• Post Reply Bookmark Topic Watch Topic
  • New Topic

java.security.InvalidKeyException: Invalid AES key length: 8 bytes  RSS feed

 
Umesh Dengale
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
For below code I am getting java.security.InvalidKeyException: Invalid AES key length: 8 bytes error.
public Message addUserTokens(SOAPEnvelope unsignedEnvelope)
throws Exception
{
// Get the message as document
Document doc = unsignedEnvelope.getAsDocument();

String username = "sdbrown";
String password = "changeit";
byte[] key = password.getBytes();
String idValue = "PayxRSTAuthN";
// Add the UserNameToken.
WSSAddUsernameToken usrNameToken = new WSSAddUsernameToken("", false);
// usrNameToken.setPasswordType(WSConstants.PASSWORD_TEXT);
usrNameToken.setPasswordType(WSConstants.PW_TEXT);

usrNameToken.build(doc, username, password);
usrNameToken.setId(idValue);
// Add an Id to it.
Element usrEle = (Element) (doc.getElementsByTagNameNS(
WSConstants.WSSE_NS, "UsernameToken").item(0));


Reference ref = new Reference(doc);
ref.setURI("#" + idValue);
ref.setValueType("UsernameToken");

SecurityTokenReference secRef = new SecurityTokenReference(doc);

secRef.setReference(ref);

// adding the namespace
WSSecurityUtil.setNamespace(secRef.getElement(), WSConstants.WSSE_NS,
WSConstants.WSSE_PREFIX);
serialize(doc, System.out);

WSEncryptBody wsEncrypt = new WSEncryptBody();

// Setting necessary parameters in WSEncryptBody.
wsEncrypt.setKeyIdentifierType(WSConstants.EMBED_SECURITY_TOKEN_REF);
wsEncrypt.setSecurityTokenReference(secRef);


wsEncrypt.setKey(key);

// Encrypt using the using the key
Document encDoc = wsEncrypt.build(doc, crypto);

Message signedMsg = (Message) toSOAPMessage(encDoc);

return signedMsg;
}

----------------------------
org.apache.ws.security.WSSecurityException: Cannot encrypt/decrypt data; nested exception is:
org.apache.xml.security.encryption.XMLEncryptionException: Invalid AES key length: 8 bytes
Original Exception was java.security.InvalidKeyException: Invalid AES key length: 8 bytes
at org.apache.ws.security.message.WSEncryptBody.doEncryption(WSEncryptBody.java:545)
at org.apache.ws.security.message.WSEncryptBody.buildEmbedded(WSEncryptBody.java:607)
at org.apache.ws.security.message.WSEncryptBody.build(WSEncryptBody.java:298)
at com.paychex.ws.ana.handler.client.WSSecurityClient.addUserTokens(WSSecurityClient.java:318)
at com.paychex.ws.ana.handler.client.WSSecurityClient.main(WSSecurityClient.java:94)
Caused by: org.apache.xml.security.encryption.XMLEncryptionException: Invalid AES key length: 8 bytes
Original Exception was java.security.InvalidKeyException: Invalid AES key length: 8 bytes
at org.apache.xml.security.encryption.XMLCipher.encryptData(Unknown Source)
at org.apache.xml.security.encryption.XMLCipher.encryptElementContent(Unknown Source)
at org.apache.xml.security.encryption.XMLCipher.doFinal(Unknown Source)
at org.apache.ws.security.message.WSEncryptBody.doEncryption(WSEncryptBody.java:543)
... 4 more
 
Lester Burnham
Rancher
Posts: 1337
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
8 bytes would imply a 64-bit key - but there's no such mode in AES. Try a 16 byte key for AES-128.

Also, you should always specify an encoding when using String.getBytes. It's just dangerous practice not to do that; don't get in the habit.
 
Ivan Krizsan
Ranch Hand
Posts: 2198
1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi!
Lester is correct, there is a minimum key length of 128 bits (16 bytes).
I just want to add a link to an article which can give some more details on AES key lengths: http://en.wikipedia.org/wiki/Advanced_Encryption_Standard
If you want to learn some more about cryptography use in Java, I would like to recommend the excellent book "Beginning Cryptography with Java".
Best wishes!
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!