4

I have the following PHP routine to encrypt my communication with the client:

public static function encrypt($input, $key) {
        $size = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB); 
        $input = AES::pkcs5_pad($input, $size); 
        $td = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_ECB, ''); 
        $iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td), MCRYPT_RAND); 
        mcrypt_generic_init($td, $key, $iv); 
        $data = mcrypt_generic($td, $input); 
        mcrypt_generic_deinit($td); 
        mcrypt_module_close($td); 
        $data = base64_encode($data); 
        return $data; 
}

and the following Java rotuine to decrypt my communication with the server:

public static String decrypt(String input, String key) {
        byte[] output = null;
        try {
            SecretKeySpec skey = new SecretKeySpec(key.getBytes(), "AES");
            Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
            cipher.init(Cipher.DECRYPT_MODE, skey);
            output = cipher.doFinal(Base64.decode(input,Base64.NO_WRAP));
        } catch (Exception e) {
            System.out.println(e.toString());
        }
        return new String(output);
}

Why does the following decryption routine throws an exception?

java.lang.IllegalArgumentException: bad base-64

Edit: After hardcoding the string into the code I am getting a BadPaddingException.

my input to decrypt function :

wrmRa2hAoseNOev6/ascapxkLQRGX/GW3DQm3ETwBH7gJm1NetkgGFzgY4kZTE10Tv45YIcy/xoodq/GumSY5hsao1s4bkuKXZeim/IDTVr3elrqX13b81/XE5iB3iJrAqny2dQ5SsWso0lUcAZGS2Wls/lTeQiIKXEaOh7iZZ3xOtM6633iNcoiFxEnX5A0dMrdRNEOkmQ3UnQmuIGTSv0RLKuPv5r5dplGZ3N2LMMpoB0AMu3DSXFEdiD4XN49
Improve this question
13
  • stackoverflow.com/questions/23241257/bad-base-64-error Commented Oct 1, 2016 at 10:07
  • @USKMobility, tried using URL_SAFE alone and it didn't work, trying the answer that was suggested now. Commented Oct 1, 2016 at 10:28
  • try to observe your input string that have non-base64 character Commented Oct 1, 2016 at 10:30
  • @USKMobility my input string is directly from the PHP function, is it possible it will generate non Base64 chars? Commented Oct 1, 2016 at 10:31
  • It is best not to use mcrypt, it is abandonware, has not been updated in years and does not support standard PKCS#7 (née PKCS#5) padding, only non-standard null padding that can't even be used with binary data. mcrypt had many outstanding bugs dating back to 2003. Instead consider using defuse or RNCryptor, they provide a complete solution and are being maintained and is correct. Commented Oct 1, 2016 at 11:10

1 Answer 1

Reset to default
1

It is possible that you need to use:

Base64.decode(input,Base64.NO_WRAP|Base64.URL_SAFE)

It is also possible you need a different combo of flags too.

It also depends how you are getting the base64 string. Sometimes the '+' is converted to a ' ' (space) if it transferred from a URL or other online source.

Improve this answer
Sign up to request clarification or add additional context in comments.

6 Comments

I still get bad-base64, the string I'm encrypting on the php script is constant it's a string containing javascript that doesn't change.
Without seeing the base64 string or knowing exactly how you are transferring the base64 string I can only guess. I'm guessing this might not be something you want to share, but maybe you can do a test case that also produces the error and you can share.
I get the usual base64 string with no bad chars, it doesn't make sense.
It makes sense to me - it all depends on the transfer method. Just for fun / debug, you could do a test by hard-coding the base64 string in to your Java to see if that works. The Wikipedia article might help too.
I hardcoded as you suggested and now I'm getting a BadPaddingException, also added the base64 string to thread and using your Base64.NO_WRAP | Base64.URL_SAFE causes a bad-base64 exception, any ideas?
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.