Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

AES-256 and PKCS7Padding fails in Java

I have a couple of library, C#, PHP and Android where they all encrypt/decrypt a string in the same way so they are all compatible with each other, i.e. C# writes and encrypts data to a database and PHP can successfully decrypt it and return the original string.

I now need to do the same thing with a standard Java application, so I've taken the code from my Android library and need libraries but I am getting an exception. As far as I know the code wasn't Android specific so it shouldn't be a problem.

Below is my encryption function

public static String encrypt(String plainPasword)
    {
            String password = "";
            try
            {
                SecretKeySpec key = new SecretKeySpec("hcxilkqbbhczfeultgbskdmaunivmfuo".getBytes("US-ASCII"), "AES");
                IvParameterSpec iv = new IvParameterSpec("ryojvlzmdalyglrj".getBytes("US-ASCII"));

                Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");

                cipher.init(Cipher.ENCRYPT_MODE, key, iv);

                byte[] encoded = cipher.doFinal(plainPasword.getBytes());
                password = new String(Base64.encodeBase64(encoded));

            }
            catch (Exception ex)
            {
                System.err.println("Encryption Exception: " + ex.toString());
            }
            return password;
    }

When I call Encryption.encrypt("myString") I get the following exception:

Encryption Exception: java.security.NoSuchAlgorithmException: Cannot find any provider supporting AES/CBC/PKCS7Padding

As I said this code is working fine on Android and it shouldn't make any difference where it is running from.

Update

I found that I needed PKCS5Padding instead of 7 thanks to a link on a comment. I am now though getting the following exception:

Encryption Exception: java.security.InvalidKeyException: Illegal key size
like image 314
Boardy Avatar asked Sep 19 '14 20:09

Boardy


People also ask

Does Java support AES 256?

Java and AES encryption inputs.In Java, we can use SecureRandom to generate the random IV. 1.2 The AES secret key, either AES-128 or AES-256 .

How to decrypt AES in Java?

We can do the AES encryption and decryption using the secret key that is derived from a given password. For generating a secret key, we use the getKeyFromPassword() method.

What is the best encryption algorithm in Java?

RC4 - Key size from 40-bit to 1024-bit, RC4 is the fastest java supported encryption algorithm.


1 Answers

First, in Java, the standard padding name is PKCS5Padding, not PKCS7Padding. Java is actually performing PKCS #7 padding, but in the JCA specification, PKCS5Padding is the name given.

Next, you are trying to use AES-256, so you'll need to install the Unlimited Strength Jurisdiction policy files.

Hopefully this is just an example and you aren't using the same IV for every message, right?

like image 196
erickson Avatar answered Sep 28 '22 02:09

erickson