java.lang.VerifyError: Bad type on operand stack with Java crypto

I built a library and obfuscated with with ProGuard. Everything is fine but things happen to be bad when I add a util to decrypt text by Java Crypto AES.
ProGuard: 7.2.2.
Java: 8.

The error like this:

java.lang.VerifyError: Bad type on operand stack
Exception Details:
Location:
org/myOrg/DataCheck.decrypt(Ljava/lang/String;)Ljava/lang/String; @197: invokevirtual
Reason:
Type ‘java/lang/Object’ (current frame, stack[2]) is not assignable to ‘java/security/GeneralSecurityException’
Current Frame:
bci: @197
flags: { }
locals: { top, ‘java/lang/Object’ }
stack: { ‘java/io/PrintStream’, ‘java/lang/StringBuilder’, ‘java/lang/Object’ }
Bytecode:
0x0000000: 1010 bc08 5903 0354 5904 0354 5905 0354
0x0000010: 5906 0354 5907 0354 5908 0354 5910 0603
0x0000020: 5459 1007 0354 5910 0803 5459 1009 0354
0x0000030: 5910 0a03 5459 100b 0354 5910 0c03 5459
0x0000040: 100d 0354 5910 0e03 5459 100f 0354 4cbb
0x0000050: 001f 592b b700 384d 1208 b800 374e bb00
0x0000060: 2059 1202 b600 2a12 09b6 0028 1201 1101
0x0000070: 00b7 0039 3a04 2d19 04b6 0036 3a05 bb00
0x0000080: 2159 1905 b900 3b01 0012 03b7 003a 3a06
0x0000090: 1204 b800 343a 0719 0705 1906 2cb6 0035
0x00000a0: bb00 0d59 1907 b800 2f2a b600 31b6 0033
0x00000b0: b700 27b0 4cb2 0023 bb00 0e59 b700 2b12
0x00000c0: 06b6 002c 2bb6 002e b600 2cb6 002d b600
0x00000d0: 2501 b0
Exception Handler Table:
bci [0, 179] => handler: 180
bci [0, 179] => handler: 180
bci [0, 179] => handler: 180
bci [0, 179] => handler: 180
bci [0, 179] => handler: 180
bci [0, 179] => handler: 180
bci [0, 179] => handler: 180
Stackmap Table:
full_frame(@180,{},{Object[#12]})

The decypt function is:

protected static String decrypt(String strToDecrypt)
{
    try
    {
        byte[] iv = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
        IvParameterSpec ivspec = new IvParameterSpec(iv);
        SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
        KeySpec spec = new PBEKeySpec(SECRET_KEY.toCharArray(), SALTVALUE.getBytes(), 65536, 256);
        SecretKey tmp = factory.generateSecret(spec);
        SecretKeySpec secretKey = new SecretKeySpec(tmp.getEncoded(), "AES");
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
        cipher.init(Cipher.DECRYPT_MODE, secretKey, ivspec);
        
        return new String(cipher.doFinal(Base64.getDecoder().decode(strToDecrypt)));
    }
    catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | InvalidKeySpecException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e)
    {
        System.out.println("Error occurred during decryption: " + e);
    }
    return null;
}

Hi @KhoaBui!

It’s possible that the problem is introduced by the preverification process because some library classes are missing.

Do you have warnings for missing classes in the log? Especially, if they’re related to this crypto code. You should add any library jars to your configuration using the -libraryjars config option.

If this doesn’t help, can you share a sample that reproduces the problem?

Thanks,

James

1 Like

Yes, the warnings are hidden by the -dontwarn option. After enabled warning then I saw lots of unreferenced classes that need to be configured by -libraryjars and issue was solved.

Thanks so much @james!

2 Likes