AES 256 Revision 6 (PDF 2.0) Encryption

I am trying to implement decryption of AES 256 Revision 6 (PDF 2.0) as described in the ISO 32000-2 spec and having some success but getting some peculiar results that I cannot resolve and would appreciate some suggestions.
Using Acrobat X on a PC and encrypting using password encryption compatible with Acrobat X, I created a set of about 20 Acrobat X encrypted PDF tests. When I ran these through our implementation to decrypt as following ISO 32000-2 particularly Algorithms 2.A and 2.B most decrypted successfully and produced correct output. However a few failed either in the authentication phase or in the intermediate key computation stage, with the latter showing an error by an invalid decryption of the first stream of PDF encountered. Next I tried another set of different tests and also got a similar pass rate. Finally I took one unencrypted PDF test and chose the same security settings of compatible with Acrobat X, restrict editing, and printing, and allowed print and used the same password for 15 generated versions of this PDF test. 13 of these 15 resultant encrypted tests ran successfully with our implementation of the Revision 6 decryption algorithm. Two failed, with one failing a match on both user and owner key and the other failing computing the intermediate owner key.
In the past when we have implemented earlier Revision 5 256 AES, or even older compatibility versions it always was the case that you either had the software working or you didn’t. And the new PDF 2.0 2B algorithm with 64+ hashes and 64+ aes encryptions of data along with 16 byte mod 3 math computations leaves little room for error.
I believe that Acrobat when encrypting is choosing a random AES IV and all data including input /U /O /UE, and /OE strings differ. Even for the case described above of the same input test, same password, and same Acrobat encryption options. Thus the input into Algorithm 2-B will differ but the output should for authentication match the first 32 bytes of the O or U key or should result in a correct final result for intermediate owner or user key if the corresponding match occurred above.
However for the few exceptions that fail the above decryption it is not easy to determine what went wrong. Just about any change to the implementation of Algorithm 2.B breaks all working test cases instead of giving a clue as to what the issue is. The possible suspects are the new SHA-384 and SHA-512 and the encrypt code. We have used SHA-256 and the AES decrypt portion in earlier implementation of revision 5 and had no problems. The AES and hash code we are using is from Gladman1. I was wondering what others are using? It looks like Acrobat X is using RSA BSAFE Crypto – C2 at least for FIPS. Could Leonard or somebody else at Adobe tell me if this RSA software is also used in general with Acrobat X?
And I think that it would be very beneficial to have and publish a set of test vectors given input into algorithm 2.B along with correct intermediate results for each step. For each hash – including which method used per step show hash results, and also encryption step results, number of steps beyond 64 minimum, as well as final result. For the 80% of tests I have working I could produce this info. For those tests I cannot get working I would need help. Perhaps someone at Adobe or elsewhere who has had greater success than I have can help? I can provide input for the problematic tests either through this forum or privately at [email protected].
1) http://www.gladman.me.uk/
2) http://blogs.adobe.com/security/2011/05/update-fips-validation-certificates-for-acrobat-an d-reader-x.html

