Question & Answer
Question
Encrypted data is decrypted with javax.crypto.Cipher class in the application code.
If trying to decrypt truncated data in the application, IllegalBlockSizeException is thrown as expected. After IllegalBlockSizeException is thrown, valid data can be decryted with the same cipher object when IBM Java 7 is used. However, IllegalBlockSizeException is still thrown in the same situation when IBM Java 8 is used.
Cause
As specification for doFinal in Cipher, cipher object may need to be reset before it can be used again if any exception is thrown. This specification is applied to both IBM Java 7 and IBM Java 8.
Answer
The application code needs to call Cipher.init again to reset cipher object to re-use its cipher object when doFinal gets exception.
The specification for doFinal in Cipher of Java 7 and Java 8 both indicate: "if any exception is thrown, this cipher object may need to be reset before it can be used again.".
https://www.ibm.com/docs/en/sdk-java-technology/8?topic=jce-cipher
https://www.ibm.com/docs/en/sdk-java-technology/7?topic=jce-cipher
https://www.ibm.com/docs/en/sdk-java-technology/7?topic=jce-cipher
> Note: if any exception is thrown, this cipher object may need to be reset before it can be used again.
There are different implementations for IBM Java 7 and IBM Java 8. But, both IBM Java 7 and IBM Java 8 are following the same specification for doFinal in Cipher. Therefore, the application code should be calling Cipher.init to reset cipher object like below when doFinal gets any exception for any Java or JCE version.
try{
cipher.doFinal(...);
} catch (Exception e) {
cipher.init(Cipher.DECRYPT_MODE, ...);
}
[{"Type":"MASTER","Line of Business":{"code":"LOB08","label":"Cognitive Systems"},"Business Unit":{"code":"","label":""},"Product":{"code":"SG9NGS","label":"IBM Java"},"ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Was this topic helpful?
Document Information
Modified date:
31 August 2021
UID
ibm16485131