RSA BadPaddingException : data must start with zero

Question

I try to implement an RSA algorithm in a Java program. I am facing the \"BadPaddingException : data must start with zero\". Here are the methods used to encrypt and decrypt

Answer 1

So far, I've tracked this down to CipherSpi.engineDoFinal(). The explanation provided for BadPaddingException is

[Thrown when the] cipher is in decryption mode, and (un)padding has been requested, but the decrypted data is not bounded by the appropriate padding bytes

More specific behavior seems to be Spi-dependent. Do you know what Spi you're using? Just the default?

EDIT: Unfortunately, I'm having a hard time tracking down what the default Spi is. It looks like it's chosen in Cipher.java's chooseFirstProvider() method, lines 644 to 721 here. If you have a debugger handy, you might want to find out what Spi you have, then check the documentation for it... but I still think it's more likely that something's going on with the input, not the logic (I asked about that earlier, in a comment).

Answer 2

In principle the code looks OK -- I would put some logging in to make sure the key you're generating is genuinely the one that is then read from the file (you're not doing something silly like generating data with a new key, then trying to read it with an old one, for example?)