aspose file tools*
The moose likes Security and the fly likes Invalid  Key Lenght Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Invalid  Key Lenght" Watch "Invalid  Key Lenght" New topic
Author

Invalid Key Lenght

Andrew Prinoli
Greenhorn

Joined: Jan 11, 2007
Posts: 22
Hi guys...
I'm implementing a quite simple cryptographic algorithm , but I keep
on getting this exception :
java.security.InvalidKeyException: Invalid key length: 444 bytes
at com.sun.crypto.provider.DESCipher.engineGetKeySize(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
Please note that I have JCE working correctly..
Now I'll post and explain my code :

I have a byte[] buffer , which lengh is 304 bytes.
I have a Certificate retrieved from local keystore ,from which I get
corresponding PublicKey.
Then I retrieve Private Key from same keystore (passing a password)
I have to create the digital signature of that buffer (and it works
correctly) :

PrivateKey priv = sp.getPrivate();
Signature sig = Signature.getInstance(priv.getAlgorithm());//create a
Signature instance
sig.initSign(priv);
sig.update(BIGBUFFER, 0, BIGBUFFER.length);
byte[] C_FINAL=sig.sign();//returns the signature result in a byte
array

In the second part of the algorithm I have to encrypt the byte[] array
C_FINAL , using the PUBLIC KEY ..... but while executing the following
code I get the InvalidKeyException

Cipher CPHR = Cipher.getInstance("DES/ECB/PKCS5Padding");
Certicate id=sp.getId();//retrieve certificate from another class
PublicKey PUB_KEY=id.getPublicKey();//retrieve public key from
certificate

CPHR.init(Cipher.ENCRYPT_MODE, PUB_KEY);//this line throws the
exception....

C_FINAL = CPHR.doFinal(C_FINAL);

Please,anybody knows how to solve this problem..?
Thanks a lot guys...
bye
Kai Witte
Ranch Hand

Joined: Jul 17, 2004
Posts: 356
hello,

maybe the allowed key length is limited unless you install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files (also available for 1.6). All I know for sure is that the length for PBE algorithms (like PBEWithMD5AndDES) is limited to 7 without that extension.

Kai
[ March 06, 2007: Message edited by: Kai Witte ]

Kai Witte's business website Kai Witte's private homepage
greg stark
Ranch Hand

Joined: Aug 10, 2006
Posts: 220
You are trying to use a public key where a symmetric key is needed. This doesn't make any sense. Please examine some primer material on crypto; some of these links may help.
http://en.wikipedia.org/wiki/Symmetric_key
http://en.wikipedia.org/wiki/Public_key_cryptography


Nice to meet you.
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
 
subject: Invalid Key Lenght