Name: iiR10263 Date: 11/13/2003



The specification describes the following exceptions that are thrown
by javax.crypto.Cipher.init(int, Key):

Throws:
InvalidKeyException - if the given key is inappropriate for
initializing this cipher, or if this cipher is being initialized for
decryption and requires algorithm parameters that cannot be determined
from the given key, or if the given key has a keysize that exceeds the
maximum allowable keysize (as determined from the configured
jurisdiction policy files).

Unfortunately current implementation throws RuntimeException when
init(Cipher.DECRYPT_MODE, (Key)...)
is called without parameters for Cipher objects of
the PBEWITHMD5ANDDES algorithm.

Please find the code example that reproduses the situation and exception stack
trace below:

import java.io.PrintWriter;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.AlgorithmParameters;
import java.security.spec.KeySpec;
import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;

public class e3 {
 
    public static void main(String argv[]) {
        Key k;
        Cipher c;
        AlgorithmParameters params = null;
        
        String alg = "PBEWITHMD5ANDDES";
        byte[] salt = {
            (byte)0xc7, (byte)0x73, (byte)0x21, (byte)0x8c,
            (byte)0x7e, (byte)0xc8, (byte)0xee, (byte)0x99
        };
        int count = 20;
        String s = "My wonderfull password that is long enough. Tra-la-la, let me sing a song";
        
        try {
            int kl = Cipher.getMaxAllowedKeyLength(alg) / 8;
            String p = (kl >= s.length()) ? s: s.substring(0, kl);
            KeySpec ks = new PBEKeySpec(p.toCharArray(), salt, count, kl * 8);
        
            SecretKeyFactory skf =
                SecretKeyFactory.getInstance(alg);
     
            // PBE algorithm is symmetric.
            k = skf.generateSecret(ks);

            c = Cipher.getInstance(alg);
            
            c.init(Cipher.ENCRYPT_MODE, k);
            
            params = c.getParameters();
            
            c.init(Cipher.DECRYPT_MODE, k/*, params*/);

            System.out.println("passed");
        } catch (Exception e) {
            e.printStackTrace(System.out);
        }
    }
}

java.lang.RuntimeException: Parameters missing
        at com.sun.crypto.provider.PBEWithMD5AndDESCipher.engineInit(DashoA6275)
        at javax.crypto.Cipher.init(DashoA6275)
        at javax.crypto.Cipher.init(DashoA6275)
        at e3.main(e3.java:42)

Note that all works correct ("passed" appears) if we supply parameters by uncommenting /* , params */.

java full version "1.5.0-beta-b26"

======================================================================