File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Security and the fly likes Exception in thread Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "Exception in thread "main" java.security.InvalidKeyException:" Watch "Exception in thread "main" java.security.InvalidKeyException:" New topic
Author

Exception in thread "main" java.security.InvalidKeyException:

Tuna Jen
Ranch Hand

Joined: Mar 18, 2009
Posts: 32
Hi Guys

I'm trying to implement AES 256 getting following exception.
same code is working fine for AES-128.Can any one please suggest me what to do?



Exception in thread "main" java.security.InvalidKeyException: Illegal key size or default parameters
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at com.mytestapp.EncryptTest.main(EncryptTest.java:28)
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42276
    
  64
What length does the key have? For AES-256 it needs to be 256 bits = 32 bytes.


Ping & DNS - my free Android networking tools app
Tuna Jen
Ranch Hand

Joined: Mar 18, 2009
Posts: 32
Hi Dittmer

Thanks for replying.

can you please tell me how to proceed further?


Thanks
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42276
    
  64
Um, if you have code that works fine using 16 byte keys, then it can't be very hard to alter that to use 32 byte keys, can it? Do you understand what the key is in a cryptographic algorithm, and how it is used in JCE?
Tuna Jen
Ranch Hand

Joined: Mar 18, 2009
Posts: 32
Hi Ulf

Actually first time i'm trying to implement AES-128/AES-256.I don't have much idea on it.

Following sample code i'm using which is working fine for AES-128 for testing purpose.If following will work for AES-256 then only i can go for real implement.

Please Help me out to resolve this issue.

package com.mytestapp;

import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;


public class EncryptTest {

public EncryptTest()
{

}
public static void main(String[] args) throws Exception
{
KeyGenerator keygen = KeyGenerator.getInstance("AES");
// keygen.init(128); //this works fine!
keygen.init(256); //this breaks!
SecretKey aesKey = keygen.generateKey();
Cipher aesCipher;
aesCipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
aesCipher.init(Cipher.ENCRYPT_MODE, aesKey);

byte[] clearText = "This is an example!".getBytes();

System.out.println("ClearText: "+new String(clearText));

byte[] cipherText = aesCipher.doFinal(clearText);
System.out.println("CipherText: "+new String(cipherText));

aesCipher.init(Cipher.DECRYPT_MODE, aesKey);
byte[] clearTextDecrypt = aesCipher.doFinal(cipherText);
System.out.println("DecryptedText: " + new String(clearTextDecrypt));
boolean equalText = Arrays.equals(clearText, clearTextDecrypt);
if (equalText)
{
System.out.println("String was recovered!");
}
else
{
System.out.println("String was NOT recovered!! Booooooo....");
}
}

}
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42276
    
  64
What does "this breaks" mean? If there is an exception, post it here. My guess would be that you haven't installed the unlimited-strength JCE policy files (which are needed for AES-192 and AES-256); you can download them from the JCE pages at java.sun.com.

(Alternatively, you could use a JCE provider that doesn't require those, like BouncyCastle. But that might be a bit beyond your current comfort zone with regards to JCE.)
Tuna Jen
Ranch Hand

Joined: Mar 18, 2009
Posts: 32
Thanks for Replying!!!

If i'm using ASE-128 getting following exception

Exception in thread "main" java.security.InvalidKeyException: Illegal key size or default parameters
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at com.mytestapp.EncryptTest.main(EncryptTest.java:28)
else
above code is working fine
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42276
    
  64
I'm getting confused about what is and isn't working. First you said AES-128 was working fine, and AES-256 was throwing an exception. Now AES-128 is throwing an exception, but "above code is working fine"? Something doesn't add up.
Tuna Jen
Ranch Hand

Joined: Mar 18, 2009
Posts: 32
Sorry for Interruption!!!

while i'm using AES-128 My Above code is working fine

While trying to AES-256 getting following Exception

Exception in thread "main" java.security.InvalidKeyException: Illegal key size or default parameters
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at com.mytestapp.EncryptTest.main(EncryptTest.java:28


Thanks

Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42276
    
  64
So have you, or have you not, installed the unlimited-strength policy files by now? Or did you do that before already, and this exception is happening regardless?
Tuna Jen
Ranch Hand

Joined: Mar 18, 2009
Posts: 32
Hi Ulf

D:\jdk1.5.0_03\jre\lib\security contains US_export_policy.jar & local_policy.jar.

still i have downloaded JCE file.

I don't know how to use?

Pleasesuggest me....
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42276
    
  64
The README.txt file that's part of the download contains detailed instructions on how to install those files.
Tuna Jen
Ranch Hand

Joined: Mar 18, 2009
Posts: 32
Hi ULF

I gone through readme file. I am not clear in Step -3 which is

3) Install the unlimited strength policy JAR files.

To utilize the encryption/decryption functionalities of the JCE framework without any limitation, first make a copy of the original JCE policy files (US_export_policy.jar, local_policy.jar in the standard place for JCE jurisdiction policy JAR files) in case you later decide to revert to these "strong" versions. Then replace the strong policy files with the unlimited strength versions extracted in the previous step.
The standard place for JCE jurisdiction policy JAR files is:

<java-home>/lib/security [Solaris]
<java-home>\lib\security [Win32]

But i am using windows XP OS.

Do i need to set the CLASS PATH for this?
Do i need to copy both jar file in <java-home>\lib\ directory


Thanks




Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42276
    
  64

<java-home>\lib\security [Win32]

But i am using windows XP OS.

"Win32" is a catch-all phrase for 32 bit Windows operating systems. That's all of them starting with NT (so it includes XP).

Do i need to set the CLASS PATH for this?

The instructions don't mention anything about classpaths, so, no.

