[
https://issues.apache.org/jira/browse/SHIRO-783?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17211314#comment-17211314
]
Brian Demers commented on SHIRO-783:
------------------------------------
Thanks for following up with this!
> AES 256 encryption yeilds unsupported Tlen error on all shiro versions above
> 1.4.1
> ----------------------------------------------------------------------------------
>
> Key: SHIRO-783
> URL: https://issues.apache.org/jira/browse/SHIRO-783
> Project: Shiro
> Issue Type: Bug
> Components: Cryptography & Hashing
> Affects Versions: 1.4.2
> Environment: windows 10, intelliJ, spring boot, java 11
> Reporter: Philip Harder
> Priority: Major
> Labels: AES256, spring-boot
>
> When trying to encrypt using AesCipherService, using a 256 bit key, on the
> latest verison of shiro, using java11, this error always appears:
>
> java.security.InvalidAlgorithmParameterException: Unsupported TLen value;
> must be one of \{128, 120, 112, 104, 96}
>
> This is puzzling because we are never setting the TLen value to anything, and
> this encyrption scheme was working just fine in another project. After some
> investigating, we noticed that setting our shiro dependency to an earlier
> version of 1.4.1 (or below) fixes this issue. Setting the key size to be 128
> also fixes the issue. This is again puzzling, could it be that setting a
> keysize of 256 is also touching the TLen value? Either way something seems
> buggy here, and to our best insight it isn't on our end. Although I'm not
> ruling out that possibility entirely. Below is the code we are using for our
> encryption (maybe we're setting up 256 encryption wrong for later versions of
> shiro). Were injecting this cryptkeeper class into a service to use that
> encrypt method.
>
> @Slf4j
> @Component
> public class CryptKeeper {
> private final byte[] key = new byte[32];
> private final AesCipherService cipherService = new AesCipherService();
> @Value("${encKey.path}")
> private String keyFileName;
> @PostConstruct
> private void init() throws IOException {
> cipherService.setKeySize(256);
> FileInputStream fileInputStream = new FileInputStream(keyFileName);
> int bytesRead = IOUtils.read(fileInputStream, key);
> log.info("{} bytes read from key file", bytesRead);
> log.info("key array has length {}", key.length);
> for (int i = 0; i < key.length; i++) {
> log.debug("index {}: {}", i, key[i]);
> }
> fileInputStream.close();
> }
> public byte[] encrypt(byte[] subject)
> { return cipherService.encrypt(subject, key).getBytes(); }
> }
>
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
