[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-jce] BadPaddingException in RecipientInfo.decryptKey()



Hello,

Attached is a testing program testP12EncrDecr that fails with a
BadPaddingException for my Versign-CA p12 file and for an RSA-CA p12
file.  The syntax for invokingthe program is

java testP12EncrDecr  p12_file  p12_file_password
file_to_encrypt_decrypt symm_alg_name session_key_length

The program uses the password to decrypt the p12 file and employs the
user cert inside it to create a PKCS7 EnvelopedData file with one
RecipientInfo and the supplied data file as the content.  Then the
private key extracted from the p12 file is used to decrypt the
EnvelopedData file's session key  and decryption with the session key
yields the orginal data file.

This works file for a p12 file that I generate using the IAIK libraries
to generate the RSA keypair and self-signed cert (see attached p12
files)

java testP12EncrDecr c:\keys\alan.p12 j c:\a.txt DES 56
java testP12EncrDecr c:\keys\alan.p12 j c:\a.txt Blowfish 40

However, when I run with an RSA-CA p12 file provided to us by RSA,
java testP12EncrDecr c:\keys\lexiasnetscape.p12 password c:\a.txt DES 56

I get the following exception:

decryptFile failed, Exception = iaik.pkcs.PKCSException:
javax.crypto.BadPadding
Exception: Encrypted message has not k OCTETS!
iaik.pkcs.PKCSException: javax.crypto.BadPaddingException: Encrypted
message has
 not k OCTETS!
        at iaik.pkcs.pkcs7.RecipientInfo.decryptKey(Unknown Source)
        at testP12EncrDecr.decryptFile(testP12EncrDecr.java, Compiled
Code)
        at testP12EncrDecr.start(testP12EncrDecr.java:71)
        at testP12EncrDecr.main(testP12EncrDecr.java:512)

Note that another p12 file provided to us by RSA, called LexiasMS.p12
with password = "password", works successfully.

When the same test is performed with a Verisign-CA p12 file (not
attached, can be supplied to you privately if you need to test with it)
we get a slightly different exception:
decryptFile failed, Exception = iaik.pkcs.PKCSException:
javax.crypto.BadPadding
Exception: Encryption block has wrong block type!

These exceptions are independent of the symmetric algorithm chosen.  I
included the complexity of the algorithm handling just to indicate that
my encryption and decryption routines cannot use the simpler versions of
the EnvelopedDataStream constructor, etc. which are available when
AlgorithmParameters are not needed.

Thanks in advance for your help,
Alan Grenadir

testP12EncrDecr.java

alan.p12

lexiasnetscape.p12

LexiasMS.p12