This week's book giveaway is in the OCAJP 8 forum.
We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line!
See this thread for details.
The moose likes Security and the fly likes Invalid  Key Lenght Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of OCA Java SE 8 Programmer I Study Guide this week in the OCAJP 8 forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "Invalid  Key Lenght" Watch "Invalid  Key Lenght" New topic

Invalid Key Lenght

Andrew Prinoli

Joined: Jan 11, 2007
Posts: 22
Hi guys...
I'm implementing a quite simple cryptographic algorithm , but I keep
on getting this exception : Invalid key length: 444 bytes
at com.sun.crypto.provider.DESCipher.engineGetKeySize(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
Please note that I have JCE working correctly..
Now I'll post and explain my code :

I have a byte[] buffer , which lengh is 304 bytes.
I have a Certificate retrieved from local keystore ,from which I get
corresponding PublicKey.
Then I retrieve Private Key from same keystore (passing a password)
I have to create the digital signature of that buffer (and it works
correctly) :

PrivateKey priv = sp.getPrivate();
Signature sig = Signature.getInstance(priv.getAlgorithm());//create a
Signature instance
sig.update(BIGBUFFER, 0, BIGBUFFER.length);
byte[] C_FINAL=sig.sign();//returns the signature result in a byte

In the second part of the algorithm I have to encrypt the byte[] array
C_FINAL , using the PUBLIC KEY ..... but while executing the following
code I get the InvalidKeyException

Cipher CPHR = Cipher.getInstance("DES/ECB/PKCS5Padding");
Certicate id=sp.getId();//retrieve certificate from another class
PublicKey PUB_KEY=id.getPublicKey();//retrieve public key from

CPHR.init(Cipher.ENCRYPT_MODE, PUB_KEY);//this line throws the


Please,anybody knows how to solve this problem..?
Thanks a lot guys...
Kai Witte
Ranch Hand

Joined: Jul 17, 2004
Posts: 356

maybe the allowed key length is limited unless you install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files (also available for 1.6). All I know for sure is that the length for PBE algorithms (like PBEWithMD5AndDES) is limited to 7 without that extension.

[ March 06, 2007: Message edited by: Kai Witte ]

Kai Witte's business website Kai Witte's private homepage
greg stark
Ranch Hand

Joined: Aug 10, 2006
Posts: 220
You are trying to use a public key where a symmetric key is needed. This doesn't make any sense. Please examine some primer material on crypto; some of these links may help.

Nice to meet you.
I agree. Here's the link:
subject: Invalid Key Lenght
It's not a secret anymore!