jQuery in Action, 2nd edition
The moose likes Security and the fly likes Invalid Key Lenght Big Moose Saloon
  Search | Java FAQ | Recent Topics
Register / Login
JavaRanch » Java Forums » Engineering » Security
Reply Bookmark "Invalid Key Lenght" Watch "Invalid Key Lenght" New topic
Author

Invalid Key Lenght

Andrew Prinoli
Greenhorn

Joined: Jan 11, 2007
Posts: 22
posted private message
0
Quote
Hi guys...
I'm implementing a quite simple cryptographic algorithm , but I keep
on getting this exception :
java.security.InvalidKeyException: Invalid key length: 444 bytes
at com.sun.crypto.provider.DESCipher.engineGetKeySize(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
Please note that I have JCE working correctly..
Now I'll post and explain my code :

I have a byte[] buffer , which lengh is 304 bytes.
I have a Certificate retrieved from local keystore ,from which I get
corresponding PublicKey.
Then I retrieve Private Key from same keystore (passing a password)
I have to create the digital signature of that buffer (and it works
correctly) :

PrivateKey priv = sp.getPrivate();
Signature sig = Signature.getInstance(priv.getAlgorithm());//create a
Signature instance
sig.initSign(priv);
sig.update(BIGBUFFER, 0, BIGBUFFER.length);
byte[] C_FINAL=sig.sign();//returns the signature result in a byte
array

In the second part of the algorithm I have to encrypt the byte[] array
C_FINAL , using the PUBLIC KEY ..... but while executing the following
code I get the InvalidKeyException

Cipher CPHR = Cipher.getInstance("DES/ECB/PKCS5Padding");
Certicate id=sp.getId();//retrieve certificate from another class
PublicKey PUB_KEY=id.getPublicKey();//retrieve public key from
certificate

CPHR.init(Cipher.ENCRYPT_MODE, PUB_KEY);//this line throws the
exception....

C_FINAL = CPHR.doFinal(C_FINAL);

Please,anybody knows how to solve this problem..?
Thanks a lot guys...
bye
Kai Witte
Ranch Hand

Joined: Jul 17, 2004
Posts: 354
posted private message
0
Quote
hello,

maybe the allowed key length is limited unless you install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files (also available for 1.6). All I know for sure is that the length for PBE algorithms (like PBEWithMD5AndDES) is limited to 7 without that extension.

Kai
[ March 06, 2007: Message edited by: Kai Witte ]
Kai Witte's business website Kai Witte's private homepage Mock exam / preparation kit reviews
greg stark
Ranch Hand

Joined: Aug 10, 2006
Posts: 220
posted private message
0
Quote
You are trying to use a public key where a symmetric key is needed. This doesn't make any sense. Please examine some primer material on crypto; some of these links may help.
http://en.wikipedia.org/wiki/Symmetric_key
http://en.wikipedia.org/wiki/Public_key_cryptography

Nice to meet you.
 
I agree. Here's the link: http://ej-technologies/jprofiler - if it wasn't for jprofiler, we would need to run our stuff on 16 servers instead of 3.
 
subject: Invalid Key Lenght
 
Similar Threads
Certificate not accepted in JRE 1.4.2
Return Token with Private/Public keys
Problem in getting decrypted data from MySql Database
need help abt 64 encoder/decoder
PKCS12 - Different resutls on JDK1.4 and JDK 1.5 and above