Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Decrypting with java a PHP-generated encription (padding problem)

843811Jan 10 2009 — edited Jan 12 2009
Hi all, I'm trying to make my client-side java application decrypt an encrypted string generated on a web server (PHP code).
The PHP coding function is this: (I can attach here or you can find the complete code inside the "phpMyAdmin" project) 
function PMA_blowfish_encrypt($data, $secret) {
    $pma_cipher = new Horde_Cipher_blowfish;
    $encrypt = '';
    for ($i=0; $i<strlen($data); $i+=8) {
        $block = substr($data, $i, 8);
        if (strlen($block) < 8) {
            $block = full_str_pad($block, 8, "\0", 1);
        }
        $encrypt .= $pma_cipher->encryptBlock($block, $secret);
    }
    return base64_encode($encrypt);
}
While this is the JAVA decrypting function i use: 
/*
     * This actually does the encryption/decryption.
     */
    private static String crypt(String input, String key, int mode)
            throws Exception {

        byte[] raw = key.getBytes();
        SecretKeySpec secretkeySpec = new SecretKeySpec(raw, "Blowfish");

        // create a cipher based upon Blowfish
        Cipher cipher = Cipher.getInstance("Blowfish");
        

        // initialise cipher to with secret key
        cipher.init(mode, secretkeySpec);

        // encrypt-decrypt message
        if(mode == Cipher.ENCRYPT_MODE)
            return(new String(cipher.doFinal(input.getBytes())));
        else
            return(new String(cipher.doFinal(input.getBytes())));

    }
Now I'm able to decode the base64 encoding but decrypting calling the above function
gives me this error: 
Exception in thread "main" javax.crypto.BadPaddingException: Given final block not properly padded
        at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
        at com.sun.crypto.provider.SunJCE_f.b(DashoA13*..)
        at com.sun.crypto.provider.BlowfishCipher.engineDoFinal(DashoA13*..)
        at javax.crypto.Cipher.doFinal(DashoA13*..)
        at esempi.BlowfishCipher.crypt(BlowfishCipher.java:95)
        at esempi.BlowfishCipher.main(BlowfishCipher.java:48)
Java Result: 1
What's the problem? The fact that PHP code uses "\0" padding while in Java I haven't specified it?
I've tried to reverse-engeneer in Java the PHP encoding and I had success (only with a 8 characters long word), given that
calling: 
crypt(<8 characters word>, <secret_key>, Cipher.ENCRYPT_MODE).substring(0, 8));
gives me the exact same encrypted string the server generates.
Thanks in advance for your help
Emilio
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Feb 9 2009
Added on Jan 10 2009
#cryptography
3 comments
1,086 views