AES de/encryption throws 'Illegal key size' for 256 bit key

Question

I recently started experimenting with AES en/decryption. My first experiment was drawn from here and slightly modified.

I than tried to generate an encrypted string, and to decrypt it again, using a 16 bit IV and a 256 bit password (the original password used in the example was 128 bit, and that worked for me). I also compared with this post and didn't really see a difference

If i try to run the simple code provided below, I keep getting this exception:

java.security.InvalidKeyException: Illegal key size

My code:

public static void main(String[] args) throws Exception {
        // byte [] key = "Bar12345Bar12345".getBytes("UTF-8"); // 128 bit key
        byte[] key = Hex.decode("8ec8f262e96e3d80ef52b530a5bc7b7baaf6e4357a363119b0a636b2034e298e");
        byte[] iv = Hex.decode("a5e8d2e9c1721ae0e84ad660c472c1f3");
        System.out.print(Arrays.toString(key));
        System.out.println(key.length);
        System.out.print(Arrays.toString(iv));
        System.out.println(iv.length);

        System.out.println(decrypt(key, iv, encrypt(key, iv, "Hello World")));

    }

    public static String encrypt(byte[] key, byte[] initVector, String value) {
        try {
            IvParameterSpec iv = new IvParameterSpec(initVector);
            SecretKeySpec skeySpec = new SecretKeySpec(key, "AES");

            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");/// CBC/PKCS5PADDING
            cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv);

            byte[] encrypted = cipher.doFinal(value.getBytes());
            System.out.println("encrypted string: " + Base64.encodeBase64String(encrypted));

            return Base64.encodeBase64String(encrypted);
        } catch (Exception ex) {
            ex.printStackTrace();
        }

        return null;
    }

    public static String decrypt(byte[] key, byte[] initVector, String encrypted) {
        try {
            IvParameterSpec iv = new IvParameterSpec(initVector);
            SecretKeySpec skeySpec = new SecretKeySpec(key, "AES");

            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
            cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv);

            byte[] original = cipher.doFinal(Base64.decodeBase64(encrypted));

            return new String(original);
        } catch (Exception ex) {
            ex.printStackTrace();
        }

        return null;
    }

Full output:

[-114, -56, -14, 98, -23, 110, 61, -128, -17, 82, -75, 48, -91, -68, 123, 123, -86, -10, -28, 53, 122, 54, 49, 25, -80, -90, 54, -78, 3, 78, 41, -114]32
[-91, -24, -46, -23, -63, 114, 26, -32, -24, 74, -42, 96, -60, 114, -63, -13]16
java.security.InvalidKeyException: Illegal key size
    at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1034)
    at javax.crypto.Cipher.implInit(Cipher.java:800)
    at javax.crypto.Cipher.chooseProvider(Cipher.java:859)
    at javax.crypto.Cipher.init(Cipher.java:1370)
    at javax.crypto.Cipher.init(Cipher.java:1301)
    at TestMain.encrypt(TestMain.java:76)
    at TestMain.main(TestMain.java:66)
java.security.InvalidKeyException: Illegal key size
    at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1034)
    at javax.crypto.Cipher.implInit(Cipher.java:800)
    at javax.crypto.Cipher.chooseProvider(Cipher.java:859)
    at javax.crypto.Cipher.init(Cipher.java:1370)
    at javax.crypto.Cipher.init(Cipher.java:1301)
    at TestMain.decrypt(TestMain.java:95)
    at TestMain.main(TestMain.java:66)
null

Please note, that the final 'null' in the output is the result of the operation that has been printed to System.out in the last line of main.

Please also note, that if I exchange the key variable with the commented line, (the original 128 bit key from the example used,) this code works fine.

Any ideas as to why this exception is thrown, and how I can resolve this?

Answer 1

You need to install the Unlimited Strength Jurisdiction Policy Files for JCE to use 256-bit key, see: http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html.