This week's book giveaway is in the Security forum.
We're giving away four copies of Penetration Testing Basics and have Ric Messier on-line!
See this thread for details.
Win a copy of Penetration Testing Basics this week in the Security forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Invalid Key Lenght

Andrew Prinoli
Posts: 22
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi guys...
I'm implementing a quite simple cryptographic algorithm , but I keep
on getting this exception : Invalid key length: 444 bytes
at com.sun.crypto.provider.DESCipher.engineGetKeySize(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
Please note that I have JCE working correctly..
Now I'll post and explain my code :

I have a byte[] buffer , which lengh is 304 bytes.
I have a Certificate retrieved from local keystore ,from which I get
corresponding PublicKey.
Then I retrieve Private Key from same keystore (passing a password)
I have to create the digital signature of that buffer (and it works
correctly) :

PrivateKey priv = sp.getPrivate();
Signature sig = Signature.getInstance(priv.getAlgorithm());//create a
Signature instance
sig.update(BIGBUFFER, 0, BIGBUFFER.length);
byte[] C_FINAL=sig.sign();//returns the signature result in a byte

In the second part of the algorithm I have to encrypt the byte[] array
C_FINAL , using the PUBLIC KEY ..... but while executing the following
code I get the InvalidKeyException

Cipher CPHR = Cipher.getInstance("DES/ECB/PKCS5Padding");
Certicate id=sp.getId();//retrieve certificate from another class
PublicKey PUB_KEY=id.getPublicKey();//retrieve public key from

CPHR.init(Cipher.ENCRYPT_MODE, PUB_KEY);//this line throws the


Please,anybody knows how to solve this problem..?
Thanks a lot guys...
Kai Witte
Ranch Hand
Posts: 356
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

maybe the allowed key length is limited unless you install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files (also available for 1.6). All I know for sure is that the length for PBE algorithms (like PBEWithMD5AndDES) is limited to 7 without that extension.

[ March 06, 2007: Message edited by: Kai Witte ]
greg stark
Ranch Hand
Posts: 220
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You are trying to use a public key where a symmetric key is needed. This doesn't make any sense. Please examine some primer material on crypto; some of these links may help.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic