[ https://issues.apache.org/jira/browse/SHIRO-783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17211314#comment-17211314 ]
Brian Demers commented on SHIRO-783: ------------------------------------ Thanks for following up with this! > AES 256 encryption yeilds unsupported Tlen error on all shiro versions above > 1.4.1 > ---------------------------------------------------------------------------------- > > Key: SHIRO-783 > URL: https://issues.apache.org/jira/browse/SHIRO-783 > Project: Shiro > Issue Type: Bug > Components: Cryptography & Hashing > Affects Versions: 1.4.2 > Environment: windows 10, intelliJ, spring boot, java 11 > Reporter: Philip Harder > Priority: Major > Labels: AES256, spring-boot > > When trying to encrypt using AesCipherService, using a 256 bit key, on the > latest verison of shiro, using java11, this error always appears: > > java.security.InvalidAlgorithmParameterException: Unsupported TLen value; > must be one of \{128, 120, 112, 104, 96} > > This is puzzling because we are never setting the TLen value to anything, and > this encyrption scheme was working just fine in another project. After some > investigating, we noticed that setting our shiro dependency to an earlier > version of 1.4.1 (or below) fixes this issue. Setting the key size to be 128 > also fixes the issue. This is again puzzling, could it be that setting a > keysize of 256 is also touching the TLen value? Either way something seems > buggy here, and to our best insight it isn't on our end. Although I'm not > ruling out that possibility entirely. Below is the code we are using for our > encryption (maybe we're setting up 256 encryption wrong for later versions of > shiro). Were injecting this cryptkeeper class into a service to use that > encrypt method. > > @Slf4j > @Component > public class CryptKeeper { > private final byte[] key = new byte[32]; > private final AesCipherService cipherService = new AesCipherService(); > @Value("${encKey.path}") > private String keyFileName; > @PostConstruct > private void init() throws IOException { > cipherService.setKeySize(256); > FileInputStream fileInputStream = new FileInputStream(keyFileName); > int bytesRead = IOUtils.read(fileInputStream, key); > log.info("{} bytes read from key file", bytesRead); > log.info("key array has length {}", key.length); > for (int i = 0; i < key.length; i++) { > log.debug("index {}: {}", i, key[i]); > } > fileInputStream.close(); > } > public byte[] encrypt(byte[] subject) > { return cipherService.encrypt(subject, key).getBytes(); } > } > > -- This message was sent by Atlassian Jira (v8.3.4#803005)