My application works in windows, but fails in Linux with Given final block not properly padded
exception.
Configuration:
My code is below:
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
public class SecurityKey {
private static Key key = null;
private static String encode = "UTF-8";
private static String cipherKey = "DES/ECB/PKCS5Padding";
static {
try {
KeyGenerator generator = KeyGenerator.getInstance("DES");
String seedStr = "test";
generator.init(new SecureRandom(seedStr.getBytes()));
key = generator.generateKey();
} catch(Exception e) {
}
}
// SecurityKey.decodeKey("password")
public static String decodeKey(String str) throws Exception {
if(str == null)
return str;
Cipher cipher = null;
byte[] raw = null;
BASE64Decoder decoder = new BASE64Decoder();
String result = null;
cipher = Cipher.getInstance(cipherKey);
cipher.init(Cipher.DECRYPT_MODE, key);
raw = decoder.decodeBuffer(str);
byte[] stringBytes = null;
stringBytes = cipher.doFinal(raw); // Exception!!!!
result = new String(stringBytes, encode);
return result;
}
}
At the line:
ciper.doFilnal(raw);
the following exception is thrown:
javax.crypto.BadPaddingException: Given final block not properly padded
How can I fix this issue?
The answer lies in the fact that SecureRandom
seeding may be different for specific runtimes. Most of the time you will get "SHA1PRNG"
, which won't get seeded immediately. Instead, you can call setSeed()
before requesting any random, and in that case that seed is used as only source of entropy. In this case your key will always be the same.
The problem is that it is not defined which SecureRandom
is returned. You may get an entirely different, platform specific implementation for which the above is not true. You may not get the one of the Sun provider, if another provider takes precedence.
Then there is the issue with the seed. The seed used the platform default encoding for the seedStr
variable during the call to getBytes()
. As the encodings may differ, the seeds may differ and thus the result will differ as well.
Try to use a function such as PBKDF2 instead for key derivation; there is enough on stackoverflow on how to procede.
As follows: I had to modify the contents.
static{
try {
KeyGenerator generator = KeyGenerator.getInstance("DES");
String seedStr = "test";
SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
random.setSeed(seedStr.getBytes());
generator.init(random);
key = generator.generateKey();
} catch(Exception e) {
}
}
It work's!! Thanks!!!
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With