I have CMS encrypted data using Bouncy Castle and I would like to decrypt it's content. However, I am running into a problem of getting javax.crypto.BadPaddingException: pad block corrupted
. I believe, there is something wrong with the secrete key
val provider = new BouncyCastleProvider()
// output encoder
val gen = new CMSEncryptedDataGenerator()
val encoder = new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(BouncyCastleProvider.PROVIDER_NAME).build()
// secrete key
val spec = new DESedeKeySpec(encoder.getKey.getRepresentation.asInstanceOf[Array[Byte]])
val keyFactory = SecretKeyFactory.getInstance("DESEDE", provider)
val secretKey = keyFactory.generateSecret(spec)
// Encryption
val cmsEncryptedData: CMSEncryptedData = gen.generate(new CMSProcessableByteArray("Hello World!".getBytes()), encoder)
// Decryption
val decryptedContententBinary: Array[Byte] = {
cmsEncryptedData.getContent(new InputDecryptorProvider {
override def get(algorithm: AlgorithmIdentifier): InputDecryptor = new InputDecryptor {
override def getAlgorithmIdentifier: AlgorithmIdentifier = algorithm
override def getInputStream(encIn: InputStream): InputStream = {
val parameters = new JceAlgorithmIdentifierConverter().setProvider(provider).getAlgorithmParameters(algorithm)
val cipher = Cipher.getInstance(parameters.getAlgorithm, provider)
cipher.init(Cipher.DECRYPT_MODE, secretKey, parameters) // throws javax.crypto.BadPaddingException: pad block corrupted
new CipherInputStream(encIn, cipher)
}
}
})
}
I have just fixed the problem I had. Here is the working code:
// output encoder
val gen = new CMSEncryptedDataGenerator()
val random = new SecureRandom()
val encoder = new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(BouncyCastleProvider.PROVIDER_NAME).setSecureRandom(random).build()
// secrete key
val key = new SecretKeySpec(encoder.getKey.getRepresentation.asInstanceOf[Array[Byte]], "DESede")
// Encryption
val cmsEncryptedData: CMSEncryptedData = gen.generate(new CMSProcessableByteArray("Hello World!".getBytes()), encoder)
// Decryption
val decryptedContententBinary: Array[Byte] = {
cmsEncryptedData.getContent(new InputDecryptorProvider {
override def get(algorithm: AlgorithmIdentifier): InputDecryptor = new InputDecryptor {
override def getAlgorithmIdentifier: AlgorithmIdentifier = algorithm
override def getInputStream(encIn: InputStream): InputStream = {
val parameters = new JceAlgorithmIdentifierConverter().setProvider(provider).getAlgorithmParameters(encoder.getAlgorithmIdentifier)
val cipher = Cipher.getInstance(algorithm.getAlgorithm.getId, provider)
cipher.init(Cipher.DECRYPT_MODE, key, parameters)
new CipherInputStream(encIn, cipher)
}
}
})
}