On Mon, Nov 25, 2013 at 9:59 PM, Pent <[email protected]> wrote: > Since 4.4 my encryption code (working since Android 1.5) fails with... > > java.security.InvalidKeyException: initialisation vector must be the same > length as block size > > ....at the init call in the following code: > > String passphrase = "pass"; > String alg = "PBEWITHSHA-256AND256BITAES-CBC-BC"; > > PBEKeySpec keySpec = new PBEKeySpec( passphrase.toCharArray(), > salt, 2001 ); > > SecretKey key = SecretKeyFactory.getInstance( alg > ).generateSecret( keySpec ); > > Cipher ecipher = Cipher.getInstance( key.getAlgorithm() );
What does key.getAlgorithm() return on 4.4 and previous versions? What does ecipher.getProvider().getName() return on 4.4 and previous versions? Note that Using Cipher.getInstance() without specifying explicitly the algorithm, mode and padding is a recipe for disaster. You could try to get the old behaviour by calling Cipher.getInstance( key.getAlgorithm(), oldProvider); where 'oldProvider' is the value returned by ecipher.getProvider().getName() on pre-4.4 versions. That won't work if the provider is the same, but internal implementation details have changed. > > AlgorithmParameterSpec paramSpec = new IvParameterSpec( > initVector ); Where does initVector come frome and how was it generated? > > ecipher.init( Cipher.ENCRYPT_MODE, key, paramSpec ); > > initVector and salt are both 8 byte arrays. > > ecipher.getBlockSize() reports 16, so yes, it doesn't match the > initialization vector. > Most importantly, what encryption algorithm are you trying to use? AES's block size is 16 bytes (128 bits) so there is no way it can work 8 byte (56 bit) IVs. > Presumably some default has changed somewhere. > > This leaves all my users who used encryption in any way completely stuck. > > I've tried to arrange without success that the cipher block size is set to > 8. This won't work, each algorithm has a specific block size, you can't change it. -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en --- You received this message because you are subscribed to the Google Groups "Android Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
