File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Security and the fly likes Invalid  Key Lenght Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Invalid  Key Lenght" Watch "Invalid  Key Lenght" New topic

Invalid Key Lenght

Andrew Prinoli

Joined: Jan 11, 2007
Posts: 22
Hi guys...
I'm implementing a quite simple cryptographic algorithm , but I keep
on getting this exception : Invalid key length: 444 bytes
at com.sun.crypto.provider.DESCipher.engineGetKeySize(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
Please note that I have JCE working correctly..
Now I'll post and explain my code :

I have a byte[] buffer , which lengh is 304 bytes.
I have a Certificate retrieved from local keystore ,from which I get
corresponding PublicKey.
Then I retrieve Private Key from same keystore (passing a password)
I have to create the digital signature of that buffer (and it works
correctly) :

PrivateKey priv = sp.getPrivate();
Signature sig = Signature.getInstance(priv.getAlgorithm());//create a
Signature instance
sig.update(BIGBUFFER, 0, BIGBUFFER.length);
byte[] C_FINAL=sig.sign();//returns the signature result in a byte

In the second part of the algorithm I have to encrypt the byte[] array
C_FINAL , using the PUBLIC KEY ..... but while executing the following
code I get the InvalidKeyException

Cipher CPHR = Cipher.getInstance("DES/ECB/PKCS5Padding");
Certicate id=sp.getId();//retrieve certificate from another class
PublicKey PUB_KEY=id.getPublicKey();//retrieve public key from

CPHR.init(Cipher.ENCRYPT_MODE, PUB_KEY);//this line throws the


Please,anybody knows how to solve this problem..?
Thanks a lot guys...
Kai Witte
Ranch Hand

Joined: Jul 17, 2004
Posts: 356

maybe the allowed key length is limited unless you install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files (also available for 1.6). All I know for sure is that the length for PBE algorithms (like PBEWithMD5AndDES) is limited to 7 without that extension.

[ March 06, 2007: Message edited by: Kai Witte ]

Kai Witte's business website Kai Witte's private homepage
greg stark
Ranch Hand

Joined: Aug 10, 2006
Posts: 220
You are trying to use a public key where a symmetric key is needed. This doesn't make any sense. Please examine some primer material on crypto; some of these links may help.

Nice to meet you.
I agree. Here's the link:
subject: Invalid Key Lenght
It's not a secret anymore!