Android - AES decryption failing with strange content lengths

Question

i am trying to decode an AES encrypted data that i get from a webservice. The encrypted length is: 4256 bytes The decrypted length is: 4247 bytes

Baiscally i think that would be ok because of some padding or something... BUT. the data actually decrypts fine to plain text. Except that some characters are missing at the end.

What could possibly cause the missing characters at the end?

Here comes my decryption code:

public static byte[] decrypt(byte[] input) throws Exception {
    byte[] rawKey = getKey("bla".getBytes());
    SecretKeySpec secretKeySpec = new SecretKeySpec(rawKey, "AES");
    Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
    AlgorithmParameterSpec iv = new IvParameterSpec(new byte[] { 0, 0, 0,
            0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 });
    cipher.init(Cipher.DECRYPT_MODE, secretKeySpec, iv);
    return cipher.doFinal(input);
}

Answer 1

Posting this as an answer because it's too long for a comment :(

Problem solved, it never was the decryption that was causing the error. Decryption was fine.

The actual problem was me, trying to convert the string to a json object while it was a json array.

That in combination with a logcat limit of 4k characters masked to actual json error messages and cut off my debug messages (so there never were any characters missing)...

Answer 2

As Paŭlo says, the problem is almost certainly in the padding. Set up a test decrypt() method with no padding: "AES/CBC/NoPadding" IIRC. Decrypt the same cyphertext and have a look at the actual bytes of padding that have been added to the end of the message. That should tell you what padding (if any) is actually being added to the message.