Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Problems using JCE AES

31 views
Skip to first unread message

Pep

unread,
Jul 6, 2006, 8:03:03 AM7/6/06
to
I am trying to use AES encryption with a 256 bit key but using the following
code I keep getting this error message

Error Illegal key size or default parameters

from the line

AesCipher.init(Cipher.ENCRYPT_MODE, KeySpec);

This is the code
=========================================================================
package testaes;

import java.security.*;
import javax.crypto.*;
import javax.crypto.spec.*;
import java.io.*;

public class Main
{

public Main(String[] args)
{
try
{
// get key generator using the default provider
Cipher AesCipher = Cipher.getInstance("AES/CBC/PKCS5Padding");

// 256 length key
byte[] keyBytes = {
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb,
(byte)0xbb
};

SecretKeySpec KeySpec = new SecretKeySpec(keyBytes, "AES");
AesCipher.init(Cipher.ENCRYPT_MODE, KeySpec);

byte[] CipherText;
String PlainText = args[0];
CipherText = AesCipher.doFinal(PlainText.getBytes());

System.out.println("The encrypted text is [" + CipherText + "]");
}
catch (Throwable e)
// show what went wrong and tie it up with a usage display if we have one
{
System.out.println("Error " + e.getMessage());
e.printStackTrace();
}

}

public static void main(String[] args)
{
try
{
System.out.println("Encrypting [" + args[0] + "]");
Main testAES = new Main(args);
}
catch (Throwable e)
{
System.out.println("Error " + e.getMessage());
e.printStackTrace();
}

}

}
=========================================================================

So how can I specify the key length?

The java version I am using is

Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_04-b05)
Java HotSpot(TM) Server VM (build 1.5.0_04-b05, mixed mode)

TIA,
Pep.

Daniel Dyer

unread,
Jul 6, 2006, 8:45:47 AM7/6/06
to
On Thu, 06 Jul 2006 13:03:03 +0100, Pep <p...@nowhere.com> wrote:

> I am trying to use AES encryption with a 256 bit key but using the
> following
> code I keep getting this error message
>
> Error Illegal key size or default parameters

You need to download the unlimited strength cryptography policies from Sun
before you can use key lengths greater than 128 bits. This is something
to do with US export restrictions.

Dan.

--
Daniel Dyer
http://www.dandyer.co.uk

Pep

unread,
Jul 6, 2006, 9:06:12 AM7/6/06
to
Daniel Dyer wrote:

Hmm, I've been playing with them but have not yet managed to get them to
work so may have to continue with the default 128 bit key length, which
should be acceptable as that is the standard key strength with ssl.

However, even though I can get the encryption working I now have a problem
in that I cannot decrypt the encrypted string as I get the following error
message

Error Parameters missing
java.security.InvalidKeyException: Parameters missing
at com.sun.crypto.provider.SunJCE_h.a(DashoA12275)
at com.sun.crypto.provider.AESCipher.engineInit(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at testaes.Main.<init>(Main.java:62)
at testaes.Main.main(Main.java:95)

at a additional line of code that is

AesCipher.init(Cipher.DECRYPT_MODE, KeySpec);

Cheers,
Pep.

Daniel Dyer

unread,
Jul 6, 2006, 10:27:24 AM7/6/06
to
On Thu, 06 Jul 2006 14:06:12 +0100, Pep <p...@nowhere.com> wrote:

> Daniel Dyer wrote:
>> You need to download the unlimited strength cryptography policies from
>> Sun
>> before you can use key lengths greater than 128 bits. This is something
>> to do with US export restrictions.
>

> Hmm, I've been playing with them but have not yet managed to get them to
> work so may have to continue with the default 128 bit key length, which
> should be acceptable as that is the standard key strength with ssl.

You just have to make sure you drop them into the right directory. On my
Windows machine they have to go here:

C:\Program Files\Java\jdk1.5.0_06\jre\lib\security

> However, even though I can get the encryption working I now have a
> problem
> in that I cannot decrypt the encrypted string as I get the following
> error
> message
>
> Error Parameters missing
> java.security.InvalidKeyException: Parameters missing
> at com.sun.crypto.provider.SunJCE_h.a(DashoA12275)
> at com.sun.crypto.provider.AESCipher.engineInit(DashoA12275)
> at javax.crypto.Cipher.a(DashoA12275)
> at javax.crypto.Cipher.a(DashoA12275)
> at javax.crypto.Cipher.init(DashoA12275)
> at javax.crypto.Cipher.init(DashoA12275)
> at testaes.Main.<init>(Main.java:62)
> at testaes.Main.main(Main.java:95)
>
> at a additional line of code that is
>
> AesCipher.init(Cipher.DECRYPT_MODE, KeySpec);

If you change your AES configuration to use ECB mode instead of CBC, it
will work. However, this may not be what you want to do because there are
downsides to using this mode instead of CBC.

I think your problem has something to do with your choice of key class,
you need to provide parameters (an initialisation vector I think, but I'm
no expert on this stuff). I've copied this post to
comp.lang.java.security and set follow-ups to there. The people should be
able to give you better advice.

Pep

unread,
Jul 10, 2006, 6:48:09 AM7/10/06
to
Daniel Dyer wrote:

Hey Dan,
Thanks for pointing me to the comp.lang.java.security ng, I have now solved
the problems I was having with the help of Jan Peter Stotz.

Thanks again,
Pep.

0 new messages