问题
I am using AES 256 CBC. I have 32 bytes of IV. But when i run this it shows an exception as:
Exception in thread "main" java.lang.RuntimeException: java.security.InvalidAlgorithmParameterException: Wrong IV length: must be 16 bytes long
at com.abc.aes265cbc.AESUtil.decrypt(AESUtil.java:50)
at com.abc.aes265cbc.Security.main(Security.java:48)
Caused by: java.security.InvalidAlgorithmParameterException: Wrong IV length: must be 16 bytes long
at com.sun.crypto.provider.CipherCore.init(CipherCore.java:430)
at com.sun.crypto.provider.AESCipher.engineInit(AESCipher.java:217)
at javax.crypto.Cipher.implInit(Cipher.java:790)
at javax.crypto.Cipher.chooseProvider(Cipher.java:848)
at javax.crypto.Cipher.init(Cipher.java:1347)
at javax.crypto.Cipher.init(Cipher.java:1281)
at com.abc.aes265cbc.AESUtil.decrypt(AESUtil.java:47)
... 1 more
I don't know how to solve this. I searched but I am not getting how to solve this. I am trying security concepts for the first time. My code for the AES 256 CBC is:
public static void setENCRYPTION_IV(String ENCRYPTION_IV) {
AESUtil.ENCRYPTION_IV = ENCRYPTION_IV;
}
public static void setENCRYPTION_KEY(String ENCRYPTION_KEY) {
AESUtil.ENCRYPTION_KEY = ENCRYPTION_KEY;
}
public static String encrypt(String src) {
try {
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, makeKey(), makeIv());
return Base64.encodeBytes(cipher.doFinal(src.getBytes()));
} catch (Exception e) {
throw new RuntimeException(e);
}
}
public static String decrypt(String src) {
String decrypted = "";
try {
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, makeKey(), makeIv());
decrypted = new String(cipher.doFinal(Base64.decode(src)));
} catch (Exception e) {
throw new RuntimeException(e);
}
return decrypted;
}
static AlgorithmParameterSpec makeIv() {
try {
return new IvParameterSpec(ENCRYPTION_IV.getBytes("UTF-8"));
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
return null;
}
static Key makeKey() {
try {
MessageDigest md = MessageDigest.getInstance("SHA-256");
byte[] key = md.digest(ENCRYPTION_KEY.getBytes("UTF-8"));
return new SecretKeySpec(key, "AES");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
return null;
}
Can you help me that by changing what in this code i will be able to use 32 bytes of IV. Thanks in advance
Edit: My main function to which calls this functions:
AESUtil.setENCRYPTION_KEY("96161d7958c29a943a6537901ff0e913efaad15bd5e7c566f047412179504ffb");
AESUtil.setENCRYPTION_IV("d41361ed2399251f535e65f84a8f1c57");
String decrypted = AESUtil.decrypt(new String(sw0SrUIKe0DmS7sRd9+XMgtYg+BUiAfiOsdMw/Lo2RA=)); // AES Decrypt
回答1:
The AES algorithm has a 128-bit block size, regardless of whether you key length is 256, 192 or 128 bits.
When a symmetric cipher mode requires an IV, the length of the IV must be equal to the block size of the cipher. Hence, you must always use an IV of 128 bits (16 bytes) with AES.
There is no way to use a 32 byte IV with AES.
来源:https://stackoverflow.com/questions/13467343/want-to-use-aes-256-cbc-with-32-bytes-but-it-shows-java-security-invalidalgorith