java aes javax.crypto.BadPaddingException: Given final block not properly padded

Question

public class AES {

    public String getEncrypt(String pass){
        String password = encrypt(pass);
        return password;
    }

    public String getDecrypt(String pass){
        String key = "AesSEcREtkeyABCD";
        byte[] passwordByte = decrypt(key,pass);
        String password = new String(passwordByte);
        return password;
    }

    private byte[] decrypt(String key, String encrypted) {
        try {
            SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes(), "AES");
            Cipher cipher = Cipher.getInstance("AES");
            cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(skeySpec.getEncoded(), "AES"));
            //getting error here
            byte[] original = cipher.doFinal(encrypted.getBytes());
            return original;
        } catch (IllegalBlockSizeException ex) {
            ex.printStackTrace();
        } catch (BadPaddingException ex) {
            ex.printStackTrace();
        } catch (InvalidKeyException ex) {
            ex.printStackTrace();
        } catch (NoSuchAlgorithmException ex) {
            ex.printStackTrace();
        } catch (NoSuchPaddingException ex) {
            ex.printStackTrace();
        }
        return null;
    } 

    private String encrypt(String value) {
        try {
            byte[] raw = new byte[]{'A', 'e', 's', 'S', 'E', 'c', 'R', 'E', 't', 'k', 'e', 'y','A','B','C','D'};
            SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
            Cipher cipher = Cipher.getInstance("AES");
            cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
            byte[] encrypted = cipher.doFinal(value.getBytes());
            System.out.println("encrypted string:" + (new String(encrypted)));
            return new String(encrypted);
        } catch (NoSuchAlgorithmException ex) {
            ex.printStackTrace();
        } catch (IllegalBlockSizeException ex) {
            ex.printStackTrace();       
        } catch (BadPaddingException ex) {
            ex.printStackTrace();
        } catch (InvalidKeyException ex) {
            ex.printStackTrace();
        } catch (NoSuchPaddingException ex) {
            ex.printStackTrace();
        }
        return null;
    }

** I am having a null pointer whenever I decrypt. sometimes it gives me the correct decrypted password but sometimes it gives me a null pointer. can't guess what the problem is here **

Answer 1

You are mixing Strings and byte arrays. That is not always a good thing to do. At the very least specify what charset you are using for the byte to char conversion. Even then it is not 100% safe. Better to treat strings as strings and byte arrays as byte arrays.

If that does not solve it then there are many things that can cause a "Bad Padding" error. Basically anything that causes the end of the last block not to match the expected padding will throw the error. Possible causes include: incorrect padding setting, incorrect key, corrupted cyphertext and others.

To try and diagnose the problem, set the decryption side to NoPadding. This will accept anything, and allow you to examine the output:

• complete garbage: you probably have an error in the key or different mode settings.

• first block garbage: you may have a key error or an IV error.

• last block garbage: likely a corrupt end to the cyphertext file.

• a correct decryption with some strange bytes at the end: the strange bytes are the padding.

If it really is just the padding, then set the decryption function to expect that sort of padding. Otherwise check that the key/IV/cyphertext is byte-for-byte the same for both encryption and decryption.

It is vital that you set a padding mode after diagnosis. NoPadding is insecure.