javax.crypto.BadPaddingException:Given final block not properly padded

后端 未结 4 1612
忘了有多久
忘了有多久 2021-02-04 07:50

I have to decrypt a frame on my server. Encrypted frame comes from client device through GPRS on socket.Encryption is done with TripleDes and

相关标签:
4条回答
  • 2021-02-04 07:53

    I've taken a look at your stringToHex method and it seems to be incorrect. Try this one instead:

            StringBuilder rep = new StringBuilder();
            for (byte b : base.getBytes) {
                rep.append(Integer.toString((b & 0xff) + 0x100, 16).substring(1));
            }
            System.out.println(rep);
    

    Also I found this TripleDes with Padding example; you could try with the algorithm and transformation the example uses.

    0 讨论(0)
  • 2021-02-04 07:59

    The main issue with your code is that you are decrypting using a default of PKCS5Padding. "TripleDES" will result in "TripleDES/ECB/PKCS5Padding" internally. This is as it is implemented in the Sun JCE provider; most other providers copy this default.

    It seems you are expecting zero padding, which means you should use "DESede/ECB/NoPadding" instead. After that you can use an external function to calculate the plain text size (removing zero padding may remove zero valued plain text at the end if you are not careful).

    Other issues:

    • trying to pad data before decryption (you should unpad data after decryption)
    • encoding and character encoding issues, such as trying to pad with the character value of "0", which is probably wrong

    I've indicated "ECB" because I don't know the actual mode used. You could amend your question with the right mode and padding algorithm if you can find out. You might want to try CBC mode as well if ECB does not work.

    Note that ECB mode is not safe to use except for very specific circumstances. Using CBC with a randomized IV is a minimal requirement.

    0 讨论(0)
  • 2021-02-04 08:03

    If the documentation does not tell you what padding is being used on the incoming cyphertext, then decrypt with "NoPadding", which will accept any sort of padding on the last block. Then have a look at the hex of your last block. That will tell you what padding is being used at the encrypting end. Amend your code to expect the correct type of padding. The different types of padding are covered here.

    0 讨论(0)
  • 2021-02-04 08:17

    (3)DES encrypts/decrypts blocks of 8 bytes. As not all texts are precisely 8 bytes, the last block must contain bytes that are not original from the plain text.

    Trick is to find out which one is the last character of the plain text. Sometimes the length of the plain text is known beforehand - then the padding characters can be anything really.

    If the length of the plain text is not known then a deterministic padding algorithm must be used, e.g. PKCS5Padding. PKCS5Padding always performs padding, even if the plaintext is N * blocksize in bytes. The reason for this is simple: otherwise it doesn't know if the last byte is plain text or padding.

    I will try to come with a working code later...have to test it. In the meantime try using the padding algorithms.

    0 讨论(0)
提交回复
热议问题