Try to understand Before marking duplicate: InvalidKeyException: Illegal key size [duplicate]

问题

This question already has answers here:

InvalidKeyException Illegal key size (5 answers)

Closed 2 years ago.

Actually I am getting InvalidKeyException: Illegal key size, but same code is working in production. When I am trying to run this code locally, I am facing key size issue while decoding in below line:

 cipher.init(2, new SecretKeySpec(secretKey, "AES"), new IvParameterSpec(initVector));

In above line I am getting following exception:

 public byte[] getPageByteStream(String fileName)
    throws DMSApplicationException
  {
    logger.info(GridFsPagesDAOImpl.class + " Entering in to getPageByteStream DAO Method : " + fileName);

    Query searchQuery = new Query(Criteria.where("filename").is(fileName));
    GridFSDBFile gridFSDBFile = DmsDBUtils.getGridFsOperations().findOne(searchQuery);

    ByteArrayOutputStream stream = new ByteArrayOutputStream();
    byte[] results = null;
    byte[] initVector = null;
    try {
      gridFSDBFile.writeTo(stream);
      byte[] bytes = null;
      bytes = stream.toByteArray();
      Base64 base64 = new Base64();
      byte[] decodedArr = base64.decode(bytes);
      byte[] decArr = Arrays.copyOfRange(decodedArr, 24, bytes.length);
    byte[] secretKey = base64.decode("mkJmh3d2WLNXgmWIv4znTU+IXk7XczlInO9mXmv1iBE=\n");
     String str = new String(secretKey, "UTF-8");
     System.out.println("decodes string :  "+str);
     Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
      initVector = Arrays.copyOfRange(decodedArr, 8, 24);

      cipher.init(2, new SecretKeySpec(secretKey, "AES"), new IvParameterSpec(initVector));
      decArr = Arrays.copyOfRange(decodedArr, 24, bytes.length);
      byte[] decArr1 = Arrays.copyOfRange(decArr, 0, decArr.length - decArr.length % 16);

      results = cipher.doFinal(decArr1);

    } catch (Exception e) {
      e.printStackTrace();
      logger.info(GridFsPagesDAOImpl.class + " Exiting from getPageByteStream DAO Method " + e);


      if (gridFSDBFile != null) {
        try {
          stream.close();
        } catch (IOException ex) {
          ex.printStackTrace();
        }
      }
    }
    finally
    {
      if (gridFSDBFile != null) {
        try {
          stream.close();
        } catch (IOException e) {
          e.printStackTrace();
        }
      }
    }

    logger.info(GridFsPagesDAOImpl.class + " Exiting from getPageByteStream DAO Method " + fileName);
    return results;
  }
}

Can you please suggest me?

Help is highly appreciable.

回答1:

It looks like you're using AES with a 256 bit key.

You need to install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy files to use keys larger than 128 bits.

http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html

来源：https://stackoverflow.com/questions/46362489/try-to-understand-before-marking-duplicate-invalidkeyexception-illegal-key-siz