Key length not 128/192/256 bits, or Illegal key size when trying to initialize Bouncy Castle cipher in Java

Question

I'm trying to encrypt a payload starting from a password using Bouncy Castle 1.58 (org.bouncycastle:bcprov-jdk15on:1.58):

import org.bouncycastle.jce.provider.BouncyCastleProvider;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import java.security.SecureRandom;
import java.security.Security;

public class Scratch {
    public static void main(String[] args) throws Exception {

        Security.addProvider(new BouncyCastleProvider());

        String password = "password";

        SecureRandom randomGenerator = new SecureRandom();
        byte[] salt = randomGenerator.generateSeed(256);
        PBEKeySpec keySpec = new PBEKeySpec(password.toCharArray(), salt, 65536, 32);
        SecretKeyFactory f = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
        SecretKey passwordKey = f.generateSecret(keySpec);

        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding", "BC");
        PBEParameterSpec parSpec = new PBEParameterSpec(salt, 65536);
        cipher.init(Cipher.ENCRYPT_MODE, passwordKey, parSpec);
    }
}

and this is the error I get:

Exception in thread "main" org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher$InvalidKeyOrParametersException: Key length not 128/192/256 bits.
    at org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher.engineInit(Unknown Source)
    at javax.crypto.Cipher.init(Cipher.java:1394)
    at javax.crypto.Cipher.init(Cipher.java:1327)
    at tech.dashman.dashman.Scratch.main(Scratch.java:30)
Caused by: java.lang.IllegalArgumentException: Key length not 128/192/256 bits.
    at org.bouncycastle.crypto.engines.AESEngine.generateWorkingKey(Unknown Source)
    at org.bouncycastle.crypto.engines.AESEngine.init(Unknown Source)
    at org.bouncycastle.crypto.modes.GCMBlockCipher.init(Unknown Source)
    at org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher$AEADGenericBlockCipher.init(Unknown Source)
    ... 4 more

If I change the key length in the call to PBKeySpec to 256, like this:

import org.bouncycastle.jce.provider.BouncyCastleProvider;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import java.security.SecureRandom;
import java.security.Security;

public class Scratch {
    public static void main(String[] args) throws Exception {

        Security.addProvider(new BouncyCastleProvider());

        String password = "password";

        SecureRandom randomGenerator = new SecureRandom();
        byte[] salt = randomGenerator.generateSeed(256);
        PBEKeySpec keySpec = new PBEKeySpec(password.toCharArray(), salt, 65536, 256);
        SecretKeyFactory f = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
        SecretKey passwordKey = f.generateSecret(keySpec);

        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding", "BC");
        PBEParameterSpec parSpec = new PBEParameterSpec(salt, 65536);
        cipher.init(Cipher.ENCRYPT_MODE, passwordKey, parSpec);
    }
}

then I get this error:

Exception in thread "main" java.security.InvalidKeyException: Illegal key size
    at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)
    at javax.crypto.Cipher.init(Cipher.java:1393)
    at javax.crypto.Cipher.init(Cipher.java:1327)
    at tech.dashman.dashman.Scratch.main(Scratch.java:29)

What am I missing here? What size should be the key?

if i run your code i get: `java.security.InvalidAlgorithmParameterException: unknown parameter type.` — Jens, Aug 29 '17 at 13:05
@Jens: there, the two examples with two different key sizes and two different errors. About your type error, not sure what's going on. — Pablo Fernandez, Aug 29 '17 at 13:53
I alwas get the unknown Parameter type exceptioon, If i remove the `parSpec` it works fine for me — Jens, Aug 29 '17 at 14:05
The keyLength argument in PBEKeySpec is in units of bits, *not* bytes. So the second example is the the correct one, and the error is explained by @wallenborn answer. — President James K. Polk, Aug 29 '17 at 15:33
@JamesKPolk: yeah, I was specifying it in bytes to be through. Surprisingly, I'm still getting the other error after applying wallenborn's solution. — Pablo Fernandez, Aug 29 '17 at 15:35

score 4 · Accepted Answer · answered Aug 29 '17 at 14:41

You need to install the unlimited crypto extensions if you want to use AES with key sizes > 128 bit. The exception is actually telling you this:

Exception in thread "main" java.security.InvalidKeyException: Illegal key size
    at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)
    at javax.crypto.Cipher.init(Cipher.java:1393)
    at javax.crypto.Cipher.init(Cipher.java:1327)
    at tech.dashman.dashman.Scratch.main(Scratch.java:29)

It's failing the check for Crypto Permissions on line 1039 of Cipher.java

Try setting the key length to 128 bit or install the Unlimited Key Strength policy which you can download here

Oh! I knew and I forgot about the Unlimited Key Strength policy. Now that I added it, I stopped getting Illegal key size, but I'm still getting the other error. I'm going to accept this answer and create another question to keep things separate. — Pablo Fernandez, Aug 29 '17 at 15:29

Key length not 128/192/256 bits, or Illegal key size when trying to initialize Bouncy Castle cipher in Java

1 Answers1