000020622 - AES XTS mode and java.security.InvalidKeyException: java.security.InvalidAlgorithmParameterException: Algorithm parameters required

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000020622
Applies ToRSA Key Manager Server
RSA Key Manager Client
IssueException is thrown when trying to encrypt

com.rsa.kmc.KMException: java.security.InvalidKeyException: java.security.InvalidAlgorithmParameterException: Algorithm parameters required.
CauseWhen creating a Key Class on the RKM Server and specifying the Cipher, if AES is selected for the Algorithm and 256 or 512 is selected for the Key Size, one of the choices for the Mode is XTS.  AES XTS mode is only used for the EMC PowerPath product and not supported by RKM Client.
ResolutionWhen creating a Key Class on the RKM Server, ensure that XTS mode is not specified unless the Key Class is going to be used by a product that supports it (such as EMC PowerPath).
NotesFor most applications, CBC mode should be used.  For more information about the block cipher modes, see the Security Concepts document that is included with RKM Client and RKM Server (doc\security_concepts.pdf) > Symmetric Key Cryptography > Block Ciphers > Modes of Operation.
Legacy Article IDa36872

Attachments

    Outcomes