AES-256 and PKCS7Padding fails in Java

java encryption aes jce pkcs#7
Boardy picture Boardy · Sep 19, 2014 · Viewed 21.7k times · Source

I have a couple of library, C#, PHP and Android where they all encrypt/decrypt a string in the same way so they are all compatible with each other, i.e. C# writes and encrypts data to a database and PHP can successfully decrypt it and return the original string.

I now need to do the same thing with a standard Java application, so I've taken the code from my Android library and need libraries but I am getting an exception. As far as I know the code wasn't Android specific so it shouldn't be a problem.

Below is my encryption function 

public static String encrypt(String plainPasword)
    {
            String password = "";
            try
            {
                SecretKeySpec key = new SecretKeySpec("hcxilkqbbhczfeultgbskdmaunivmfuo".getBytes("US-ASCII"), "AES");
                IvParameterSpec iv = new IvParameterSpec("ryojvlzmdalyglrj".getBytes("US-ASCII"));

                Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");

                cipher.init(Cipher.ENCRYPT_MODE, key, iv);

                byte[] encoded = cipher.doFinal(plainPasword.getBytes());
                password = new String(Base64.encodeBase64(encoded));

            }
            catch (Exception ex)
            {
                System.err.println("Encryption Exception: " + ex.toString());
            }
            return password;
    }

When I call Encryption.encrypt("myString") I get the following exception:

Encryption Exception: java.security.NoSuchAlgorithmException: Cannot find any provider supporting AES/CBC/PKCS7Padding

As I said this code is working fine on Android and it shouldn't make any difference where it is running from.

Update

I found that I needed PKCS5Padding instead of 7 thanks to a link on a comment. I am now though getting the following exception:

Encryption Exception: java.security.InvalidKeyException: Illegal key size

Answer

erickson picture erickson · Sep 19, 2014

First, in Java, the standard padding name is PKCS5Padding, not PKCS7Padding. Java is actually performing PKCS #7 padding, but in the JCA specification, PKCS5Padding is the name given.

Next, you are trying to use AES-256, so you'll need to install the Unlimited Strength Jurisdiction policy files.

Hopefully this is just an example and you aren't using the same IV for every message, right?

Related questions

How to create a secure random AES key in Java?

What is the recommended way of generating a secure, random AES key in Java, using the standard JDK? In other posts, I have found this, but using a SecretKeyFactory might be a better idea: KeyGenerator keyGen = KeyGenerator.getInstance("AES"); SecureRandom …

Read More
java.security.NoSuchAlgorithmException:Cannot find any provider supporting AES/ECB/PKCS7PADDING

I was trying to encrypt data using AES algorithm. However, with the following exception has occurred. java.security.NoSuchAlgorithmException: Cannot find any provider supporting AES/ECB/PKCS7PADDING Someone know a solution to this issue? My JDK's version is 1.7.

Read More
Java 256-bit AES Password-Based Encryption

I need to implement 256 bit AES encryption, but all the examples I have found online use a "KeyGenerator" to generate a 256 bit key, but I would like to use my own passkey. How can I create my own key? I …

Read More