Cipher decryption data is with a wrong padding (BadPaddingException)

[ghiyatshanif]

Hi, I'm getting this intermittent error while getting accessToken saved in CryptoPrefs. I have no control of the accessToken value saved to the preference as it's coming from the API, do you guys have any idea why it's happening?

Fatal Exception: com.andreacioccarelli.cryptoprefs.exceptions.CryptoPreferencesException: Cipher decryption data is with a wrong padding (BadPaddingException). input = [�K2|E��D�ŠF�0p
XL��e��9� �-��::��A8�t��O?�OF�u��l]h]�{5�f�A�t���g�] javax.crypto.BadPaddingException: error:1e000065:Cipher functions:OPENSSL_internal:BAD_DECRYPT
       at com.andreacioccarelli.cryptoprefs.wrappers.PrefsEncrypter.finalize + 108(PrefsEncrypter.kt:108)
       at com.andreacioccarelli.cryptoprefs.wrappers.PrefsEncrypter.decrypt + 89(PrefsEncrypter.kt:89)
       at com.andreacioccarelli.cryptoprefs.CryptoWrapper.get + 35(CryptoWrapper.kt:35)
       at com.andreacioccarelli.cryptoprefs.CryptoPrefs.get + 46(CryptoPrefs.kt:46)
       at co.sleekr.sleekrhr.core.retrofit.NetworkBuilder$authenticator$1.invokeSuspend + 117(NetworkBuilder.kt:117)
       at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith + 33(ContinuationImpl.kt:33)
       at kotlinx.coroutines.DispatchedTask.run + 233(Dispatched.kt:233)
       at kotlinx.coroutines.EventLoopImplBase.processNextEvent + 116(EventLoop.kt:116)
       at kotlinx.coroutines.BlockingCoroutine.joinBlocking + 76(Builders.kt:76)
       at kotlinx.coroutines.BuildersKt__BuildersKt.runBlocking + 53(Builders.kt:53)
       at kotlinx.coroutines.BuildersKt.runBlocking + 1(:1)
       at kotlinx.coroutines.BuildersKt__BuildersKt.runBlocking$default + 35(Builders.kt:35)
       at kotlinx.coroutines.BuildersKt.runBlocking$default + 1(:1)
       at co.sleekr.sleekrhr.core.retrofit.NetworkBuilder.authenticator + 99(NetworkBuilder.kt:99)
       at co.sleekr.sleekrhr.core.retrofit.NetworkBuilder.access$authenticator + 33(NetworkBuilder.kt:33)
       at co.sleekr.sleekrhr.core.retrofit.NetworkBuilder$mySleekrHttpClient$$inlined$let$lambda$1.authenticate + 89(NetworkBuilder.kt:89)
       at okhttp3.internal.http.RetryAndFollowUpInterceptor.followUpRequest + 288(RetryAndFollowUpInterceptor.java:288)
       at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept + 158(RetryAndFollowUpInterceptor.java:158)
       at okhttp3.internal.http.RealInterceptorChain.proceed + 147(RealInterceptorChain.java:147)
       at okhttp3.internal.http.RealInterceptorChain.proceed + 121(RealInterceptorChain.java:121)
       at co.sleekr.sleekrhr.core.retrofit.NetworkBuilder$queryParameter$1.intercept + 173(NetworkBuilder.kt:173)
       at okhttp3.internal.http.RealInterceptorChain.proceed + 147(RealInterceptorChain.java:147)
       at okhttp3.internal.http.RealInterceptorChain.proceed + 121(RealInterceptorChain.java:121)
       at co.sleekr.sleekrhr.core.retrofit.NetworkBuilder$headerInterceptor$1.intercept + 145(NetworkBuilder.kt:145)
       at okhttp3.internal.http.RealInterceptorChain.proceed + 147(RealInterceptorChain.java:147)
       at okhttp3.internal.http.RealInterceptorChain.proceed + 121(RealInterceptorChain.java:121)
       at okhttp3.logging.HttpLoggingInterceptor.intercept + 213(HttpLoggingInterceptor.java:213)
       at okhttp3.internal.http.RealInterceptorChain.proceed + 147(RealInterceptorChain.java:147)
       at okhttp3.internal.http.RealInterceptorChain.proceed + 121(RealInterceptorChain.java:121)
       at co.sleekr.sleekrhr.core.retrofit.NetworkBuilder$checkConnectivityInterceptor$1.intercept + 187(NetworkBuilder.kt:187)
       at okhttp3.internal.http.RealInterceptorChain.proceed + 147(RealInterceptorChain.java:147)
       at okhttp3.internal.http.RealInterceptorChain.proceed + 121(RealInterceptorChain.java:121)
       at okhttp3.RealCall.getResponseWithInterceptorChain + 200(RealCall.java:200)
       at okhttp3.RealCall$AsyncCall.execute + 147(RealCall.java:147)
       at okhttp3.internal.NamedRunnable.run + 32(NamedRunnable.java:32)
       at java.util.concurrent.ThreadPoolExecutor.runWorker + 1162(ThreadPoolExecutor.java:1162)
       at java.util.concurrent.ThreadPoolExecutor$Worker.run + 636(ThreadPoolExecutor.java:636)
       at java.lang.Thread.run + 764(Thread.java:764)

here's how i try to get the accessToken: sharedPref.pref().get(REFRESH_TOKEN, emptyString())

pref() returns CryptoPref

[cioccarellia]

Very nice question. Can't wrap my head around it, would you be so kind to provide more detail about:

• Android version
• Device manifacture
• Target App SDK version
• App signature (Production signed or debug)

Also, you noticed this error with a specific pattern or it appears to show up randomly?

[cioccarellia]

I was having this same error some time ago but I could not find a fix, specifically, because it was subtle. Sometimes my app would randomly crash because of this exception being thrown out of nowhere.

Then I made a sample app that just pushed and pulled garbage values to and from the preferences but it just worked fine, and after something like 100'000 I/O operations I gave up on this.

It has to do with openssl decryption algorithm and padding. That's what we have by now, I'll do some research.

[cioccarellia]

This could be useful

[cioccarellia]

In v2 the issue will not be present because of the different approach we will take towards encryption and encoding system