鉴于最终阻塞没有正确填充AES256

Question

I have a key, and the I want to decrypt the data using this key, but Given final block not properly padded error appears.

 Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
    cipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(new byte[cipher.getBlockSize()]));
    byte[] encryptedBytes_updates = cipher.update(encryptedBytes);
    String decryptedText = new String(cipher.doFinal(encryptedBytes_updates));

I tried some advices from forums, but no luck.

May be someone can help?

Answer 1

If the message you're decoding is less than 16 bytes, one of the issues may be that you're using the wrong IV. Specifically, this line is incorrect:

cipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(new byte[cipher.getBlockSize()]));

You're creating an IvParameterSpec from a byte array of all 0's (because you just created it, but didn't fill it with any data). If you're doing the same thing while encrypting, this is the reason encryption/decryption works locally for you.

What you need to do is create the IvParameterSpec using a byte array containing the IV that the server sends you. If the server isn't sending you the IV in a separate field, it may be that the IV has been prepended or appended to the encrypted data you receive (this is a fairly common practice). I would trying pulling off the first block (16 bytes) of the encrypted data and use that as the IV. If that doesn't work, try the last block of encrypted data. Or better yet, ask whoever runs the server or read the manual to determine where to get the IV from.

Also, this looks incorrect as well:

byte[] encryptedBytes_updates = cipher.update(encryptedBytes);
String decryptedText = new String(cipher.doFinal(encryptedBytes_updates));

Why would you take encryptedBytes_updates and feed it back in to the cipher? update decrypts the data, then you're trying to decrypt it again using doFinal . Do this instead:

String decryptedText = new String(cipher.doFinal(encryptedBytes));