt(toEncrypt, KEY);
} catch (Exception e) {
e.printStackTrace();
return null;
public String decrypt(byte[] bytes) {
if (bytes == null)
return null;
try {
return DESDecrypt(bytes, KEY);
} catch (Exception e) {
e.printStackTrace();
return null +"hi";
public String ToMac(byte[] bytes, String key) {
if (bytes == null)
return null;
try {
return getMac(bytes, KEY);
} catch (Exception e) {
return null;
private byte[] DESEncrypt(String toEncrypt, String key) throws Exception {
// create a binary key from the argument key (seed)
SecureRandom sr = new SecureRandom(key.getBytes("UTF-8"));
KeyGenerator kg = KeyGenerator.getInstance("DES");
kg.init(56, sr);
SecretKey sk = kg.generateKey();
// do the encryption with that key
Cipher cipher = Cipher.getInstance("DES");
//DES/CFB8/NOPadding;DES/OFB32/PKCS5Padding;DESEDE/ECB/PKCS5Padding;DES/ECB/NOPadding==DES
cipher.init(Cipher.ENCRYPT_MODE, sk);
byte[] encrypted = cipher.doFinal(toEncrypt.getBytes("UTF-8"));
return encrypted;
private String DESDecrypt(byte[] toDecrypt, String key) throws Exception {
// create a binary key from the argument key (seed)
SecureRandom sr = new SecureRandom(key.getBytes("UTF-8"));
KeyGenerator kg = KeyGenerator.getInstance("DES");
kg.init(56, sr);
SecretKey sk = kg.generateKey();
// do the decryption with that key
Cipher cipher = Cipher.getInstance("DES");
cipher.init(Cipher.DECRYPT_MODE, sk);
byte[] decrypted = cipher.doFinal(toDecrypt);
return new String(decrypted,"UTF-8");
//create mac String; byte[] to be maced
private String getMac(byte[] bytes, String key) {
byte[] bmac = null;
try {
// create a binary key from the argument key (seed)
SecureRandom sr = new SecureRandom(key.getBytes());
KeyGenerator kg = KeyGenerator.getInstance("DES");
kg.init(56, sr);
SecretKey sk = kg.generateKey();
Mac mac = Mac.getInstance("HmacMD5");
//HmacMD5;HmacSHA1;PBEWith<mac> e.g PBEWithHmacSHA1
mac.init(sk);
bmac = mac.doFinal(bytes);
} catch (Exception e) {
e.printStackTrace();
return new String(bmac);
public String byte2hex(byte[] b) //��������������
String hs = "";
String stmp = "";
for (int n = 0; n < b.length; n++) {
stmp = (java.lang.Integer.toHexString(b[n] & 0XFF));
if (stmp.length() == 1)
hs = hs + "0" + stmp;
else
hs = hs + stmp;
if (n < b.length - 1)
hs = hs + "";
return hs.toUpperCase();
public static void main(String args[]) throws Exception {
String key = new String("1111111111111111");
Cryptographer c = new Cryptographer(key); //use key to initialize the class
String str = new String("Hello world!");
byte[] ciphertext = c.encrypt(str); //to encrypt data
System.out.println(ciphertext.length);
System.out.println("Encrypted data:" + new String(c.byte2hex(ciphertext )));
String plaintext = c.decrypt(ciphertext ); //to decrypt data
System.out.println(plaintext.getBytes().length);
System.out.println(plaintext.length());
System.out.println("Decrypted data:" + plaintext ); //println decrypt data
}And please, please, PLEASE use the [ code ] tags...
Grant -
BadPaddingException: Given final block not properly padded
Hi,
Can someone please tell me what's going on??
When I call c.doFinal(byte[]) and the length of my byte array is 512, I get a BadPaddingException. However, when I make the same call and my byte array's length is 504, everything is fine. Both are multiples of 8, so I don't understand why this is happening. Thanks in advance!!!
