• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Exception in thread "main" java.security.InvalidKeyException:

 
Ranch Hand
Posts: 32
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Guys

I'm trying to implement AES 256 getting following exception.
same code is working fine for AES-128.Can any one please suggest me what to do?



Exception in thread "main" java.security.InvalidKeyException: Illegal key size or default parameters
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at com.mytestapp.EncryptTest.main(EncryptTest.java:28)
 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
What length does the key have? For AES-256 it needs to be 256 bits = 32 bytes.
 
Tuna Jen
Ranch Hand
Posts: 32
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Dittmer

Thanks for replying.

can you please tell me how to proceed further?


Thanks
 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Um, if you have code that works fine using 16 byte keys, then it can't be very hard to alter that to use 32 byte keys, can it? Do you understand what the key is in a cryptographic algorithm, and how it is used in JCE?
 
Tuna Jen
Ranch Hand
Posts: 32
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Ulf

Actually first time i'm trying to implement AES-128/AES-256.I don't have much idea on it.

Following sample code i'm using which is working fine for AES-128 for testing purpose.If following will work for AES-256 then only i can go for real implement.

Please Help me out to resolve this issue.

package com.mytestapp;

import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;


public class EncryptTest {

public EncryptTest()
{

}
public static void main(String[] args) throws Exception
{
KeyGenerator keygen = KeyGenerator.getInstance("AES");
// keygen.init(128); //this works fine!
keygen.init(256); //this breaks!
SecretKey aesKey = keygen.generateKey();
Cipher aesCipher;
aesCipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
aesCipher.init(Cipher.ENCRYPT_MODE, aesKey);

byte[] clearText = "This is an example!".getBytes();

System.out.println("ClearText: "+new String(clearText));

byte[] cipherText = aesCipher.doFinal(clearText);
System.out.println("CipherText: "+new String(cipherText));

aesCipher.init(Cipher.DECRYPT_MODE, aesKey);
byte[] clearTextDecrypt = aesCipher.doFinal(cipherText);
System.out.println("DecryptedText: " + new String(clearTextDecrypt));
boolean equalText = Arrays.equals(clearText, clearTextDecrypt);
if (equalText)
{
System.out.println("String was recovered!");
}
else
{
System.out.println("String was NOT recovered!! Booooooo....");
}
}

}
 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
What does "this breaks" mean? If there is an exception, post it here. My guess would be that you haven't installed the unlimited-strength JCE policy files (which are needed for AES-192 and AES-256); you can download them from the JCE pages at java.sun.com.

(Alternatively, you could use a JCE provider that doesn't require those, like BouncyCastle. But that might be a bit beyond your current comfort zone with regards to JCE.)
 
Tuna Jen
Ranch Hand
Posts: 32
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks for Replying!!!

If i'm using ASE-128 getting following exception

Exception in thread "main" java.security.InvalidKeyException: Illegal key size or default parameters
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at com.mytestapp.EncryptTest.main(EncryptTest.java:28)
else
above code is working fine
 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm getting confused about what is and isn't working. First you said AES-128 was working fine, and AES-256 was throwing an exception. Now AES-128 is throwing an exception, but "above code is working fine"? Something doesn't add up.
 
Tuna Jen
Ranch Hand
Posts: 32
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Sorry for Interruption!!!

while i'm using AES-128 My Above code is working fine

While trying to AES-256 getting following Exception

Exception in thread "main" java.security.InvalidKeyException: Illegal key size or default parameters
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at com.mytestapp.EncryptTest.main(EncryptTest.java:28


Thanks

 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
So have you, or have you not, installed the unlimited-strength policy files by now? Or did you do that before already, and this exception is happening regardless?
 
Tuna Jen
Ranch Hand
Posts: 32
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Ulf

D:\jdk1.5.0_03\jre\lib\security contains US_export_policy.jar & local_policy.jar.

still i have downloaded JCE file.

I don't know how to use?

Pleasesuggest me....
 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The README.txt file that's part of the download contains detailed instructions on how to install those files.
 
Tuna Jen
Ranch Hand
Posts: 32
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi ULF

I gone through readme file. I am not clear in Step -3 which is

3) Install the unlimited strength policy JAR files.

To utilize the encryption/decryption functionalities of the JCE framework without any limitation, first make a copy of the original JCE policy files (US_export_policy.jar, local_policy.jar in the standard place for JCE jurisdiction policy JAR files) in case you later decide to revert to these "strong" versions. Then replace the strong policy files with the unlimited strength versions extracted in the previous step.
The standard place for JCE jurisdiction policy JAR files is:

<java-home>/lib/security [Solaris]
<java-home>\lib\security [Win32]

But i am using windows XP OS.

Do i need to set the CLASS PATH for this?
Do i need to copy both jar file in <java-home>\lib\ directory


Thanks




 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator


<java-home>\lib\security [Win32]

But i am using windows XP OS.


"Win32" is a catch-all phrase for 32 bit Windows operating systems. That's all of them starting with NT (so it includes XP).

Do i need to set the CLASS PATH for this?


The instructions don't mention anything about classpaths, so, no.

