Exception java.security.InvalidKeyException: Invalid key length: 24 bytes using DESede

Question

I know that this question is often asked but I have checked everything I found in Stack Overflow and did not find the solution to my problem.
i am using DESede for encryption and decryption and taking external 24 byte key input. but getting exception.

here is my code:

    import java.security.InvalidKeyException;
    import java.security.NoSuchAlgorithmException;
    import java.security.spec.InvalidKeySpecException;

    import javax.crypto.BadPaddingException;
    import javax.crypto.Cipher;
    import javax.crypto.IllegalBlockSizeException;
    import javax.crypto.SecretKeyFactory;
    import javax.crypto.NoSuchPaddingException;
    import javax.crypto.SecretKey;
    import javax.crypto.spec.DESedeKeySpec;
    import javax.xml.bind.DatatypeConverter;

    public class DESede {

     private static Cipher encryptCipher;
     private static Cipher decryptCipher;

     public static void main(String[] args) throws InvalidKeySpecException {
      try {


       String desKey = "0123456789abcdef0123456789abcdef0123456789abcdef"; // value from user
       byte[] keyBytes = DatatypeConverter.parseHexBinary(desKey);
       System.out.println((int)keyBytes.length);

       SecretKeyFactory factory = SecretKeyFactory.getInstance("DESede");
       SecretKey key = factory.generateSecret(new DESedeKeySpec(keyBytes));

       encryptCipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
       encryptCipher.init(Cipher.ENCRYPT_MODE, key); //throwing Exception
       byte[] encryptedData = encryptData("Confidential data");

       decryptCipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
       decryptCipher.init(Cipher.DECRYPT_MODE, key);
       decryptData(encryptedData);

      } catch (NoSuchAlgorithmException e) {
       e.printStackTrace();
      } catch (NoSuchPaddingException e) {
       e.printStackTrace();
      } catch (InvalidKeyException e) {
       e.printStackTrace();
      } catch (IllegalBlockSizeException e) {
       e.printStackTrace();
      } catch (BadPaddingException e) {
       e.printStackTrace();
      }

     }

//method for encryption

     private static byte[] encryptData(String data)
       throws IllegalBlockSizeException, BadPaddingException {
      System.out.println("Data Before Encryption :" + data);
      byte[] dataToEncrypt = data.getBytes();
      byte[] encryptedData = encryptCipher.doFinal(dataToEncrypt);
      System.out.println("Encryted Data: " + encryptedData);

      return encryptedData;
     }

//method for decryption

     private static void decryptData(byte[] data)
       throws IllegalBlockSizeException, BadPaddingException {
      byte[] textDecrypted = decryptCipher.doFinal(data);
      System.out.println("Decryted Data: " + new String(textDecrypted));
     }
    }

i am getting exception at the line: java.security.InvalidKeyException: Invalid key length: 24 bytes

encryptCipher.init(Cipher.ENCRYPT_MODE, key);

any one have any idea why this is happening?

Answer 1

There is two mistakes you have done in your code

you use DESede to create the secret key factory in this line

 SecretKeyFactory factory = SecretKeyFactory.getInstance("DESede");

but you use the DES to get the Cipher object. you have to use DESede instead

so use this line

encryptCipher = Cipher.getInstance("DESede/CBC/PKCS5Padding");

instead of this line

encryptCipher = Cipher.getInstance("DES/ECB/PKCS5Padding");

use the same algorithm to get decripting cipher

and another one is use a AlgorithmParameterSpec to init the decrypting cipher.

byte iv[] = encryptCipher.getIV(); 
IvParameterSpec dps = new IvParameterSpec(iv);
decryptCipher.init(Cipher.DECRYPT_MODE, key, dps);

you can use above code to apply the AlgorithmParameterSpec to the initialization of cipher