Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

The Crypto-Padding Issue - BadPaddingException

DZone's Guide to

The Crypto-Padding Issue - BadPaddingException

·
Free Resource

Introduction

BadPaddingException came over night as unpleasand message thrown by our java application which used the "javax.crypto" libraries for the en- and decryption. The reason for the unexpected state was the java version 1.7.0_71. Looking at the java documentation explains this undesirable behaviour [Ref]. In some bug trackers new topic were opened about this issue [Ref].

Solution

Some developers have tried to avoid this kind of exception by manipulating and correcting the padding of the data byte arrays [Ref]. Because this method wasn't elegant I thought maybe there is some other way to avoid the BPE. The solution for this was using the whole transformation form string i.e. "DES/CBC/PKCS5Padding" instead of the shorter transformation form stirng i.e. "DES" on creating the the Chiper instance. This is also mentioned in the last Reference too.

This version of the cipher instance which had worked before java 1.7.0_71:

Cipher cipher = Cipher.getInstance("DES");

The modified version of the chiper instance. The task here was to find the corrent transformation string.

Cipher cipher = Cipher.getInstance("DES/CBS/PKCS5Padding");

For this example several other transformation can be used include [Ref]:

  • DES/CBC/NoPadding
  • DES/CBC/PKCS5Padding
  • DES/ECB/NoPadding
  • DES/ECB/PKCS5Padding

Unexpected Behaviour

After the modification of the transformation there were still problems with the de- and encryption. The reason was that for different files different transformation strings (the padding part) are needed. In our application for the en- and decryption of the ZIP files the transformation with "NoPadding" was the right choice. On other side for the same procedure on XML files which were created via JAXB on the marshalling and unmarshalling the cipher transformation "PKCS5Padding" was the correct selection. This was found by accident after several test with different transformations.

Résumé

This artice was dedicated to the unexpected and annoying BadPaddingException which caused problems for a while because of changes in one of the core classes of java. Beside that an description how this was solved and what side effect were originated from the solution are mentioned here as well. I hope this hints can save any developer some debugging time on acting against the BadPaddingException.

Topics:
cryptography ,cipher ,security

Opinions expressed by DZone contributors are their own.

THE DZONE NEWSLETTER

Dev Resources & Solutions Straight to Your Inbox

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.

X

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}