[jira] [Created] (SHIRO-783) AES 256 encryption yeilds unsupported Tlen error on all shiro versions above 1.4.1

Tue, 30 Jun 2020 14:11:11 -0700 

Philip Harder created SHIRO-783:
-----------------------------------

             Summary: AES 256 encryption yeilds unsupported Tlen error on all 
shiro versions above 1.4.1
                 Key: SHIRO-783
                 URL: https://issues.apache.org/jira/browse/SHIRO-783
             Project: Shiro
          Issue Type: Bug
          Components: Cryptography & Hashing
    Affects Versions: 1.4.2
         Environment: windows 10, intelliJ, spring boot, java 11
            Reporter: Philip Harder


When trying to encrypt using AesCipherService, using a 256 bit key, on the 
latest verison of shiro, using java11, this error always appears:

 

java.security.InvalidAlgorithmParameterException: Unsupported TLen value; must 
be one of \{128, 120, 112, 104, 96}

 

This is puzzling because we are never setting the TLen value to anything, and 
this encyrption scheme was working just fine in another project. After some 
investigating, we noticed that setting our shiro dependency to an earlier 
version of 1.4.1 (or below) fixes this issue. Setting the key size to be 128 
also fixes the issue. This is again puzzling, could it be that setting a 
keysize of 256 is also touching the TLen value? Either way something seems 
buggy here, and to our best insight it isn't on our end.  Although I'm not 
ruling out that possibility entirely. Below is the code we are using for our 
encryption (maybe we're setting up 256 encryption wrong for later versions of 
shiro).  Were injecting this cryptkeeper class into a service to use that 
encrypt method. 

 

@Slf4j
 @Component
 public class CryptKeeper {

private final byte[] key = new byte[32];
 private final AesCipherService cipherService = new AesCipherService();

@Value("${encKey.path}")
 private String keyFileName;

@PostConstruct
 private void init() throws IOException {
 cipherService.setKeySize(256);
 FileInputStream fileInputStream = new FileInputStream(keyFileName);
 int bytesRead = IOUtils.read(fileInputStream, key);
 log.info("{} bytes read from key file", bytesRead);
 log.info("key array has length {}", key.length);
 for (int i = 0; i < key.length; i++) {
 log.debug("index {}: {}", i, key[i]);
 }
 fileInputStream.close();
 }

public byte[] encrypt(byte[] subject)

{ return cipherService.encrypt(subject, key).getBytes(); }

}

 

 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to