0

Exception in thread "main" java.security.InvalidKeyException: Illegal key size for below code

Char length of the key is 44. I tried with char length 24 am able to encrypt. Please help how to resolve this issue.


public static void main(String args[]) throws Exception {
    String plainText = "Hello world!";
    String encryptionKeyBase64 = "DWIzFkO22qfVMgx2fIsxOXnwz10pRuZfFJBvf4RS3eY=";
    System.out.println(encryptionKeyBase64.length());
    String ivBase64 = "AcynMwikMkW4c7+mHtwtfw==";
    EncDec encDec = new EncDec();
    String cipherText = encDec.encrypt(plainText, encryptionKeyBase64, ivBase64);
}

 public String encrypt(String plainText, String keyBase64, String ivBase64) throws Exception
    {
        byte[] plainTextArray = plainText.getBytes(StandardCharsets.UTF_8);
        byte[] keyArray = DatatypeConverter.parseBase64Binary(keyBase64);
        byte[] iv = DatatypeConverter.parseBase64Binary(ivBase64);

        SecretKeySpec secretKey = new SecretKeySpec(keyArray, "AES");
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");   
        cipher.init(Cipher.ENCRYPT_MODE, secretKey, new IvParameterSpec(iv));
        return new String(DatatypeConverter.printBase64Binary(cipher.doFinal(plainTextArray)));
    }

    public String decrypt(String messageBase64, String keyBase64, String ivBase64) throws Exception {

        byte[] messageArray = DatatypeConverter.parseBase64Binary(messageBase64);
        byte[] keyArray = DatatypeConverter.parseBase64Binary(keyBase64);
        byte[] iv = DatatypeConverter.parseBase64Binary(ivBase64);

        SecretKey secretKey = new SecretKeySpec(keyArray, "AES");
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
        cipher.init(Cipher.DECRYPT_MODE, secretKey, new IvParameterSpec(iv));
        return new String(cipher.doFinal(messageArray));
    }
}```
gautham
  • 87
  • 2
  • 12

1 Answers1

2

As you are using "AES" as encryption-scheme the key lengths must be 16, 24 or 32 bytes in the input of SecretKeySpec.

So you should check the length of the byte[] keyArray and not the length of your String "encryptionKeyBase64" and make sure it's of 16/24/32 byte length.

You can add the line

System.out.println("keyArray.length: " + 
DatatypeConverter.parseBase64Binary(encryptionKeyBase64).length);

before you're using it in your encryption-/decryption method.

Btw.: the initialisation vector "iv" has to be of 16 bytes length (fixed, regardless of key length). You can check that easily with

System.out.println("iv.length:       " + DatatypeConverter.parseBase64Binary(ivBase64).length);
marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
Michael Fehr
  • 5,827
  • 2
  • 19
  • 40
  • Hi Michael, I tried your suggestion and the key length is in 32 and the IV length is also 16. But still I see the issue, can you please let me know where I did a mistake. Appreciate your response earlier. – gautham May 07 '20 at 13:44
  • 1
    It looks like You are using an outdated java-version, because "Illegal key size" error is also thrown when the Java-version you're using does not allow AES key lengths other of 16. Now have three choices: 1) use a key of size 16 bytes long or 2) update your Java, e.g. minimum Java 6u181, 7u171, 8u161, 9b148 or 3) you install the "Unlimited Strength Jurisdiction Policy Files" from Oracle's Java-site. I prefer option 2. You can find a lot of Q&As here, e.g. https://stackoverflow.com/questions/41580489/how-to-install-unlimited-strength-jurisdiction-policy-files. – Michael Fehr May 07 '20 at 14:12
  • This is working after updated my Java version. But I have a problem now the encrypted value I want to Decrypt in datapower. Which am not able to. Is there a way to make it work in datapower. Thanks – gautham May 07 '20 at 18:35
  • Thanks for all the support Michael. I figured out a way to encrypt in Java and Decrypt in dataoower – gautham May 07 '20 at 23:03