Colinhere's my jsp code:
<%!
public class Crypto{
Cipher ecipher;
Cipher dcipher;
public Crypto(SecretKey key) throws SecurityException {
try {
ecipher = Cipher.getInstance("DES");
dcipher = Cipher.getInstance("DES");
ecipher.init(Cipher.ENCRYPT_MODE, key);
dcipher.init(Cipher.DECRYPT_MODE, key);
} catch (javax.crypto.NoSuchPaddingException e) {
} catch (java.security.NoSuchAlgorithmException e) {
} catch (java.security.InvalidKeyException e) {
public String encrypt(String str) {
try {
// Encode the string into bytes using utf-8
byte[] utf8 = str.getBytes("UTF8");
// Encrypt
byte[] enc = ecipher.doFinal(utf8);
// Encode bytes to base64 to get a string
return new sun.misc.BASE64Encoder().encode(enc);
} catch (javax.crypto.BadPaddingException e) {
} catch (IllegalBlockSizeException e) {
} catch (UnsupportedEncodingException e) {
} catch (java.io.IOException e) {
return null;
public String decrypt(String str) {
try {
// Decode base64 to get bytes
byte[] dec = new sun.misc.BASE64Decoder().decodeBuffer(str);
// Decrypt
byte[] utf8 = dcipher.doFinal(dec);
// Decode using utf-8
return new String(utf8, "UTF8");
} catch (javax.crypto.BadPaddingException e) {
System.out.println("error 1"+e);
} catch (IllegalBlockSizeException e) {
System.out.println("error 2");
} catch (UnsupportedEncodingException e) {
System.out.println("error 3");
} catch (java.io.IOException e) {
System.out.println("error 4");
return null;
}// end of class crypto
%>
<body>
<%
try{
SecretKey key = KeyGenerator.getInstance("DES").generateKey();
// Create encrypter/decrypter class
Crypto crypto = new Crypto(key);
// Decrypt
System.out.println("@@@@@ pwd from dbase = "+pwd);
String decrypted = crypto.decrypt(pwd);
String encrypted = crypto.encrypt(password);
System.out.println("@@@@@ pwd from url encrypted = "+encrypted);
System.out.println("###### decrypted = "+decrypted);
}catch(Exception e){}
%>
</body> -
Given final block not properly not padded.....when given wrong password....
hi..........sir
when i am executing the following code..with wrong password....i am getting the BadPaddingException:Given final block not properly padded............
plz help me to solve this one with the solution.
I am doing my final project .....i am implementing an security protocol....
here is thecode...
String pw=JOptionPane.showInputDialog("enter the password string");
byte[] pwb=new byte[pw.getBytes().length];
pwb=pw.getBytes();
String msg=JOptionPane.showInputDialog(null,"enter the message");
byte[] msgb=new byte[msg.getBytes().length];
msgb=msg.getBytes();
try
PBEKeySpec ks=new PBEKeySpec(pw.toCharArray());
SecretKeyFactory skf= SecretKeyFactory.getInstance("PBEWithMD5AndDES");
SecretKey ky=skf.generateSecret(ks);
MessageDigest md=MessageDigest.getInstance("MD5");
md.update("srikrishna".getBytes());byte[] digest=md.digest();
byte salt[]=new byte[8];
for(int i=0;i<8;i++)
salt=digest[i];
PBEParameterSpec ps=new PBEParameterSpec(salt,20);
Cipher cf=Cipher.getInstance("PBEWithMD5AndDES");
cf.init(Cipher.ENCRYPT_MODE,ky,ps);
byte[]thCp=cf.doFinal(msgb);
for(int i=0;i<thCp.length;i++)
System.out.print((char)thCp[i]);
System.out.println("\n\n");
String pwbs=JOptionPane.showInputDialog("enter the password string");
byte[] pwbsb=new byte[pwbs.getBytes().length];
pwbsb=pwbs.getBytes();
PBEKeySpec ks1=new PBEKeySpec(pwbs.toCharArray());
SecretKeyFactory skf1= SecretKeyFactory.getInstance("PBEWithMD5AndDES");
SecretKey ky1=skf1.generateSecret(ks1);
MessageDigest md1=MessageDigest.getInstance("MD5");
md1.update("srikrishna".getBytes());byte[] digest1=md1.digest();
byte salt1[]=new byte[8];
for(int i=0;i<8;i++)
salt1[i]=digest1[i];
PBEParameterSpec ps1=new PBEParameterSpec(salt1,20);
Cipher cf1=Cipher.getInstance("PBEWithMD5AndDES");
cf1.init(Cipher.DECRYPT_MODE, ky1,ps1);
byte[]thPt=cf1.doFinal(thCp);
for(int i=0;i<thPt.length;i++)
System.out.print((char)thPt[i]);
catch(Exception e)
e.printStackTrace();
Thanks in Advance.............
