0

This is my code so far. Every time I run it, I receive a bad padding exception only while trying to decrypt. If I swap the use of my private and public keys it still throws the same exception in decrypt. This makes me believe that it is an issue with the Decrypt itself. Any thoughts on what I am doing wrong?

try {
            Cipher Bob_Message_Verify = Cipher.getInstance("RSA");    
            Bob_Message_Verify.init(Cipher.DECRYPT_MODE, Alice_Pair_I.getPublic());
            Bob_Verification_Message_Decrypt = (Bob_Message_Verify.doFinal(Bob_Verification_Message_Encrypt));

        }catch(NoSuchAlgorithmException e)
        {
            throw new OTPException("Not RSA");
        }
        catch(IllegalBlockSizeException e)
        {
            throw new OTPException("Wrong Block Size");
        }
        catch(NoSuchPaddingException e)
        {
            throw new OTPException("No Padding");
        }
        catch(InvalidKeyException e)
        {
            throw new OTPException("Invalid Key");
        }
        catch(BadPaddingException e)
        {
            throw new OTPException("Bad Padding");
        }
Improve this question
3
  • bad padding exception always come when you decrypt with some different java version than the java with which you encrypt it Commented May 8, 2020 at 14:38
  • welcome to stackoverflow. Take a tour and get your first badge-stackoverflow.com/tour Commented May 8, 2020 at 14:38
  • Your question is impossible to answer without more details, such as how the message was encrypted. Note that Java has a Signature API which is what you should be using for signing/verifying. Also, never use defaults in crypto. In your case, your transformation string "RSA" does not specify the mode and padding and thus relies on defaults. Different providers will use different defaults. Commented May 8, 2020 at 17:29

1 Answer 1

Reset to default
1

The reason that you are getting an error is that you are trying to verify with a Cipher. You need to use a Signature instance of that. Note that the specifics of signature generation are rather different from a cipher. Signature verification conversely is not the same as decryption with the public key.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.