Do i need to copy both jar file in <java-home>\lib\ directory


The instructions say:

Then replace the strong policy files with the unlimited strength versions extracted in the previous step.


Since there are only two files, that means all of them. :-)
 
Tuna Jen
Ranch Hand
Posts: 32
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks lot ULF

Any how after struggling lot Now i am able to implement AES-256 for same application.

Thanks for your guidiance,support,and co-operation.

 
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have generated key using ECDH algorithm and when i used this key for AES encryption,i am getting following errors,i am using Bouncy castle jdk1.6 package....

aShared: 199694d7f0cf0867e4843ffb89e8181cd6b5922e7d68472b32adb5ff68df4dc4
Exception in thread "main" java.security.InvalidKeyException: Illegal key size or default parameters
bShared: 199694d7f0cf0867e4843ffb89e8181cd6b5922e7d68472b32adb5ff68df4dc4
at javax.crypto.Cipher.a(DashoA13*..)
at javax.crypto.Cipher.init(DashoA13*..)
at javax.crypto.Cipher.init(DashoA13*..)
at BasicECDHExample.main(BasicECDHExample.java:75)
Java Result: 1

How should i solve this errors....

Regards
krishna
 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I don't know what ECDH is, but for AES you need AES keys.
 
krishna reddy kalluri
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi,
when i am using key size of 128 bits for AES i am getting out put...but when i used 192,256 bit key i am getting illegal key size.. i am working in (IDE) NETBEANS.I have downloaded unlimited jurisdiction policy files and added to my library but still i am getting invalid key size... how to solve this... i am using(bouncycastle jdk1.6 package).

Exception in thread "main" java.security.InvalidKeyException: Illegal key size
at javax.crypto.Cipher.a(DashoA13*..)
at javax.crypto.Cipher.init(DashoA13*..)
 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Post a relevant excerpt of the code you're using. Be sure to UseCodeTags when you do so.
 
krishna reddy kalluri
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Actually ecdh is a elliptic curve diffie hellman method of key generation.I have generated 256bit key and used AES for encryption,so i am getting illegal key usage.
 
krishna reddy kalluri
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi here is the code.....





import java.security.Security;
import javax.crypto.spec.SecretKeySpec;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;


import javax.crypto.KeyAgreement;


public class BasicECDHExample {

public static void main(
String[] args)
throws Exception {
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
byte[] input = new byte[] { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f };
//key generated by ecdh
byte[] key1 = new byte[] { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e};
byte[] ivBytes = new byte[] {
0x00, 0x01, 0x02, 0x03, 0x00, 0x01, 0x02, 0x03,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 };

System.out.println("input: "+getHexString(input));
Cipher cipher = Cipher.getInstance("AES/CTR/NoPadding", "BC");




// encryption step
SecretKeySpec key = new SecretKeySpec(key1,"AES");
IvParameterSpec ivSpec = new IvParameterSpec(ivBytes);

//SecretKeySpec key1 = new SecretKeySpec(key,"AES");

cipher.init(Cipher.ENCRYPT_MODE,key,ivSpec,sr);

byte[] cipherText = cipher.doFinal(input);
System.out.println("cipher: "+getHexString(cipherText));
// decryption step

cipher.init(Cipher.DECRYPT_MODE, key,ivSpec);

byte[] plainText = cipher.doFinal(cipherText);


System.out.println("plain : "+getHexString(plainText));
}

public static String getHexString(byte[] b) throws Exception {
String result = "";
for (int i = 0; i < b.length; i++) {
result +=
Integer.toString((b[i] & 0xff) + 0x100, 16).substring(1);
}
return result;
}
}
 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Please edit your post to UseCodeTags. It's unnecessarily hard to read the code as it is, making it less likely that people will bother to do so.

"key1" has 30 bytes = 240 bits. That's not a valid key size for AES.
 
krishna reddy kalluri
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator


hi, even when i used a valid key of 192 bit or 256 bits i am getting error as invalid key size....
code:
byte[] key1 = new byte[] { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08};

error

Exception in thread "main" java.security.InvalidKeyException: Illegal key size
at javax.crypto.Cipher.a(DashoA13*..)
at javax.crypto.Cipher.init(DashoA13*..)



 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Not sure what's going on - the code doesn't compile:


BasicECDHExample.java:32: cannot find symbol
symbol : variable sr
location: class BasicECDHExample
cipher.init(Cipher.ENCRYPT_MODE,key,ivSpec,sr);

 
krishna reddy kalluri
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
sr is secured random variable generator. remove the sr.. ie

cipher.init(Cipher.ENCRYPT_MODE,key,ivSpec);
then see whether it works for 192 0r 256 bit key.

 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Yes, it works fine.

What do you mean by "I have downloaded unlimited jurisdiction policy files and added to my library" - where did you put those files?
 
krishna reddy kalluri
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
i have downloaded unlimited jurisdiction policy files which are jar files and i have added in my project library files in NETBEANS....
 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
That's not how you install them - the process is described in the documentation that comes with the download.
 
krishna reddy kalluri
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I got it ,its working fine........... thank you very much Ulf
 
reply
    Bookmark Topic Watch Topic
  • New Topic