Edited by: hareksna on Jan 12, 2009 4:36 PMhareksna wrote:
sir, thanks for reply.........
I understood .....
sorry if am asking u once again.......
for every encrypted data there will be an corresponding decrypted data.........even with the different key.....it shud produce some decrypted bytes.(even diff from plain text)......naa.....i.e it should produce the wrong plain text.......The encyption process -
cleartext (adding padding) padded cleartext (encrypting) ciphertext.
The decryption process -
ciphertext (decrypting) padded cleartext (remove padding) cleartext.
Even though it would be gibberish when the wrong key is used, you seem to want access to the 'padded cleartext' but using your code you do not have access to it. You could emulate the PBE process and get access to the 'padded cleartext' but what would be the point. You would just have gibberish when using the wrong key.
but y the exception......
ok ......and also tell me y this BPE is actually happens and how to avoid that when we use some padding.....
plz tell me the reason.............Start by reading "Applied Cryptography"by Bruce Schneier and then "Practical Cryptography" by Ferguson and Schneier.
>
so finally .........
u r saying that i need to catch the BPE and should inform client that he entered wrong password........
so i have to end up in the second step itself.....
is there any other way to perfom this one?......if there, plz let me know....if any alternative.....As I said earlier, the alternative is to emulate the PBE process yourself but what would be the point. You would just end up with gibberish if you use the wrong password.
P.S. You won't always get a bad padding exception if you use the wrong password. About 1in 256 you will just get gibberish as the result without the exception.
P.P.S. Your keyboard seems to have a problem with it's '.' key. In your place I would get it fixed because the perpetual '......' annoys the hell out of many people who respond to these forums.
P.P.P.S. Your 'caps' key seems to be intermittently broken. Please get if fixed.
P.P.P.P.S. You should turn off your computer's SMS mode. Using 'u' instead of 'you' makes your posts very difficult to read and it annoys the hell out of many people who respond to these forums. -
JWSDP 1.6 xws-security Simple fails with "block not properly padded"
Environment:
- Windows 2000
- Tomcat50-jwsdp
- JAVA_HOME=C:/Progra~1/Java/jdk1.5.0_05
- Security environment handler: SecurityEnvironmentHandler.java supplied with JWSDP 1.6 (Hello, Ron!)
I get the following in the Tomcat Window:
==== Received Message End ====
Nov 13, 2005 10:38:56 AM com.sun.org.apache.xml.internal.security.encryption.XMLCipher decryptKey
INFO: Decryption of key type http://www.w3.org/2001/04/xmlenc#tripledes-cbc OK
Nov 13, 2005 10:38:56 AM com.sun.xml.wss.impl.apachecrypto.DecryptionProcessor decryptElementWithCipher
SEVERE: WSS_ENC0004: Exception [ Given final block not properly padded ] while trying to decrypt message
Nov 13, 2005 10:38:56 AM com.sun.xml.wss.impl.filter.DumpFilter process
INFO: ==== Sending Message Start ====
<?xml version="1.0" encoding="UTF-8"?>
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:enc="http://schemas.xmlsoap.org/soap/enco
ding/" xmlns:ns0="http://xmlsoap.org/Ping" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.or
g/2001/XMLSchema-instance">
<env:Body>
<env:Fault>
<faultcode xmlns:ans1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">ans1:Fail
edCheck</faultcode>
<faultstring>Unable to decrypt message</faultstring>
</env:Fault>
</env:Body>
</env:Envelope>
==== Sending Message End ====
Please help!
GeorgeHi, I got the xws-security/samples/simple application
working successfully with my own keystores. I have 2
questions regarding this sample application.
1) When running the application with the
encrypt-server.xml and encrypt-client.xml
configuration, why is it necessary to import the
client's certificate into the server's truststore and
the server's certificate into client's truststore when
their certificates have already been signed by a
trusted root CA (e.g. Verisign), whose certificate is
in both truststores? Shouldn't their certificates
containing their public keys get automatically
exchanged during the connection request? It's a pain
to publish a web service and expect a manual public
certificate import for each client wanting to use the
service.Certificates are sent only when the keyReferenceType is "Direct" which is the default. It's possible that our code is checking the certificate sent with one found in the KeyStore, but a quick scan of the code doesn't show it. If that's what's happening it's a bug. All of the other key reference strategies send only a referece to the sender's certificate in which case the reciever must have a copy of that certificate in its keystore.
2) I use Tomcat to run the sample application and did
set up the SSL connector to point to the keystores.
When the client connects to the server, it uses a
http endpoint not https. I'm aware that htpps is
needed for SSL support but not clear on where does
https come into play during the client's
request/server's response process.We share the SSL keystore so that certificates don't have to be stored in more than one place. The functionality of XWS-Security and SSL is logically the same so it make sense to use the same keystore. XWS-Security operates completely separately from the transport and never knows whether HTTPS is in use or not.
Phil Goodwin
Technical Lead
XWS-Security -
Validation Fails - BadPaddingException: Given final block not property padded
I'm following the Quick-Start Guide step-by-step and get the following message when I run Validator.bat from section "4. Setup & deploy..."
C:\Users\Charles\Desktop\FlashAccess2_0_2\Flash Access Server for Protected Stre
aming>Validator -g -r C:\Tomcat\licenseserver
Validating global deployment ...
Validating partition deployment - flashaccessserver...
Validating tenant deployment - flashaccessserver/sampletenant...
javax.crypto.BadPaddingException: Given final block not properly padded
at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
at com.sun.crypto.provider.SunJCE_ab.b(DashoA13*..)
at com.sun.crypto.provider.PBEWithMD5AndDESCipher.engineDoFinal(DashoA13
at javax.crypto.Cipher.doFinal(DashoA13*..)
at com.adobe.flashaccess.server.license.configuration.commonsadapter.Scr
ambleUtil.decode(ScrambleUtil.java:83)
at com.adobe.flashaccess.server.license.configuration.commonsadapter.Scr
ambleUtil.unscramble(ScrambleUtil.java:51)
at com.adobe.flashaccess.server.license.configuration.commonsadapter.Ten
antConfigurationImpl$CryptographyImpl.readCredentials(TenantConfigurationImpl.ja
va:583)
at com.adobe.flashaccess.server.license.configuration.commonsadapter.Ten
antConfigurationImpl$CryptographyImpl.<init>(TenantConfigurationImpl.java:516)
at com.adobe.flashaccess.server.license.configuration.commonsadapter.Ten
antConfigurationImpl.<init>(TenantConfigurationImpl.java:108)
at com.adobe.flashaccess.server.license.configuration.commonsadapter.Com
monsConfigurationBasedFactory.getTenantConfiguration(CommonsConfigurationBasedFa
ctory.java:89)
at com.adobe.flashaccess.server.license.tools.Validator.validateTenantDe
ployment(Validator.java:255)
at com.adobe.flashaccess.server.license.tools.Validator.validatePartitio
nDeployment(Validator.java:283)
at com.adobe.flashaccess.server.license.tools.Validator.validateGlobalDe
ployment(Validator.java:301)
at com.adobe.flashaccess.server.license.tools.Validator.process(Validato
r.java:173)
at com.adobe.flashaccess.server.license.tools.Validator.main(Validator.j
ava:117)
Failed to validate tenant deployment 'flashaccessserver/sampletenant' - null
See log for details:
(C:\Users\Charles\AppData\Local\Temp\temp82526431968521948758558823183500\flasha
ccessserver\flashaccess-partition.log)Hi Safdar,
It's a very valid question, considering the confusion I had with the different scramblers...
This is what I am using:
For the license server I used the scrambler in "Flash Access Server for Protected Streaming". After passing the parameters directly to the jar (and not as parameters to the batch file) I get the same result on Windows and on Linux. I use this value in flashaccess-tenant.xml on both Windows and Linux and the license servers work correctly on both platforms.
The problems are on the packager. I am using Flash Access Manager running on a windows machine to configure both packagers (the one on Windows and the one on Linux). I have the same certificates installed on both machines. For both configurations I enter the same password, and when I save the configuration both flashaccess-refimpl-packager.properties files show the same scrambled value. However, the packager on Windows works fine, but on Linux I get the BadPaddingException error.
Is this clearer?
Am I worng to assume I can run Flash Access Manager on a windows machine and use it to configure and run a packager on a Linux machine? Is there a way to run the Flash Access Manager on Linux?
Thanks,
- Naomi -
Seeing a lot of ERROR - could not decrypt password Given final block not...
