1

Actually I am getting InvalidKeyException: Illegal key size, but same code is working in production. When I am trying to run this code locally, I am facing key size issue while decoding in below line:

 cipher.init(2, new SecretKeySpec(secretKey, "AES"), new IvParameterSpec(initVector));

In above line I am getting following exception:

 public byte[] getPageByteStream(String fileName)
    throws DMSApplicationException
  {
    logger.info(GridFsPagesDAOImpl.class + " Entering in to getPageByteStream DAO Method : " + fileName);

    Query searchQuery = new Query(Criteria.where("filename").is(fileName));
    GridFSDBFile gridFSDBFile = DmsDBUtils.getGridFsOperations().findOne(searchQuery);

    ByteArrayOutputStream stream = new ByteArrayOutputStream();
    byte[] results = null;
    byte[] initVector = null;
    try {
      gridFSDBFile.writeTo(stream);
      byte[] bytes = null;
      bytes = stream.toByteArray();
      Base64 base64 = new Base64();
      byte[] decodedArr = base64.decode(bytes);
      byte[] decArr = Arrays.copyOfRange(decodedArr, 24, bytes.length);
    byte[] secretKey = base64.decode("mkJmh3d2WLNXgmWIv4znTU+IXk7XczlInO9mXmv1iBE=\n");
     String str = new String(secretKey, "UTF-8");
     System.out.println("decodes string :  "+str);
     Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
      initVector = Arrays.copyOfRange(decodedArr, 8, 24);

      cipher.init(2, new SecretKeySpec(secretKey, "AES"), new IvParameterSpec(initVector));
      decArr = Arrays.copyOfRange(decodedArr, 24, bytes.length);
      byte[] decArr1 = Arrays.copyOfRange(decArr, 0, decArr.length - decArr.length % 16);

      results = cipher.doFinal(decArr1);

    } catch (Exception e) {
      e.printStackTrace();
      logger.info(GridFsPagesDAOImpl.class + " Exiting from getPageByteStream DAO Method " + e);


      if (gridFSDBFile != null) {
        try {
          stream.close();
        } catch (IOException ex) {
          ex.printStackTrace();
        }
      }
    }
    finally
    {
      if (gridFSDBFile != null) {
        try {
          stream.close();
        } catch (IOException e) {
          e.printStackTrace();
        }
      }
    }

    logger.info(GridFsPagesDAOImpl.class + " Exiting from getPageByteStream DAO Method " + fileName);
    return results;
  }
}

Can you please suggest me?

Help is highly appreciable.

rishabhkeshari123
  • 143
  • 2
  • 13
  • You probably need to install the unlimited javacript extension, see http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html –  Sep 22 '17 at 10:29
  • Or just use a 128-bit key which is as secure as a 256-bit key as neither can be brute forced. – zaph Sep 22 '17 at 10:55
  • yeah may be it can be problem with some code but my same piece of code is working fine for me on my production jboss server but when i am trying to connect locally to download a file that time this exception i am getting. – rishabhkeshari123 Sep 25 '17 at 05:33
  • 1
    Your production server either has the unlimited-strength policy installed, or is using an OpenJDK variant which does not have the policy restriction. You need your local system to do the same. – dave_thompson_085 Sep 25 '17 at 08:17
  • yes @dave_thompson_085 absolutely right you are. thanks . – rishabhkeshari123 Sep 25 '17 at 11:34

1 Answers1

1

It looks like you're using AES with a 256 bit key.

You need to install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy files to use keys larger than 128 bits.

http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html

Luciano van der Veekens
  • 6,307
  • 4
  • 26
  • 30