jce

问题 I have a master key in an HSM and I want to derive it with a given diversifier. I am quite new to JCA/JCE, and a bit lost with KeyGenerator, SecretKeyFactory, ... especially since all parameters are strings. I want to use AES or HmacSha1. It seems I need to use a SecretKeyFactory, and provide a KeySpecs. But which type of KeySpecs? (I have seen a post on that topic, but I didn't seem an HSM was used.) Thanks. 回答1: You can derive key using: password-based derivation (PKCS#5) as described in

问题 I have a master key in an HSM and I want to derive it with a given diversifier. I am quite new to JCA/JCE, and a bit lost with KeyGenerator, SecretKeyFactory, ... especially since all parameters are strings. I want to use AES or HmacSha1. It seems I need to use a SecretKeyFactory, and provide a KeySpecs. But which type of KeySpecs? (I have seen a post on that topic, but I didn't seem an HSM was used.) Thanks. 回答1: You can derive key using: password-based derivation (PKCS#5) as described in

问题 I am now on making RSA message authentication software. The process is as follows: Sign the message by using A's private key (1024 bit) Verify the message by using A's public key (1024 bit) The #1 code (below) works fine and generates following result:

问题 Normally both PSS and PKCS1v15 can be used for RSA signatures padding. And for java the code is also simple, but it just can't tell the padding strategy used. My code: Signature signature = Signature.getInstance("SHA1WithRSA"); signature.initSign(privateKey); signature.update(plainBytes); byte[] signBytes = signature.sign(); May I explicitly define PSS with MGF1 as the padding strategy using SunJCE as provider? 回答1: PSS is not present in the supported algorithms list of SunJCE. However

问题 I am trying to encrypt and decrypt some simple text. But for some reason I am getting a strange error: javax.crypto.BadPaddingException . Why would JCE generates bytes that are not properly padded? I have the following code: import javax.crypto.Cipher; import javax.crypto.KeyGenerator; import javax.crypto.SecretKey; import javax.crypto.spec.IvParameterSpec; import java.security.SecureRandom; public class SimplestTest { public static void main(String[] args) throws Exception { SecureRandom rnd

问题 I am trying to encrypt and decrypt some simple text. But for some reason I am getting a strange error: javax.crypto.BadPaddingException . Why would JCE generates bytes that are not properly padded? I have the following code: import javax.crypto.Cipher; import javax.crypto.KeyGenerator; import javax.crypto.SecretKey; import javax.crypto.spec.IvParameterSpec; import java.security.SecureRandom; public class SimplestTest { public static void main(String[] args) throws Exception { SecureRandom rnd

问题 Hi this is the same question, that was asked two years ago: Java/JCE: Decrypting “long” message encrypted with RSA I had a large byte array and rsa keypair, initiated by value 1024. Using rsa encryption and the specified size of the key is strong requirement, I can't change it. So I can't use symmetric encryption with asymetric encryption symmetric key. I can't use any other keys. I had a byte array and need ciphered byte array to be returned. I wonder if there is any ready tool, that can

问题 I've got a message contained in an byte[], encrypted with "RSA/ECB/PKCS1Padding". To decrypt it I create a Cipher c and initiate it with c = Cipher.getInstance("RSA/ECB/PKCS1Padding"); Untill now I have only decrypted small messages, using the doFinal() method, returning an byte[] with the decrypted bytes. c.init(Cipher.DECRYPT_MODE, privateKey); byte[] decryptetBytes = c.doFinal(encryptedBytes); But in this case the data is bigger (approx 500 Bytes), and the doFinal() -method throws an

问题 I've got a message contained in an byte[], encrypted with "RSA/ECB/PKCS1Padding". To decrypt it I create a Cipher c and initiate it with c = Cipher.getInstance("RSA/ECB/PKCS1Padding"); Untill now I have only decrypted small messages, using the doFinal() method, returning an byte[] with the decrypted bytes. c.init(Cipher.DECRYPT_MODE, privateKey); byte[] decryptetBytes = c.doFinal(encryptedBytes); But in this case the data is bigger (approx 500 Bytes), and the doFinal() -method throws an

问题 I am trying to automate generation of CA and certificates for our E2E testing. I started with Bouncy Castle and I have managed to generate CA cert and machine cert. However, now I need to convert the RSA keypair represented by BC' org.bouncycastle.crypto.AsymmetricCipherKeyPair to java.security.KeyPair . I cannot seem to find a way to do this. 回答1: There's probably more than one way to do it, but here is one example: import org.bouncycastle.crypto.AsymmetricCipherKeyPair; import org