javax.crypto.BadPaddingException: Data must start with zero

Question

First of all, this is not a duplicate question. I am facing a very strange issue.

Following is what I do.

Case 1:

1. Generate Key Pair
2. Encrypt Using Private Key
3. Decrypt Using Public Key

Everything works fine.

Case 2:

1. Load Certificate from Mozila Firefox Key Store
2. Use Certificate A
3. Encrypt Using Private Key of Certificate A
4. Decrypt Using Public Keu of Certificate A

Everything works fine.

Case 3:

1. Load Certificate from Internet Explorer Key Store
2. Use Certificate A
3. Encrypt Using Private Key of Certificate A
4. Decrypt Using Public Keu of Certificate A

At Decrypt time, I get error of BadPadding exception

Following is snippet of each of my codes.

Generating Key Pair

    KeyPair keyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair(); 
    PublicKey publicKey = keyPair.getPublic();
    PrivateKey privateKey = keyPair.getPrivate();

Load Mozilla KeyStore

    String strCfg = System.getProperty("user.home")+ File.separator + "jdk6-nss-mozilla.cfg";
    Provider p1 = new sun.security.pkcs11.SunPKCS11(strCfg);
    Security.addProvider(p1);
    keyStore = KeyStore.getInstance("PKCS11");
    keyStore.load(null, "password".toCharArray());

Content of Config file

name=NSS
slot=2
library=C:/Program Files/Mozilla Firefox/softokn3.dll
nssArgs="configDir='C:/Documents and Settings/pratik.vohera.DIGI-CORP/Application Data/Mozilla/Firefox/Profiles/t48xsipj.default' certPrefix='' keyPrefix=''     secmod='secmod.db' flags=readOnly"

Load IE KeyStore

    keyStore = KeyStore.getInstance("Windows-MY");
    keyStore.load(null, null);

Get Public and Private key from KeyStore

    if (keyStore != null) {
    Enumeration<String> enumaration = null;
    try {
        enumaration = keyStore.aliases();
    } catch (KeyStoreException e1) {
        e1.printStackTrace();
    }
    ArrayList<String> certiList;
    while (enumaration.hasMoreElements()) {
        String aliases = enumaration.nextElement();
        certiList = new ArrayList<String>();
        certiList.add(aliases);
        try {
            selectedCert = keyStore.getCertificate(aliases);
            selectedpublickey = (RSAPublicKey) selectedCert.getPublicKey();
            selectedAlias = aliases;
            selectedprivateKey = (PrivateKey) keyStore.getKey(selectedAlias, null);}
        } catch (KeyStoreException e) {
            e.printStackTrace();
        }
    }

Encryption

private static String publicEncrypt(String text, Key pubKey) throws Exception {
    BASE64Encoder bASE64Encoder = new BASE64Encoder();
    byte[] plainText = text.getBytes();
    Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
    cipher.init(Cipher.ENCRYPT_MODE, pubKey);
String encryptedText = bASE64Encoder.encode(cipher.doFinal(plainText));
return encryptedText;
}

Decryption

private static String privateDecrypt(String text, Key priKey)throws Exception     {
    BASE64Decoder base64Decoder = new BASE64Decoder();
byte[] encryptText = base64Decoder.decodeBuffer(text);
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
cipher.init(Cipher.DECRYPT_MODE, priKey);
String decryptedString = new String(cipher.doFinal(encryptText));
return decryptedString;
}

Exception Stacktrace

javax.crypto.BadPaddingException: Data must start with zero
at sun.security.rsa.RSAPadding.unpadV15(Unknown Source)
at sun.security.rsa.RSAPadding.unpad(Unknown Source)
at com.sun.crypto.provider.RSACipher.a(DashoA13*..)
at com.sun.crypto.provider.RSACipher.engineDoFinal(DashoA13*..)
at javax.crypto.Cipher.doFinal(DashoA13*..)
at test.testclass.privateDecrypt(testclass.java:198)
at test.testclass.test(testclass.java:137)
at test.testclass.main(testclass.java:120)

I have been working on this for a long time. This is very important. Do let me know if any further information is required.

Answer 1

In the third case, the problem is: You try to encrypt using the private key and decrypt using the public key which is wrong. You should always decrypt using the private key.