OpenSAML 3DES Wrong keysize: must be equal to 112 or 168

Question

I am using OpenSAML to encrypt my SAML response.I changed my algorithm from AES to TRIPLEDES as below and now it started throwing me exception of

//Data encryption parameters - secret key

EncryptionParameters encParams = new EncryptionParameters();
encParams.setAlgorithm(EncryptionConstants.ALGO_ID_BLOCKCIPHER_TRIPLEDES);

java.security.InvalidParameterException: Wrong keysize: must be equal to 112 or 168
    com.sun.crypto.provider.DESedeKeyGenerator.engineInit(DashoA13*..)
    javax.crypto.KeyGenerator.init(DashoA13*..)
    javax.crypto.KeyGenerator.init(DashoA13*..)

I know I need to set the key size to 168 but how do I set it in OpenSAML?

score 3 · Answer 1 · edited Oct 18 '12 at 10:32

You can't use this method, Instead you should use the other method generateKey of SecurityHelper as shown below:

SecurityHelper.generateKey("DESede", 168, "SunJCE");

The difference here is you need to provide all the details such as algorithm name ( In SunJCE, DESede is triple-DES ), key length and the JCA provider name (Here SunJCE).

So you should do something like this:

//Generate a Symmetric Key for data encryption

Credential symmetricCredential = SecurityHelper.getSimpleCredential(

                                SecurityHelper.generateKey("DESede", 168, "SunJCE"));

//Specify data encryption parameters

    EncryptionParameters encParams = new EncryptionParameters();
    encParams.setAlgorithm(EncryptionConstants.ALGO_ID_BLOCKCIPHER_TRIPLEDES);  
    encParams.setEncryptionCredential(symmetricCredential);

Hope this helps.

OpenSAML 3DES Wrong keysize: must be equal to 112 or 168

1 Answers1