6

I am using AES 256 CBC. I have 32 bytes of IV. But when i run this it shows an exception as:

Exception in thread "main" java.lang.RuntimeException: java.security.InvalidAlgorithmParameterException: Wrong IV length: must be 16 bytes long
    at com.abc.aes265cbc.AESUtil.decrypt(AESUtil.java:50)
    at com.abc.aes265cbc.Security.main(Security.java:48)
Caused by: java.security.InvalidAlgorithmParameterException: Wrong IV length: must be 16 bytes long
    at com.sun.crypto.provider.CipherCore.init(CipherCore.java:430)
    at com.sun.crypto.provider.AESCipher.engineInit(AESCipher.java:217)
    at javax.crypto.Cipher.implInit(Cipher.java:790)
    at javax.crypto.Cipher.chooseProvider(Cipher.java:848)
    at javax.crypto.Cipher.init(Cipher.java:1347)
    at javax.crypto.Cipher.init(Cipher.java:1281)
    at com.abc.aes265cbc.AESUtil.decrypt(AESUtil.java:47)
    ... 1 more

I don't know how to solve this. I searched but I am not getting how to solve this. I am trying security concepts for the first time. My code for the AES 256 CBC is:

 public static void setENCRYPTION_IV(String ENCRYPTION_IV) {
        AESUtil.ENCRYPTION_IV  =   ENCRYPTION_IV;
    }

    public static void setENCRYPTION_KEY(String ENCRYPTION_KEY) {
        AESUtil.ENCRYPTION_KEY  =   ENCRYPTION_KEY;
    }



    public static String encrypt(String src) {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(Cipher.ENCRYPT_MODE, makeKey(), makeIv());
            return Base64.encodeBytes(cipher.doFinal(src.getBytes()));
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static String decrypt(String src) {
        String decrypted = "";
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(Cipher.DECRYPT_MODE, makeKey(), makeIv());
            decrypted = new String(cipher.doFinal(Base64.decode(src)));
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
        return decrypted;
    }

    static AlgorithmParameterSpec makeIv() {
        try {
            return new IvParameterSpec(ENCRYPTION_IV.getBytes("UTF-8"));
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        }
        return null;
    }

    static Key makeKey() {
        try {
            MessageDigest md = MessageDigest.getInstance("SHA-256");
            byte[] key = md.digest(ENCRYPTION_KEY.getBytes("UTF-8"));
            return new SecretKeySpec(key, "AES");
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        }

        return null;
    }

Can you help me that by changing what in this code i will be able to use 32 bytes of IV. Thanks in advance

Edit: My main function to which calls this functions:

 AESUtil.setENCRYPTION_KEY("96161d7958c29a943a6537901ff0e913efaad15bd5e7c566f047412179504ffb");

    AESUtil.setENCRYPTION_IV("d41361ed2399251f535e65f84a8f1c57");
    String decrypted = AESUtil.decrypt(new String(sw0SrUIKe0DmS7sRd9+XMgtYg+BUiAfiOsdMw/Lo2RA=));   // AES Decrypt
Vaibs
  • 1,128
  • 3
  • 16
  • 36
  • Can you provide an [SSCCE](http://sscce.org/) which is compilable and runnable out of the box and shows the issue? (including a main method which demonstrates which methods you call in which order) – Andreas Fester Nov 20 '12 at 06:30
  • What is the reason you want to use 32bytes (256bits)? See my updated answer - for `AES/CBC/PKCS5Padding`, blockLength = key Length = IV length = 128 bit (16 bytes). – Andreas Fester Nov 20 '12 at 07:34
  • I have added my keys value...This will show you the exception which i got. – Vaibs Nov 20 '12 at 08:59

1 Answers1

12

The AES algorithm has a 128-bit block size, regardless of whether you key length is 256, 192 or 128 bits.

When a symmetric cipher mode requires an IV, the length of the IV must be equal to the block size of the cipher. Hence, you must always use an IV of 128 bits (16 bytes) with AES.

There is no way to use a 32 byte IV with AES.

Duncan Jones
  • 67,400
  • 29
  • 193
  • 254
  • 1
    Duncan, I have voted to delete my answer since yours is very clear and straight forward :) For any upcoming readers, I would just like to retain the hint that, in order to use AES-256 at all, it is necessary to [install the unrestricted policy files](http://stackoverflow.com/questions/12897260/java-aes-256-decryption-translating-code-from-actionscript-3). Otherwise you get `java.security.InvalidKeyException: Illegal key size` even for the key itself, not only for the IV. – Andreas Fester Nov 22 '12 at 13:56
  • 1
    @Andreas Thanks, very gracious of you. Apologies for stealing your thunder but I wanted to ensure a succinct answer was available for future readers. Your point about unrestricted files is always good to remember :-) – Duncan Jones Nov 22 '12 at 14:02
  • can you help me out with these? :( http://stackoverflow.com/questions/34061675/convert-ios-encryption-to-android – MetaSnarf Dec 04 '15 at 03:21