Aes128 decryption: javax.crypto.badpaddingexception pad block is damaged

Android

I try to decrypt the encrypted data received from the web service

Encryption is done using AES 128

I use the following code to decrypt the data:

public static String decrypt(String strToDecrypt)
{       
    try
    {
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding"); //AES/CBC/PKCS7Padding
        SecretKeySpec secretKey = new SecretKeySpec(AppConstants.AESEncryptionKey.getBytes("UTF8"), "AES");
        int blockSize = cipher.getBlockSize();
        cipher.init(Cipher.DECRYPT_MODE, secretKey, new IvParameterSpec(new byte[blockSize])); //new IvParameterSpec(new byte[16])
        byte decBytes[] = cipher.doFinal(Base64.decode(strToDecrypt, 0));
        // byte decBytes[] = cipher.doFinal(Base64.decodeBase64(strToDecrypt));
        String decStr = new String(decBytes);
        System.out.println("After decryption :" + decStr);
        return decStr;
    }
    catch (Exception e)
    {
        System.out.println("Exception in decryption : " + e.getMessage());
    }
    return null;
}

stay

I get the following exceptions:

I experienced my post, but there was no solution in the end. I was trapped here

resolvent:

AES keys should contain random data. If they are stored as strings, information may be lost, especially when encoding with UTF-8. Your route:

AppConstants.AESEncryptionKey.getBytes("UTF8")

Makes it very unlikely that you will lose data during conversion to / from string. If a string is required, use hexadecimal, or store the string only as a byte array

Please note that this answer does not indicate any security related tips. Usually, you only want to export keys or store them in containers. You also do not want to use CBC on insecure channels

The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.
THE END
分享
二维码
< <上一篇
下一篇>>