Variable salt length for PBE
I have written some code that makes use of randomly generated salt bytes where the number of bytes in the salt are also randomly generated. This is for password-based encryption using: PBEWithMD5AndDES. When the code is run, I get the following error:
java.security.InvalidAlgorithmParameterException: Salt must be 8 bytes long
Since all the text I have read specifies that the salt should be at least 8 bytes long, I have to think that larger values should be acceptable. Is this a limitation with the algorithm being used, or does the JCE truly restrict the salt to 8 bytes? Please help.