tags:

views:

1277

answers:

4
+3  Q: 

AES Encryption Java Invalid Key length

I am trying to create an AES encryption method, but for some reason I keep getting a 'java.security.InvalidKeyException: Key length not 128/192/256 bits'.

Here is the code:

public static SecretKey getSecretKey(char[] password, byte[] salt) throws NoSuchAlgorithmException, InvalidKeySpecException{
    SecretKeyFactory factory = SecretKeyFactory.getInstance("PBEWithMD5AndDES");
    // NOTE: last argument is the key length, and it is 256
    KeySpec spec = new PBEKeySpec(password, salt, 1024, 256);
    SecretKey tmp = factory.generateSecret(spec);
    SecretKey secret = new SecretKeySpec(tmp.getEncoded(), "AES");
    return(secret);
}


public static byte[] encrypt(char[] password, byte[] salt, String text) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, InvalidParameterSpecException, IllegalBlockSizeException, BadPaddingException, UnsupportedEncodingException{
    SecretKey secret = getSecretKey(password, salt);

    Cipher cipher = Cipher.getInstance("AES");

    // NOTE: This is where the Exception is being thrown
    cipher.init(Cipher.ENCRYPT_MODE, secret);
    byte[] ciphertext = cipher.doFinal(text.getBytes("UTF-8"));
    return(ciphertext);
}

Can anyone see what I am doing wrong? I am thinking it may have something to do with the SecretKeyFactory algorithm, but that is the only one I can find that is supported on the end system I am developing against. Any help would be appreciated. Thanks.

A: 

using any padding mechanisms to fill the empty bits

Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
Wajdy Essam  2010-04-02 19:58:32
oops, sorry this padding for input not for the key
Wajdy Essam  2010-04-02 20:03:58
+2  A: 

There is an answer in an earlier post at this link. Hope this helps!

Etamar L.  2010-04-02 20:23:02
so, it seems that the java instance does not support what i need:'A java.security.InvalidKeyException with the message "Illegal key size or default parameters" '
wuntee  2010-04-02 20:42:29
Also, is it a limitation on the Cipher, or the SecretKey?
wuntee  2010-04-02 20:44:28
+1  A: 

For a stronger key strength encryption you would need to download Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files.

http://java.sun.com/javase/downloads/index.jsp (Check Other Downloads).

Mohamed Mansour  2010-04-03 04:02:57
I have downloaded the extra jars, added them to the project, but am still getting the exception...
wuntee  2010-04-03 22:48:19
You don't add them to the project, those are runtime libraries. The README.txt file states that you have to install them to your runtime security folder (overwrite the files there)If your using JDK then: /path/to/jdk/jre/libs/security/ If your using JRE instead: /path/to/jre/libs/security/
Mohamed Mansour  2010-04-06 23:46:30
Did that solve your question?
Mohamed Mansour  2010-05-09 23:18:50
A: 

Hello,

When I place the following code and run it, I don't receive any exceptions:

import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.InvalidParameterSpecException;
import java.security.spec.KeySpec;

import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;


public class Main 
{
    public static void main(String[] args)
    {
        String pass = "this is the pass";
        char[] pw = new char[pass.length()];
        for(int k=0; k<pass.length();++k)
        {
            pw[k] = pass.charAt(k); 
        }
        try {
            byte[] q = encrypt(pw,"asdf".getBytes(),"der text");
            System.out.println(new String(q));
        } catch (InvalidKeyException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        } catch (NoSuchAlgorithmException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        } catch (InvalidKeySpecException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        } catch (NoSuchPaddingException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        } catch (InvalidParameterSpecException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        } catch (IllegalBlockSizeException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        } catch (BadPaddingException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        } catch (UnsupportedEncodingException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }

    }

    public static SecretKey getSecretKey(char[] password, byte[] salt) throws NoSuchAlgorithmException, InvalidKeySpecException{
        SecretKeyFactory factory = SecretKeyFactory.getInstance("PBEWithMD5AndDES");
        // NOTE: last argument is the key length, and it is 256
        KeySpec spec = new PBEKeySpec(password, salt, 1024, 256);
        SecretKey tmp = factory.generateSecret(spec);
        SecretKey secret = new SecretKeySpec(tmp.getEncoded(), "AES");
        return(secret);
    }


    public static byte[] encrypt(char[] password, byte[] salt, String text) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, InvalidParameterSpecException, IllegalBlockSizeException, BadPaddingException, UnsupportedEncodingException{
        SecretKey secret = getSecretKey(password, salt);

        Cipher cipher = Cipher.getInstance("AES");

        // NOTE: This is where the Exception is being thrown
        cipher.init(Cipher.ENCRYPT_MODE, secret);
        byte[] ciphertext = cipher.doFinal(text.getBytes("UTF-8"));
        return(ciphertext);
    }
}

I was never able to recreate the exception that you had. I'm running J2SE 1.6 and developing on Eclipse.

Could it be that your password is not 16 bytes long?

Chopstick  2010-05-12 05:21:01

related questions

Java Time Zone is messed up
Eclipse on win64
Automate builds for Java RCP for deployment with JNLP
Why are professors or schools picking Java over C++ to teach to students?
Is there a real benefit of using J#?
Public/Popular Websites using JavaServer Faces
Why can't I use a try block around my super() call?
Accessing post variables using Java Servlets
Personal Linux web server
Is this really widening vs autoboxing?
How can I Java webstart multiple, dependent, native libraries?
Why can't I call toString() on a Java primitive?
How do I use Java to read from a file that is actively being written?
What code analysis tools do you use for your Java projects?
IllegalArgumentException or NullPointerException for a null parameter?
How do I configure and communicate with a serial port?
What is the best way to parse strings in Java
Getting started with a custom JXTA PeerGroup
Creating a custom button in Java
How to get started "writing" a code coverage tool?
Which Build-/Configuration Management Tool?
What is the difference between an int and an Integer in Java/C#?
What is the meaning of the type safety warning in certain Java generics casts?
How would you access Object properties from within an object method?
Converting CSV File to XML in Java