Java encrypt / decrypt via String not working because of padding

0
votes

I have to encode a string using AES/ECB/PKCS5Padding. The encrypted result ( new String(encryptedResult) as they don't want bytes) is then sent to a partner. My partner then decrypt the string using getBytes().

Here is the decrypting method : 

    public static String decrypter(final String donnees) throws NoSuchAlgorithmException, NoSuchPaddingException,
        InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
    Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
    cipher.init(Cipher.DECRYPT_MODE, key);

    return new String(cipher.doFinal(donnees.getBytes()));
}

My problem is that I get this error when I try to decrypt : Input Length must be multiple of 16 when decrypting with padded cipher.

When I decode bytes directly it works just fine. How can I make the string.getBytes() not loose padding ? Or any other solutions ?

I cannot change the crypting algorythm, and the same can be said about the string and not bytes beeing sent to the partner.

1
javaencryptioncryptography
You can't just turn bytes into a String like that. At the least you'd need to use an 8-bit encoding, or preferably use something like Base64. - Kayaman
See stackoverflow.com/questions/1536054/… - Oleg
Thanks to both of you, the problem is solved. I had a quite wrong understanding of how bytes work. - Martin Remy
Do not use ECB mode in new work and update legacy work ASAP, it is not secure, see ECB mode, scroll down to the Penguin. Instead use CBC mode with a random IV, just prefix the encrypted data with the IV for use in decryption, it does not need to be secret. - zaph

1 Answers

1
votes

A padding error generally means the decryption failed and failures can include a incorrect key, data and encodings. Incorrect decryption has a side-effect of also producing incorrect padding.

In this case it is an incorrect encoding of the encrypted data. If you need the encrypted data as a string the general method is to use Base64 or hexadecimal encoding.

This code is incorrect: new String(cipher.doFinal(donnees.getBytes()));