What cause these error messages in DPS 6.x?
[18/Apr/2009:23:05:55 -0400] - CONFIG - ERROR - could not decrypt password Given final block not properly padded
[18/Apr/2009:23:05:55 -0400] - CONFIG - ERROR - could not decrypt password Given final block not properly padded
[18/Apr/2009:23:05:55 -0400] - CONFIG - ERROR - could not decrypt password Given final block not properly padded
[18/Apr/2009:23:05:55 -0400] - CONFIG - ERROR - could not decrypt password Given final block not properly padded
[18/Apr/2009:23:05:55 -0400] - CONFIG - ERROR - could not decrypt password Given final block not properly padded
[18/Apr/2009:23:05:55 -0400] - CONFIG - ERROR - could not decrypt password Given final block not properly padded
[18/Apr/2009:23:05:55 -0400] - CONFIG - ERROR - could not decrypt password Given final block not properly padded
[18/Apr/2009:23:05:55 -0400] - CONFIG - ERROR - could not decrypt password Given final block not properly padded
[18/Apr/2009:23:05:55 -0400] - CONFIG - ERROR - could not decrypt password Given final block not properly padded
[18/Apr/2009:23:05:55 -0400] - CONFIG - ERROR - could not decrypt password Given final block not properly padded
[18/Apr/2009:23:05:55 -0400] - CONFIG - ERROR - could not decrypt password Given final block not properly padded
[18/Apr/2009:23:05:56 -0400] - CONFIG - ERROR - could not decrypt password Given final block not properly padded
[18/Apr/2009:23:05:56 -0400] - CONFIG - ERROR - could not decrypt password Given final block not properly padded
[18/Apr/2009:23:05:56 -0400] - CONFIG - ERROR - could not decrypt password Given final block not properly padded
[18/Apr/2009:23:05:56 -0400] - CONFIG - ERROR - could not decrypt password Given final block not properly padded
[18/Apr/2009:23:05:56 -0400] - CONFIG - ERROR - could not decrypt password Given final block not properly padded
[18/Apr/2009:23:05:56 -0400] - CONFIG - ERROR - could not decrypt password Given final block not properly padded
[18/Apr/2009:23:05:56 -0400] - CONFIG - ERROR - could not decrypt password Given final block not properly padded
[18/Apr/2009:23:05:56 -0400] - CONFIG - ERROR - could not decrypt password Given final block not properly padded
[18/Apr/2009:23:05:57 -0400] - CONFIG - ERROR - could not decrypt password Given final block not properly paddedYou have copied a DPS configuration (conf.ldif) from one instance to another one.
Passwords are encrypted in the conf.ldif with an instance-specific key.
2 ways to address the problem:
- either
stop the proxy, manually edit the conf.ldif and replace encrypted values (prefixed by {3DES})
with the value in clear.
DPS will encrypt them again during next startup.
- or
copy the dps keystore files (in alias if I remember well) to the target dps instance as the keystore
contains the encryption key.
Maybe you are looking for
-
PP CC 2014 and AE CC 2014 issues an nMacPro
My frustration with the combination of Adobe and the new MacPro grows. I’ve posted in here before and everyone has been helpful, I’m hoping you can help shed some light once more. First I’ll explain the issue then let you know how the system is arran
-
Customizing default aggregation
I have a cube (based on G/L Balances) which has 9 flex field segments, time, currency and set of books. These segments have altogether approx 25 hierarchies. My issue is, using AWM how does one specify PRECOMPUTE(NA) for some of these dimensions in a
-
Sources for photoshop elements 10 capabilities
I am a newbee to Photoshop elements, I am not even sure how to properly load pictures to be edited, when to use Edit and when to use organizer, There are all kinds of capabilites I have no idea at all about. I would like to experiment with raw edit
-
How can you activate an iPhone 4 without the original sim or jailbreaking it?
I have just recieved my iPhone 4 and it has not yet been activated. I tried to activate it but it just says 'Activation Failed' and to put in the original sim card, which i dont have. It said when i bought the phone it was unlocked and i have tried t
-
Dates of Price Changes per Article
Hi, I have a table with the following columns: Date ArticleID OriginalPrice NowPrice PriceReduction I'd like to create calculated columns as follows: the date of last/first price reduction per ArticleID the date of lowest/highest NowPrice per Article