When I run this code in Android it produces no errors, but when I run it in a standard Java program it produces the exception: java.security.InvalidKeyException: Illegal key size.
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
SecretKeySpec keySpec = new SecretKeySpec(CHUNK_ENCRYPTION_KEY.getBytes(), 0, 32, "AES");
IvParameterSpec initVector = new IvParameterSpec(AES_INITIALIZATION_VECTOR.getBytes(), 0 , 16);
cipher.init(Cipher.ENCRYPT_MODE, keySpec, initVector);
CHUNK_ENCRYPTION_KEY is a 32 byte key hard-coded into the program.
AES_INITIALIZATION_VECTOR is a 16 byte hard-coded initialization vector.
Does anyone know why it would work on Android and not on a Desktop?
解决方案
On a default desktop JVM installation (using the JRE or JDK from Sun/Oracle), AES is limited to 128-bit key size. This is a remnant of import/export laws on cryptographic software. To unlock the larger AES key sizes, you need to download and apply the "JCE Unlimited Strength Jurisdiction Policy Files" (see at the bottom of this page).
On an unrelated note, you do not want to use the raw getBytes() method on a String, because the result depends on the current locale (not everyone uses UTF-8 or even ASCII-compatible encodings). If you do want to represent your key as a literal string, at least use an explicit encoding, such as: CHUNK_ENCRYPTION_KEY.getBytes("UTF-8")
扫一扫
1万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
