Input length must be a multiple of 16 when decrypting with additional encryption

I have a program for the server and the client, the server sends an encrypted message to the client, i.e. server side code:

cipher2 = Cipher.getInstance("AES"); secretKeySpec = new SecretKeySpec(decryptedText, "AES"); cipher2.init(Cipher.ENCRYPT_MODE, secretKeySpec); feedback = "Your answer is wrong".getBytes(); cipher2.doFinal(feedback); dos.writeInt(feedback.length); dos.write(feedback); 

client side code:

 int result_len = 0; result_len = din.readInt(); byte[] result_Bytes = new byte[result_len]; din.readFully(result_Bytes); cipher2 = Cipher.getInstance("AES"); cipher2.init(Cipher.DECRYPT_MODE, aesKey); byte[] encrypt = cipher2.doFinal(result_Bytes); 

Throwing exceptions in byte[] encrypt = cipher2.doFinal(result_Bytes);

 javax.crypto.IllegalBlockSizeException: Input length must be multiple of 16 when decrypting with padded cipher at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:750) at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:676) at com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:313) at javax.crypto.Cipher.doFinal(Cipher.java:2086) 

what is the problem?

+6
source share
4 answers

There was a similar problem. But it is important to understand the root cause, and it may vary for different use cases.

Scenario 1
You are trying to decrypt a value that was not correctly encoded in the first place.

 byte[] encryptedBytes = Base64.decodeBase64(encryptedBase64String); 

If for some reason the string is incorrectly configured or incorrectly encoded, you will see the error "The input length must be a multiple of 16 when decrypting with additional encryption"

Scenario 2
Now, if you accidentally use this encoded string in the url (trying to pass the value in url to base64Encoded, this will fail. You must do URLEncoding and then pass to the token, it will work.

Scenario 3
When integrating with one of the providers, we found that we needed to do Base64 encryption using URLEncoder, but then we did not need to decode it, because it was made internally by the provider

+5
source
+2
source

I know this post is outdated and was a long time ago, but I also had a problem with the same error:

The problem was that the ciphertext was converted to String and byte[] when trying to execute DECRYPT.

  private Key getAesKey() throws Exception { return new SecretKeySpec(Arrays.copyOf(key.getBytes("UTF-8"), 16), "AES"); } private Cipher getMutual() throws Exception { Cipher cipher = Cipher.getInstance("AES"); return cipher;// cipher.doFinal(pass.getBytes()); } public byte[] getEncryptedPass(String pass) throws Exception { Cipher cipher = getMutual(); cipher.init(Cipher.ENCRYPT_MODE, getAesKey()); byte[] encrypted = cipher.doFinal(pass.getBytes("UTF-8")); return encrypted; } public String getDecryptedPass(byte[] encrypted) throws Exception { Cipher cipher = getMutual(); cipher.init(Cipher.DECRYPT_MODE, getAesKey()); String realPass = new String(cipher.doFinal(encrypted)); return realPass; } 
+2
source

I had this problem once. In fact, my code was right and worked when I run it without a server. The error was that when I received the parameter from the URL, the encrypted URL with the plus (+) symbol automatically changed to space. This may be a problem with ur check once. Here is my encryption and decryption logic with a key generator if you want you to be able to use it too.

 public class Anything { private static final String ALGO = "AES"; //generate 128bit key private static final String keyStr = "Z8LSq0wWwB5v+6YJzurcP463H3F12iZh74fDj4S74oUH4EONkiKb2FmiWUbtFh97GG/c/lbDE47mvw6j94yXxKHOpoqu6zpLKMKPcOoSppcVWb2q34qENBJkudXUh4MWcreondLmLL2UyydtFKuU9Sa5VgY/CzGaVGJABK2ZR94="; private static Key generateKey() throws Exception { byte[] keyValue = keyStr.getBytes("UTF-8"); MessageDigest sha = MessageDigest.getInstance("SHA-1"); keyValue = sha.digest(keyValue); keyValue = Arrays.copyOf(keyValue, 16); // use only first 128 bit Key key = new SecretKeySpec(keyValue, ALGO); return key; } public static String encrypt(String Data) throws Exception { Key key = generateKey(); Cipher c = Cipher.getInstance(ALGO); c.init(Cipher.ENCRYPT_MODE, key); byte[] encVal = c.doFinal(Data.getBytes()); String encryptedValue = DatatypeConverter.printBase64Binary(encVal); return encryptedValue; } public static String decrypt(String encryptedData) throws Exception { Key key = generateKey(); Cipher c = Cipher.getInstance(ALGO); c.init(Cipher.DECRYPT_MODE, key); byte[] decordedValue = DatatypeConverter.parseBase64Binary(encryptedData); byte[] decValue = c.doFinal(decordedValue); String decryptedValue = new String(decValue); return decryptedValue; } } + 6YJzurcP463H3F12iZh74fDj4S74oUH4EONkiKb2FmiWUbtFh97GG / c / lbDE47mvw6j94yXxKHOpoqu6zpLKMKPcOoSppcVWb2q34qENBJkudXUh4MWcreondLmLL2UyydtFKuU9Sa5VgY / CzGaVGJABK2ZR94 ="; public class Anything { private static final String ALGO = "AES"; //generate 128bit key private static final String keyStr = "Z8LSq0wWwB5v+6YJzurcP463H3F12iZh74fDj4S74oUH4EONkiKb2FmiWUbtFh97GG/c/lbDE47mvw6j94yXxKHOpoqu6zpLKMKPcOoSppcVWb2q34qENBJkudXUh4MWcreondLmLL2UyydtFKuU9Sa5VgY/CzGaVGJABK2ZR94="; private static Key generateKey() throws Exception { byte[] keyValue = keyStr.getBytes("UTF-8"); MessageDigest sha = MessageDigest.getInstance("SHA-1"); keyValue = sha.digest(keyValue); keyValue = Arrays.copyOf(keyValue, 16); // use only first 128 bit Key key = new SecretKeySpec(keyValue, ALGO); return key; } public static String encrypt(String Data) throws Exception { Key key = generateKey(); Cipher c = Cipher.getInstance(ALGO); c.init(Cipher.ENCRYPT_MODE, key); byte[] encVal = c.doFinal(Data.getBytes()); String encryptedValue = DatatypeConverter.printBase64Binary(encVal); return encryptedValue; } public static String decrypt(String encryptedData) throws Exception { Key key = generateKey(); Cipher c = Cipher.getInstance(ALGO); c.init(Cipher.DECRYPT_MODE, key); byte[] decordedValue = DatatypeConverter.parseBase64Binary(encryptedData); byte[] decValue = c.doFinal(decordedValue); String decryptedValue = new String(decValue); return decryptedValue; } } 
-3
source

Source: https://habr.com/ru/post/915167/


All Articles