Testing RSA to encrypt an AES key, I realized that RSA has only 1 block with a limited size (settable by the programmer) do store the encrypted key. The question is, when I use:
KeyGenerator.getInstance("AES").generateKey()
the AES keys will have a constant size in every computer and jvm implementation?
Suns Java Cryptography Extension documentation states that multiple key sizes are supported for AES keys and doesn't provide any information on the default size.
The maximum size of keys can also vary depending on the jurisdictional files used by different versions of Suns JVM.
There is an init method in the KeyGenerator that allows you to specify the number of bits.
KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
keyGenerator.init(128);
SecretKey key = keyGenerator.generateKey();
Will that do what you need?
The default appears to be 128 bits, but I would not assume that all JVM's use the same default, or that it will always be the default.
KeyGenerator has several init() methods; you should call one of them before generating a key. The Javadoc for KeyGenerator specifies that in case you do not call one of the init() method, then "each provider must supply (and document) a default initialization."
So this is provider-specific. Since you initialize the key generator with the "AES" algorithm name, one may assume that you will get a key with a size suitable for AES, i.e. 128, 192 or 256 bits (16, 24 and 32 bytes, respectively). But which one you get is up to the actual provider, which may depend upon the JVM and possibly its configuration.