Error: Given final block not properly padded

Question

I'm getting an error everytime I run this

"Error: Given final block not properly padded"

Basically I'm trying to brute force the last 3 bytes of the key, the first 13 bytes are correct. Any idea what am I doing wrong? I tried removing the padding and it works but it couldn't find the plaintext that I'm sure it exists and contains the word "Mary had". Note: I'm using sun.misc.BASE64Decoder

here's a part of my code.

        String myiv = new String(new byte[] {
                0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,0x39,0x31,0x30,0x31,0x31,0x31,0x32,0x33
        });

        char [] mykeyarray = new char[] {0x86,0xe5,0x30,0x90,0xff,0x62,0xa0,0x9a,0x81,0x00,0xad,0x9e,0x8f,0x00,0x00,0x00};
        String encoded = "dm8cfvs+c7pKM+WR+fde8b06SB+lqWLS4sZW+PfQSKtTfgPknzYzpTVOtJP3JBoU2Uo/7XWopjoPDOlPr24duuck0z+vAx91bYTwQo4INnIIBkj/lhJMWmvAKaUIO3qzBoGg8ynQOhuG6LY7Wo0uww==";

        IvParameterSpec ivspec = new IvParameterSpec(myiv.getBytes());

        byte [] decoded;    
        FileWriter fstream = new FileWriter("out.txt");
        BufferedWriter out = new BufferedWriter(fstream);
        String mykey;
        int repeat = 256;

        outerloop:
        for(int i=0;i<repeat;i++){
            for(int j=0;j<repeat;j++){
                for(int k=0;k<repeat;k++){

                    mykey = new String(mykeyarray);

                    SecretKeySpec keyspec = new SecretKeySpec(mykey.getBytes(), "AES");

                    Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");

                    System.out.println("I: "+i+" J: "+j+" K: "+k); 

                    decoded = new BASE64Decoder().decodeBuffer(encoded); 

                    cipher.init(Cipher.DECRYPT_MODE, keyspec, ivspec);

                         byte [] decrypted = cipher.doFinal(decoded);
                         String dec = new String(decrypted);

                         if(dec.contains("Mary")){
                             out.write(dec);
                            out.write("\n");
                            System.out.println(dec);
                            break outerloop;
                         }

                            mykeyarray[15]++;
                }
                mykeyarray[14]++;
                mykeyarray[15]=0x00;
            }
            mykeyarray[13]++;
            mykeyarray[14]=0x00;
            mykeyarray[15]=0x00;
        }
            out.close();
    }

    catch(Exception e){
        System.out.println("Error: " + e.getMessage());
    }
}

}

Answer 1

Try to learn more about PKCS#5 padding. It's a special bytes beeing added to plain text before encryption. It can't be correct if the text was decrypted with a wrong key. If you brute-force a key, you will take this error on each key except correct one.

Answer 2

Your code makes many many mistakes, and I don't know what you are trying to accomplish. So I'll explain why you may receive a BadPaddingException for a CBC cipher:

• your key is incorrect
• one or both of the last two blocks of ciphertext have been altered
• one or more blocks have been removed from the end of the ciphertext
• the IV is incorrect and the ciphertext consists of a single block

Good luck hunting down the cause of the exception.

Answer 3

Since decrypting with a random key gives you a random message, you usually don't get correct padding. Just catch the exception and move on.

You will get padding errors approximately 93% of the time when brute forcing a PKCS5 padded message. PKCS5 padding pads out your message with bytes containing the length of the padding. So valid padding is 0x01, 0x2 0x02, 0x03 0x03 0x03, ...., 0xFF 0xFF 0xFF 0xFF 0xFF 0xFF 0xFF 0xFF 0xFF 0xFF 0xFF 0xFF 0xFF 0xFF 0xFF 0xFF. The odds of correct padding happening in a random message are 1/16 + (1/16)^2 ... (1/16)^16 <.067. Which means you get incorrect padding about 1- %6.7 = 93% of the time.