Win a copy of Rust Web Development this week in the Other Languages forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Tim Cooke
  • Campbell Ritchie
  • Ron McLeod
  • Liutauras Vilda
  • Jeanne Boyarsky
Sheriffs:
  • Junilu Lacar
  • Rob Spoor
  • Paul Clapham
Saloon Keepers:
  • Tim Holloway
  • Tim Moores
  • Jesse Silverman
  • Stephan van Hulst
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Piet Souris
  • Frits Walraven

java.security.InvalidKeyException: Invalid AES key length: 8 bytes

 
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,
For below code I am getting java.security.InvalidKeyException: Invalid AES key length: 8 bytes error.
public Message addUserTokens(SOAPEnvelope unsignedEnvelope)
throws Exception
{
// Get the message as document
Document doc = unsignedEnvelope.getAsDocument();

String username = "sdbrown";
String password = "changeit";
byte[] key = password.getBytes();
String idValue = "PayxRSTAuthN";
// Add the UserNameToken.
WSSAddUsernameToken usrNameToken = new WSSAddUsernameToken("", false);
// usrNameToken.setPasswordType(WSConstants.PASSWORD_TEXT);
usrNameToken.setPasswordType(WSConstants.PW_TEXT);

usrNameToken.build(doc, username, password);
usrNameToken.setId(idValue);
// Add an Id to it.
Element usrEle = (Element) (doc.getElementsByTagNameNS(
WSConstants.WSSE_NS, "UsernameToken").item(0));


Reference ref = new Reference(doc);
ref.setURI("#" + idValue);
ref.setValueType("UsernameToken");

SecurityTokenReference secRef = new SecurityTokenReference(doc);

secRef.setReference(ref);

// adding the namespace
WSSecurityUtil.setNamespace(secRef.getElement(), WSConstants.WSSE_NS,
WSConstants.WSSE_PREFIX);
serialize(doc, System.out);

WSEncryptBody wsEncrypt = new WSEncryptBody();

// Setting necessary parameters in WSEncryptBody.
wsEncrypt.setKeyIdentifierType(WSConstants.EMBED_SECURITY_TOKEN_REF);
wsEncrypt.setSecurityTokenReference(secRef);


wsEncrypt.setKey(key);

// Encrypt using the using the key
Document encDoc = wsEncrypt.build(doc, crypto);

Message signedMsg = (Message) toSOAPMessage(encDoc);

return signedMsg;
}

----------------------------
org.apache.ws.security.WSSecurityException: Cannot encrypt/decrypt data; nested exception is:
org.apache.xml.security.encryption.XMLEncryptionException: Invalid AES key length: 8 bytes
Original Exception was java.security.InvalidKeyException: Invalid AES key length: 8 bytes
at org.apache.ws.security.message.WSEncryptBody.doEncryption(WSEncryptBody.java:545)
at org.apache.ws.security.message.WSEncryptBody.buildEmbedded(WSEncryptBody.java:607)
at org.apache.ws.security.message.WSEncryptBody.build(WSEncryptBody.java:298)
at com.paychex.ws.ana.handler.client.WSSecurityClient.addUserTokens(WSSecurityClient.java:318)
at com.paychex.ws.ana.handler.client.WSSecurityClient.main(WSSecurityClient.java:94)
Caused by: org.apache.xml.security.encryption.XMLEncryptionException: Invalid AES key length: 8 bytes
Original Exception was java.security.InvalidKeyException: Invalid AES key length: 8 bytes
at org.apache.xml.security.encryption.XMLCipher.encryptData(Unknown Source)
at org.apache.xml.security.encryption.XMLCipher.encryptElementContent(Unknown Source)
at org.apache.xml.security.encryption.XMLCipher.doFinal(Unknown Source)
at org.apache.ws.security.message.WSEncryptBody.doEncryption(WSEncryptBody.java:543)
... 4 more
 
Rancher
Posts: 1337
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
8 bytes would imply a 64-bit key - but there's no such mode in AES. Try a 16 byte key for AES-128.

Also, you should always specify an encoding when using String.getBytes. It's just dangerous practice not to do that; don't get in the habit.
 
Ranch Hand
Posts: 2198
1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi!
Lester is correct, there is a minimum key length of 128 bits (16 bytes).
I just want to add a link to an article which can give some more details on AES key lengths: http://en.wikipedia.org/wiki/Advanced_Encryption_Standard
If you want to learn some more about cryptography use in Java, I would like to recommend the excellent book "Beginning Cryptography with Java".
Best wishes!
 
You showed up just in time for the waffles! And this tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
reply
    Bookmark Topic Watch Topic
  • New Topic