Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Want to use AES 256 CBC with 32 bytes but it shows java.security.InvalidAlgorithmParameterException

Tags:

java

security

aes

I am using AES 256 CBC. I have 32 bytes of IV. But when i run this it shows an exception as:

Exception in thread "main" java.lang.RuntimeException: java.security.InvalidAlgorithmParameterException: Wrong IV length: must be 16 bytes long
    at com.abc.aes265cbc.AESUtil.decrypt(AESUtil.java:50)
    at com.abc.aes265cbc.Security.main(Security.java:48)
Caused by: java.security.InvalidAlgorithmParameterException: Wrong IV length: must be 16 bytes long
    at com.sun.crypto.provider.CipherCore.init(CipherCore.java:430)
    at com.sun.crypto.provider.AESCipher.engineInit(AESCipher.java:217)
    at javax.crypto.Cipher.implInit(Cipher.java:790)
    at javax.crypto.Cipher.chooseProvider(Cipher.java:848)
    at javax.crypto.Cipher.init(Cipher.java:1347)
    at javax.crypto.Cipher.init(Cipher.java:1281)
    at com.abc.aes265cbc.AESUtil.decrypt(AESUtil.java:47)
    ... 1 more

I don't know how to solve this. I searched but I am not getting how to solve this. I am trying security concepts for the first time. My code for the AES 256 CBC is:

 public static void setENCRYPTION_IV(String ENCRYPTION_IV) {
        AESUtil.ENCRYPTION_IV  =   ENCRYPTION_IV;
    }

    public static void setENCRYPTION_KEY(String ENCRYPTION_KEY) {
        AESUtil.ENCRYPTION_KEY  =   ENCRYPTION_KEY;
    }



    public static String encrypt(String src) {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(Cipher.ENCRYPT_MODE, makeKey(), makeIv());
            return Base64.encodeBytes(cipher.doFinal(src.getBytes()));
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static String decrypt(String src) {
        String decrypted = "";
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(Cipher.DECRYPT_MODE, makeKey(), makeIv());
            decrypted = new String(cipher.doFinal(Base64.decode(src)));
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
        return decrypted;
    }

    static AlgorithmParameterSpec makeIv() {
        try {
            return new IvParameterSpec(ENCRYPTION_IV.getBytes("UTF-8"));
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        }
        return null;
    }

    static Key makeKey() {
        try {
            MessageDigest md = MessageDigest.getInstance("SHA-256");
            byte[] key = md.digest(ENCRYPTION_KEY.getBytes("UTF-8"));
            return new SecretKeySpec(key, "AES");
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        }

        return null;
    }

Can you help me that by changing what in this code i will be able to use 32 bytes of IV. Thanks in advance

Edit: My main function to which calls this functions:

 AESUtil.setENCRYPTION_KEY("96161d7958c29a943a6537901ff0e913efaad15bd5e7c566f047412179504ffb");

    AESUtil.setENCRYPTION_IV("d41361ed2399251f535e65f84a8f1c57");
    String decrypted = AESUtil.decrypt(new String(sw0SrUIKe0DmS7sRd9+XMgtYg+BUiAfiOsdMw/Lo2RA=));   // AES Decrypt
like image 910
Vaibs Avatar asked Nov 20 '12 05:11

Vaibs


1 Answers

The AES algorithm has a 128-bit block size, regardless of whether you key length is 256, 192 or 128 bits.

When a symmetric cipher mode requires an IV, the length of the IV must be equal to the block size of the cipher. Hence, you must always use an IV of 128 bits (16 bytes) with AES.

There is no way to use a 32 byte IV with AES.

like image 50
Duncan Jones Avatar answered Sep 29 '22 18:09

Duncan Jones