How to handle “last block incomplete in decryption”

Question

I have a simple class to try and wrap encryption for use elsewhere in my program.

import java.security.SecureRandom;
import javax.crypto.Cipher;
import java         


        

Answer 1

I don't know if this is the problem with the IllegalBlockSizeException, but you should not encode the key as a String, especially without specifying the character encoding. If you want to do this, use something like Base-64, which is designed to encode any "binary" data, rather than a character encoding, which only maps certain bytes to characters.

The key is, in general, going to contain byte values that do not correspond to a character in the default platform encoding. In that case, when you create the String, the byte will be translated to the "replacement character", U+FFFD (�), and the correct value will be irretrievably lost.

Trying to use that corrupt String representation of the key later will prevent the plaintext from being recovered; it is possible it could cause the IllegalBlockSizeException, but I suspect an invalid padding exception would be more likely.

Another possibility is that the source platform and the target platform character encodings are different, and that "decoding" the ciphertext results in too few bytes. For example, the source encoding is UTF-8, and interprets two bytes in the input as a single character, while the target encoding is ISO-Latin-1, which represents that character as a single byte.