Do i need to copy both jar file in <java-home>\lib\ directory

The instructions say:
Then replace the strong policy files with the unlimited strength versions extracted in the previous step.

Since there are only two files, that means all of them. :-)
Tuna Jen
Ranch Hand

Joined: Mar 18, 2009
Posts: 32
Thanks lot ULF

Any how after struggling lot Now i am able to implement AES-256 for same application.

Thanks for your guidiance,support,and co-operation.

krishna reddy kalluri
Greenhorn

Joined: Nov 06, 2009
Posts: 8
I have generated key using ECDH algorithm and when i used this key for AES encryption,i am getting following errors,i am using Bouncy castle jdk1.6 package....

aShared: 199694d7f0cf0867e4843ffb89e8181cd6b5922e7d68472b32adb5ff68df4dc4
Exception in thread "main" java.security.InvalidKeyException: Illegal key size or default parameters
bShared: 199694d7f0cf0867e4843ffb89e8181cd6b5922e7d68472b32adb5ff68df4dc4
at javax.crypto.Cipher.a(DashoA13*..)
at javax.crypto.Cipher.init(DashoA13*..)
at javax.crypto.Cipher.init(DashoA13*..)
at BasicECDHExample.main(BasicECDHExample.java:75)
Java Result: 1

How should i solve this errors....

Regards
krishna
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42276
    
  64
I don't know what ECDH is, but for AES you need AES keys.
krishna reddy kalluri
Greenhorn

Joined: Nov 06, 2009
Posts: 8
hi,
when i am using key size of 128 bits for AES i am getting out put...but when i used 192,256 bit key i am getting illegal key size.. i am working in (IDE) NETBEANS.I have downloaded unlimited jurisdiction policy files and added to my library but still i am getting invalid key size... how to solve this... i am using(bouncycastle jdk1.6 package).

Exception in thread "main" java.security.InvalidKeyException: Illegal key size
at javax.crypto.Cipher.a(DashoA13*..)
at javax.crypto.Cipher.init(DashoA13*..)
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42276
    
  64
Post a relevant excerpt of the code you're using. Be sure to UseCodeTags when you do so.
krishna reddy kalluri
Greenhorn

Joined: Nov 06, 2009
Posts: 8
Actually ecdh is a elliptic curve diffie hellman method of key generation.I have generated 256bit key and used AES for encryption,so i am getting illegal key usage.
krishna reddy kalluri
Greenhorn

Joined: Nov 06, 2009
Posts: 8
hi here is the code.....





import java.security.Security;
import javax.crypto.spec.SecretKeySpec;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;


import javax.crypto.KeyAgreement;


public class BasicECDHExample {

public static void main(
String[] args)
throws Exception {
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
byte[] input = new byte[] { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f };
//key generated by ecdh
byte[] key1 = new byte[] { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e};
byte[] ivBytes = new byte[] {
0x00, 0x01, 0x02, 0x03, 0x00, 0x01, 0x02, 0x03,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 };

System.out.println("input: "+getHexString(input));
Cipher cipher = Cipher.getInstance("AES/CTR/NoPadding", "BC");




// encryption step
SecretKeySpec key = new SecretKeySpec(key1,"AES");
IvParameterSpec ivSpec = new IvParameterSpec(ivBytes);

//SecretKeySpec key1 = new SecretKeySpec(key,"AES");

cipher.init(Cipher.ENCRYPT_MODE,key,ivSpec,sr);

byte[] cipherText = cipher.doFinal(input);
System.out.println("cipher: "+getHexString(cipherText));
// decryption step

cipher.init(Cipher.DECRYPT_MODE, key,ivSpec);

byte[] plainText = cipher.doFinal(cipherText);


System.out.println("plain : "+getHexString(plainText));
}

public static String getHexString(byte[] b) throws Exception {
String result = "";
for (int i = 0; i < b.length; i++) {
result +=
Integer.toString((b[i] & 0xff) + 0x100, 16).substring(1);
}
return result;
}
}
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42276
    
  64
Please edit your post to UseCodeTags. It's unnecessarily hard to read the code as it is, making it less likely that people will bother to do so.

"key1" has 30 bytes = 240 bits. That's not a valid key size for AES.
krishna reddy kalluri
Greenhorn

Joined: Nov 06, 2009
Posts: 8


hi, even when i used a valid key of 192 bit or 256 bits i am getting error as invalid key size....
code:
byte[] key1 = new byte[] { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08};

error

Exception in thread "main" java.security.InvalidKeyException: Illegal key size
at javax.crypto.Cipher.a(DashoA13*..)
at javax.crypto.Cipher.init(DashoA13*..)



Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42276
    
  64
Not sure what's going on - the code doesn't compile:

BasicECDHExample.java:32: cannot find symbol
symbol : variable sr
location: class BasicECDHExample
cipher.init(Cipher.ENCRYPT_MODE,key,ivSpec,sr);
krishna reddy kalluri
Greenhorn

Joined: Nov 06, 2009
Posts: 8
sr is secured random variable generator. remove the sr.. ie

cipher.init(Cipher.ENCRYPT_MODE,key,ivSpec);
then see whether it works for 192 0r 256 bit key.

Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42276
    
  64
Yes, it works fine.

What do you mean by "I have downloaded unlimited jurisdiction policy files and added to my library" - where did you put those files?
krishna reddy kalluri
Greenhorn

Joined: Nov 06, 2009
Posts: 8
i have downloaded unlimited jurisdiction policy files which are jar files and i have added in my project library files in NETBEANS....
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42276
    
  64
That's not how you install them - the process is described in the documentation that comes with the download.
krishna reddy kalluri
Greenhorn

Joined: Nov 06, 2009
Posts: 8
I got it ,its working fine........... thank you very much Ulf
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Exception in thread "main" java.security.InvalidKeyException: