Code Comments

Programming Forum and web based access to our favorite programming groups.
For Programmers: Free Programming Magazines | New: Database administration forum
Registration is free! Edit your profileCalendarFind other membersFrequently Asked QuestionsSearch -> 
Code Comments > Java Forum > Java Security >

Getting derived key from PBE


Post New Thread











Thread
Author
Getting derived key from PBE
Is there any way to access the DERIVED key (say a 3DES key)
in J2SE and PBE?
I think that although the internally derived IV is accessible, the
derived key is not. Is that correct?

e.g.

String MYPBEALG = "PBEWithSHA1AndDESede" ;
PBEParameterSpec  pbeParamSpec = new PBEParameterSpec(salt, count);
String password = "ssshh! a difficult secret" ;
PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray());
keyFac = SecretKeyFactory.getInstance(MYPBEALG);
SecretKey pbeKey = keyFac.generateSecret(pbeKeySpec);
Cipher pbeCipher = Cipher.getInstance(MYPBEALG);
pbeCipher.init(Cipher.ENCRYPT_MODE, pbeKey, pbeParamSpec);

byte[] IV = pbeCipher.getIV() ; //actual internally generated IV

byte[] key = pbeKey.getEncoded();   //this just returns the password as a by
te[]

- Mitch

Report this thread to moderator Post Follow-up to this message
Old Post
Michel Gallant
04-22-05 09:01 PM

Re: Getting derived key from PBE
Michel Gallant wrote:
> Is there any way to access the DERIVED key (say a 3DES key)
> in J2SE and PBE?
> I think that although the internally derived IV is accessible, the
> derived key is not. Is that correct?
>
> e.g.
>
>    String MYPBEALG = "PBEWithSHA1AndDESede" ;
>    PBEParameterSpec  pbeParamSpec = new PBEParameterSpec(salt,
count);
>    String password = "ssshh! a difficult secret" ;
>    PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray());
>    keyFac = SecretKeyFactory.getInstance(MYPBEALG);
>    SecretKey pbeKey = keyFac.generateSecret(pbeKeySpec);
>    Cipher pbeCipher = Cipher.getInstance(MYPBEALG);
>    pbeCipher.init(Cipher.ENCRYPT_MODE, pbeKey, pbeParamSpec);
>
>    byte[] IV = pbeCipher.getIV() ; //actual internally generated IV
>
>    byte[] key = pbeKey.getEncoded();   //this just returns the
password as a byte[]

There are some helper classes in BouncyCastle provider that will
return derived key params.

regards,
Eugene

Report this thread to moderator Post Follow-up to this message
Old Post
ekuleshov@gmail.com
04-22-05 09:01 PM

Sponsored Links



Last Thread Next Thread Next
Search this forum -> 
Post New Thread

Java Security archive

Show a Printable Version Send to friend Email This Page to Someone! subscribe to this thread Receive updates to this thread
Computer Consultants
Programming Jobs
Visual Basic Controls
SQL Server Programming
Webservices
Java Security
Visual Studio
C# Programming
Visual J++
Software engineering
Open source Software
Perl Programming
PHP Programming
ASP Programming
ASP .NET Programming
Visual Basic Programming
Windows Scripting Host
Java Programming
Java Help
Java Beans
VBScript
Cobol
MAC Applications
Unix Programming
Forum Jump:
All times are GMT. The time now is 07:21 PM.

 
Free MCSE Braindumps | Real Estate Topics
Programming forum archive

Copyrights CodeComments.com 2004 - 2006

Powered by vBulletin Copyright 2000-2006 Jelsoft Enterprises Limited.