InvalidKeyException: Illegal key size
Hello
I try to encrypt a string
public String doEncreption(String inStr)
{
String retStr="";
byte[] input =inStr.getBytes();
byte[] keyBytes =newbyte[]{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
0x09,0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12,
0x13, 0x14, 0x15, 0x16, 0x17};
Security.addProvider(new BouncyCastleProvider());
try
{
Key key =new SecretKeySpec( keyBytes,"AES" );
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS7Padding","BC");
cipher.init( Cipher.ENCRYPT_MODE, key );
byte[] cipherText =newbyte[cipher.getOutputSize(input.length)];
int ctLength = cipher.update(input, 0, input.length, cipherText, 0);
ctLength += cipher.doFinal(cipherText, ctLength);
retStr =new String(cipherText);
}catch(Exception ex){
ex.printStackTrace();
}
return retStr;
}
// I becom an Exception
java.security.InvalidKeyException: Illegal key size ordefault parameters
at javax.crypto.Cipher.a(DashoA13*..)
at javax.crypto.Cipher.init(DashoA13*..)
at javax.crypto.Cipher.init(DashoA13*..)
I use Jdk 1.6
what is wrong ?
thanks in advance
I had the similiar problem...I solved it by downloading the Unrestricted Policy Files from JDK Distribution Center.P. S. At least I think this is the solution to your problem, too.Regards.null
the secutriy folder can not be founded
1. I have downloadthe unlimited strength JCE policy files
2.Uncompress and extract the downloaded file.
README.txtThis file
COPYRIGHT.htmlCopyright information
local_policy.jarUnlimited strength local policy file
US_export_policy.jar Unlimited strength US export policy file
3. I want to place the jars in<java-home>/lib/security
4.cd <java-home>/lib
5I can not find the securiuty folder
who can one place the jars ?
thanks
If you are working on Windows then you will also need to place the jar files in the JRE lib/security folder. This is normally located somewhere like c:\Program Files\Java\jrexxx.
Surely you can find the Java installation?
ejpa at 2007-7-14 22:08:05 >
ok I found it in /usr/lib/jvm/jre-1.6.0/lib/security local_policy.jarUS_export_policy.jarbut anyway I becom the same exception!!!
> ok I found it in
>
>/usr/lib/jvm/jre-1.6.0/lib/security
>local_policy.jar
>US_export_policy.jar
> ay I becom the same exception!!!
You still have not properly installed the unlimited streangth policy files.
Your code does not throw an exception for me BUT that the line
retStr = new String(cipherText);
will cause you problems when you come to decrypt and the line
byte[] input =inStr.getBytes();
may cause you problems if you transfer the result between computers that have a different default character encoding.
Where does
'which java'
say your Java executable is?
> anybody ?You are lucky to find anyone here on a Sunday morning! I am just waiting for a call to go to help clear up after yesterday's washed out and blown out fete.
I do that for a web application and I use jdk1.6again the problem I want to store the givin password from user in encrypted in MySQL db my be you have an example ?thanks
> I do that for a web application and I use jdk1.6
But what does
which java
say you are using and what does
java -version
say you are using.
Also, in your web application, what do System.out.println(System.getProperty("java.version"));
System.out.println(System.getProperty("java.home"));
print out.
>
> again the problem
>
> I want to store the givin password from user in
> encrypted in MySQL db
>
> my be you have an example ?
I have posted several. They can't be that difficult to find.
java version "1.6.0-beta2"
> java version "1.6.0-beta2"
Assuming this comes from
System.out.println(System.getProperty("java.version"));
System.out.println(System.getProperty("java.home"));
then you have not installed the unlimited strength policy files!
System.out.println(System.getProperty("java.version")); >>>> 1.6.0-beta2
System.out.println(System.getProperty("java.home")); >>>> /usr/lib/jdk1.6.0/jre
please inform me who to install unlimited strength policy files!
also I have download the required jars
thanks
> System.out.println(System.getProperty("java.version"))
> ; >>>> 1.6.0-beta2
>
> ystem.out.println(System.getProperty("java.home"));
> >>>> /usr/lib/jdk1.6.0/jre
In reply 6 you said that you were using the JRE in
/usr/lib/jvm/jre-1.6.0/lib/security
but you are not! You obvously need to install the policy files in
/usr/lib/jdk1.6.0/jre/lib/security
since that is the lib/security of the JVM that you are using!
also I have copy the complete folder security
from /usr/lib/jvm/jre-1.6.0/lib/security
to /usr/lib/jdk1.6.0/jre/lib
cdsecurity
cacerts java.security
local_policy.jarjava.policy
javaws.policy US_export_policy.jar
but anyway the exception will be thrown
I dont understand why
thanks
> also I have copy the complete folder security
>
> from /usr/lib/jvm/jre-1.6.0/lib/security
>
> to /usr/lib/jdk1.6.0/jre/lib
Why the ****?
My advice - uninstall ALL your JDK1.6 then re-install jdk1.6 once and then install the policy files. Don't try and bodge it. Do it properly.
Then, get your server going again and check that it is using the correct JRE.
I did allm this steps bur anyway exceptionwill be thrownthere is other way to encrypt passwords to store it in DB ?thanks
> I did allm this steps > > bur anyway exceptionwill be thrownSorry but you can't have! Appart from the problem you are going to have using toString(encryptedBytes) you code works.Fix your configuration error.
please what yopu mean ?
here is the code
[cod]
public static String getEnCodedString(String inStr)
{
String retStr="";
byte[] input =inStr.getBytes();
byte[] keyBytes = new byte[] { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17};
Security.addProvider(new BouncyCastleProvider());
try
{
Key key = new SecretKeySpec( keyBytes, "AES" );
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS7Padding","BC");
cipher.init( Cipher.ENCRYPT_MODE, key );
byte[] cipherText = new byte[cipher.getOutputSize(input.length)];
int ctLength = cipher.update(input, 0, input.length, cipherText, 0);
ctLength += cipher.doFinal(cipherText, ctLength);
retStr = new String(cipherText);
}
catch(Exception ex){ex.printStackTrace();}
return retStr;
}
[/code]
thanks
please what yopu mean ?
here is the code
public static String getEnCodedString(String inStr)
{
String retStr="";
byte[] input =inStr.getBytes();
byte[] keyBytes = new byte[] { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17};
Security.addProvider(new BouncyCastleProvider());
try
{
Key key = new SecretKeySpec( keyBytes, "AES" );
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS7Padding","BC");
cipher.init( Cipher.ENCRYPT_MODE, key );
byte[] cipherText = new byte[cipher.getOutputSize(input.length)];
int ctLength = cipher.update(input, 0, input.length, cipherText, 0);
ctLength += cipher.doFinal(cipherText, ctLength);
retStr = new String(cipherText);
}
catch(Exception ex){ex.printStackTrace();}
return retStr;
}
thanks
> please what yopu mean ?
As I explained earlier, this line
retStr = new String(cipherText);
will cause problems and this line
byte[] input =inStr.getBytes();
may cause you problems.
BUT, first fix your configuration error by correctly installing the unlimited strength policy files.
>> please what yopu mean
Try the following
byte [] b1 = new byte[]{(byte) 0x80};
String s1 = new String(b1, "US-ASCII");
byte [] newb1 = s1.getBytes("US-ASCII");
if (! java.util.Arrays.equals(b1, newb1))
{
System.out.println("I guess there are some bytes that cannot be made into characters");
}
