iJose iJose - 1 year ago 405
Java Question

AES128 Decryption :javax.crypto.badpaddingexception pad block corrupted

I try to decrypt an encrypted data that I receive from a web service.

The encryption is done using

AES 128

I use the following code to decrypt the data:

public static String decrypt(String strToDecrypt)
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding"); //AES/CBC/PKCS7Padding
SecretKeySpec secretKey = new SecretKeySpec(AppConstants.AESEncryptionKey.getBytes("UTF8"), "AES");
int blockSize = cipher.getBlockSize();
cipher.init(Cipher.DECRYPT_MODE, secretKey, new IvParameterSpec(new byte[blockSize])); //new IvParameterSpec(new byte[16])
byte decBytes[] = cipher.doFinal(Base64.decode(strToDecrypt, 0));
// byte decBytes[] = cipher.doFinal(Base64.decodeBase64(strToDecrypt));
String decStr = new String(decBytes);
System.out.println("After decryption :" + decStr);
return decStr;
catch (Exception e)
System.out.println("Exception in decryption : " + e.getMessage());
return null;



I got the following Exception:

javax.crypto.badpaddingexception pad block corrupted

I went through my post but ended up with no solution. I am badly stuck over here.

Answer Source

AES keys should consist of random data. If you store them as a String then you are likely to loose information, especially if you use encodings such as UTF-8. Your line:


Makes it likely that you've lost data during conversion to/from a string. Use hexadecimals instead if you require a string, or simply store the key as a byte array.

Note that this answer doesn't indicate any security related hints. In general you only want to derive keys or store them in containers. You don't want to use CBC over an insecure channel either.

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download