Problems with PasswordBasedEncryption [PBE] InvalidKeyException
Hello everybody,
I have some problems with password based encryption.
Before I change the unrestricted policy files from JDK I get this Exception:
java.security.InvalidKeyException: Invalid key length: 10 bytes
After I change the policy files I get following Exception:
java.security.InvalidKeyException: Wrong algorithm: DESede or TripleDES required.
Please, can somebody me explain my why this two different exception messages occurs?
And the SecretKey has a strange behavior. When I instantiate a SecretKeyFactory with the the algorithm "PBEWithMD5AndTripleDES" then its only create a SecretKey with this algorithm "PBEWithMD5AndDES".
Maybe this is the problem of the second exception. But I don't know why!
Here is my code and that you can understand the problem better and why it's occurs.
publicclass Crypter{
privatestaticfinal String DES ="DES";
privatestaticfinal String TRIPLE_DES ="DESede";
privatestaticfinal String PBE_WITH_MD5_AND_DES ="PBEWithMD5AndDES";
privatestaticfinal String PBE_WITH_MD5_AND_TRIPLE_DES ="PBEWithMD5AndTripleDES";
privatestaticfinalbyte[] SALT =newbyte[]{ (byte) 0xA2, (byte) 0x15,
(byte) 0x37, (byte) 0x07, (byte) 0xCB, (byte) 0x62, (byte) 0xC1,
(byte) 0xD3, (byte) 0xF8, (byte) 0xF1, (byte) 0x97, (byte) 0xDF,
(byte) 0xD0, (byte) 0x13, (byte) 0x4F, (byte) 0x79, (byte) 0x01,
(byte) 0x67, (byte) 0x7A, (byte) 0x85, (byte) 0x94, (byte) 0x16,
(byte) 0x31, (byte) 0x92};
privatestaticfinalint ITERATION_COUNT = 20;
privatestaticfinalbyte[] MY_IV ={ (byte) 50, (byte) 51, (byte) 52,
(byte) 53, (byte) 54, (byte) 55, (byte) 56, (byte) 57};
private SecretKeyFactory keyFac =null;
private Cipher pbeCipher =null;
private PBEParameterSpec pbeParamSpec =null;
public Crypter (){
Security.addProvider(new com.sun.crypto.provider.SunJCE());
try{
this.keyFac = SecretKeyFactory
.getInstance(PBE_WITH_MD5_AND_TRIPLE_DES);
this.pbeCipher = Cipher.getInstance(TRIPLE_DES
+"/CBC/PKCS5Padding");
this.pbeParamSpec =new PBEParameterSpec(SALT, ITERATION_COUNT);
}catch (NoSuchAlgorithmException e){
e.printStackTrace();
}catch (NoSuchPaddingException e){
e.printStackTrace();
}
}
public String decryptURL(String keyPwd, String toDecrypt){
String result ="";
try{
byte[] decryptByte =new BASE64Decoder().decodeBuffer(toDecrypt);
// Initialize SecretKey
PBEKeySpec pbeKeySpec = this.getKeySpec(keyPwd);
SecretKey pbeKey = this.keyFac.generateSecret(pbeKeySpec);
IvParameterSpec ivspec =new IvParameterSpec(MY_IV);
// Print some debug statements
System.out.println("Keylength is " + pbeKeySpec.getKeyLength());
// Keylength is 0
System.out.println("KeyFactory algorythm is "+ this.keyFac.getAlgorithm());
// KeyFactory algorythm is PBEWithMD5AndTripleDES
System.out.println("SecretKey algorythm is "+ pbeKey.getAlgorithm());
// SecretKey algorythm is PBEWithMD5AndDES
System.out.println("Cipher algorythm is "+ pbeCipher.getAlgorithm());
// Cipher algorythm is DESede/CBC/PKCS5Padding
// Initialize PBE Cipher with key and parameters
this.pbeCipher.init(Cipher.DECRYPT_MODE, pbeKey, ivspec);
// decrypt the encrypted text
byte[] ciphertext = pbeCipher.doFinal(decryptByte);
String url =new String(ciphertext);
result = URLDecoder.decode(url,"UTF-8");
System.out.println(result);
}catch (Exception e){
e.printStackTrace();
}
return result;
}
private PBEKeySpec getKeySpec(String keyPwd){
char[] keyPwdBuf =newchar[keyPwd.length()];
keyPwd.getChars(0, keyPwd.length(), keyPwdBuf, 0);
PBEKeySpec pbeKeySpec =new PBEKeySpec(keyPwdBuf);
return pbeKeySpec;
}
}
Please, can somebody help me and explain me this behavior? Maybe I have a big bug in my code and I don't see him.
Thx a lot.
Regards Alex
