jce

问题 I want to decrypt the private key in a Java JCEKS Keystore, and I do not want to use Java. I can find a description of the PBEWithMD5AndTripleDES, but not the actual implementation. This comment purportedly explains the derivation: /** * This class implements a proprietary password-based encryption algorithm. * It is based on password-based encryption as defined by the PKCS #5 * standard, except that is uses triple DES instead of DES. * * Here's how this algorithm works: * * 1. Create random

问题 Closed. This question is off-topic. It is not currently accepting answers. Want to improve this question? Update the question so it's on-topic for Stack Overflow. Closed 6 years ago . I want to encrypt test.txt file I am using this java class for encryption and decryption.In My directory I have three files private.txt for save private key and public.txt for public key and test.txt is for encryption. package EncryptionDecryption; import java.io.BufferedInputStream; public class EncryptionUtil

问题 I'm using BouncyCastle 1.54. I have a JCE algorithm string - like "ECDSAwithSHA256" (for example). I need an org.bouncycastle.asn1.x509.AlgorithmIdentifier object. Alternatively, I could create an AlgorithmIdentifier object from an OID, but that begs the question of how to translate an algorithm string into an OID instead. I could create a giant if/else, but there's got to be a standard way to do this. 回答1: You can use the algorithm finders of BouncyCastle (see javadoc) import org

问题 Our Java application exposes a lot of different interfaces (SMTP, FTP, HTTP), secured by SSL/TLS. The goal now is to limit cipher suites allowed on these interfaces to include only "strong" ones. I already have a list and it's clear how to make it working for a particular socket socket.setEnabledCipherSuites(ENABLED_SECURE_CIPHER_SUITES); or for Tomcat connector <Connector port="443" ciphers="..."/> The problem is that there are already 5 places in the application where I should apply this

问题 Are the JCE policy files (in {java.home}/lib/security) overwritten with the standard strength policy files after a JRE update? or are these left alone on JRE update? EDIT: Does anyone know if the Mac OS X JRE ships with the unlimited policy files? Thanks Jon 回答1: In my experience using JCE policy files, it did replace the files and I was frustrated. I ended up replacing the files at first run. But at the end, using Bouncy Castle API was more appropriate, there was no need to have the

问题 I have a Java app that requires JCE Unlimited Strength policy files to be installed in order to generate certificates. However, currently, the system fails silently if the files are not installed, rather than throwing an exception or something. Is there a programmatic way to check for these files from within the app? thanks. 回答1: Probably not the cleanest way: If it is not there your application should throw an Exception, so you could try a small encryption test that is supposed to work and

问题 Following this discussion it's a simple tutorial how to sign a string by using ECDSA algorithm in java without using any third-party libraries. But the question is: How can i convert the public and the private key into a string ? (Because i want to send them into a database). Can somebody help me create a simple tutorial of how to verify the message by using ECDSA algorithm in java ? at this point i need to include the signature and public key as the verification method. Here's my scenario in

问题 Currently I need to generate a keypair for GOST 34.10-2001 signature algorithm. It was pleasant to discover that bouncy castle provider has supported this algorithm, but I can not generate a keypair and save it to any keystore of any type. Currently I tried this command (this command works great if keyalg is DSA and sigalg is SHA1withDSA ): keytool -genkey -alias test1 -keyalg ECGOST3410 -keysize 512 -sigalg GOST3411withECGOST3410 \ -keypass test_1 -validity 1000 -storetype JKS -keystore

问题 I need a fixed length 64 Byte ECDSA signature with the NIST P-256 Curve. The implementation hast to use JCE. The following code sample can generate a signature and verify it. Provider provSign = new SunEC(); Provider provVerify = new SunEC(); // generate EC key KeyPairGenerator kg = KeyPairGenerator.getInstance("EC", provSign); ECGenParameterSpec ecParam = new ECGenParameterSpec("secp256r1"); kg.initialize(ecParam); KeyPair keyPair = kg.generateKeyPair(); PrivateKey privateKey = keyPair

问题 I'm trying to use JSCH to upload a file to a remote SFTP share. Every time I attempt to connect to the share from within my code, I get an exception that looks something like this: com.jcraft.jsch.JSchException: Session.connect: java.security.InvalidKeyException: Key is too long for this algorithm at com.jcraft.jsch.Session.connect(Session.java:558) ~[jsch-0.1.51.jar:na] at com.jcraft.jsch.Session.connect(Session.java:183) ~[jsch-0.1.51.jar:na] I've seen posts that describe this error when