I create a simple file called 256encrypt.pdf and encrypted with aes256
I am using "Algorithm 2.B: Computing a hash" from ISO32000-2 to verify the user password
user password: password
User string from the PDF test file : f4 65 f1 69 9a e2 ea 71 ba e7 6b 48 bb 12 8f 1f 18 74 e3 d3 e2 97 7e b8 d6 fe 9f 7f 86 b0 6d 89 c9 38 40 c5 64 dc 5a 32 04 4d 9c 6f 28 d2 98 d0
User string hash value: f4 65 f1 69 9a e2 ea 71 ba e7 6b 48 bb 12 8f 1f 18 74 e3 d3 e2 97 7e b8 d6 fe 9f 7f 86 b0 6d 89
User Validatiaon salt: c9 38 40 c5 64 dc 5a 32
User Key salt:04 4d 9c 6f 28 d2 98 d0
The input for the "Algorithm 2.B: Computing a hash" is as follows:
user Validation Salt: c9 38 40 c5 64 dc 5a 32
password: 70 61 73 73 77 6f 72 64 (password)
step 1: SHA256(password+user Validation Salt)
the result is K = 9d 47 2d 4e f0 96 cd dd 7a 8c 04 8d b4 d2 b8 ee be fe b9 9f 7f cc e1 29 ea 63 ad f2 a3 d5 11 5b
step 2: Make a new string K1 with 64 repetitions of the input password and K
K1= 70 61 73 73 77 6f 72 64 9d 47 2d 4e f0 96 cd dd 7a 8c 04 8d b4 d2 b8 ee be fe b9 9f 7f cc e1 29 ea 63 ad f2 a3 d5 11 5b
       70 61 73 73 77 6f 72 64 9d 47 2d 4e f0 96 cd dd 7a 8c 04 8d b4 d2 b8 ee be fe b9 9f 7f cc e1 29 ea 63 ad f2 a3 d5 11 5b
       70 61 73 73 77 6f 72 64 9d 47 2d 4e f0 96 cd dd 7a 8c 04 8d b4 d2 b8 ee be fe b9 9f 7f cc e1 29 ea 63 ad f2 a3 d5 11 5b
        70 61 73 73 77 6f 72 64 9d 47 2d 4e f0 96 cd dd 7a 8c 04 8d b4 d2 b8 ee be fe b9 9f 7f cc e1 29 ea 63 ad f2 a3 d5 11 5b
Total 64 times , total length = 0xa00
step3: Encrypt K1 with AES_128(CBC)
AES_CBC_128_NOPADDING:
Key = 9d 47 2d 4e f0 96 cd dd 7a 8c 04 8d b4 d2 b8 ee
IV =   be fe b9 9f 7f cc e1 29 ea 63 ad f2 a3 d5 11 5b
K1 64 repeat of the 70 61 73 73 77 6f 72 64 9d 47 2d 4e f0 96 cd dd 7a 8c 04 8d b4 d2 b8 ee be fe b9 9f 7f cc e1 29 ea 63 ad f2 a3 d5 11 5b
Result : Total length is 0xa00. The beginning part of the E is
E =
47 df 2a 7f 90 8a c4 d9 f2 8b a0 f1 49 f0 8e 09 51 c4 a3 ce fd 28 48 f3 d7 c1 04 76 1b 6b 5b f2 6d 3d 2c 3f 03 26 76 06 d5 67 44 c8 2a b6
10 02 a5 8d a7 93 4f 94 02 b9 bf 93 b5 2d 17 82 02 3b f7 8e 8a 07 0f 18 ed 19 b3 ba 55 8b 14 b7 45 16 80 47 4f 6e c3 b6 20 d2 72 cd d1 46
2c d3 88 f7 c4 f7 e3 3a 04 3d 72 4f e0 d2 66 63 c4 9c 77 7c c5 53 fd 69 81 f6 3b 3d f5 8e b2 bd 66 4e 0f c6 1e 96 5e 91 e2 3d 60 5c 60 75
a3 13 49 58 85 e8 bb 37 93 91 4c 4f 79 a5 80 f2 13 be 44 22 aa e5 ee 6c 29 2c 76 50 a3 15 85 69 5e e9 c5 29 13 2a f6 67 51 8e 1e 7f 23 8a
90 a7 fe 93 c7 ff 45 ee 2a f0 c0 70 f1 78 2e 80 bd be 06 4f ad 69 4d 47 e6 3f ae e2 6a 76 ef 3e 56 8f 2d f5 c9 49 26 f3 7e 6e 61 8b 5e e6
e6 2d dd 76 cd 30 33 1d fe bf 11 60 ce 33 35 43 da b7 33 9b b9 6a 86 cd 35 a0 ca 84 99 0c ca 71 28 b3 01 b9 23 b4 a0 87 4e fb ff af b6 bd
step4:
The result of the first 16 bytes of E mod 3 is 1
step5:
Using SHA384 to get 48 bytes K
K = 29 de 28 c1 f0 17 c9 37 bd 93 97 e3 b5 51 b0 86 b9 0c 96 e0 77 28 87 1c 11 7b 41 ce 64 bf a8 7f f2 8b a2 7b 52 58 79 a9 63 c0 b2 31 f8 4e e4 6e
This is the end of round 1 and go back to step 2 using this new K
When round is equal or bigger than 64, check E[last byte], if E[last byte] > round -32, go back to step 2
The final round is 69. and the final result is
K = ab 7c c6 03 bc da 85 51 3f 3d 22 fb 58 8c 42 1d 45 67 55 92 9f 4f d2 41 b3 93 07 04 7d b1 30 6d
But this K does not match with the first 32 byte of the user string.

Similar Messages

Acrobat (Reader) 8 not capable of opening AES-256 protected rights management PDF?

Is this really true?
Didn't find a datasheet explaining the Client-side requirements, when
AES-256-encrypting PDF documencs with LCRM.
In my lab it seems, as if Reader-9 can open those documents fine, while Reader-8 fails decrypting.
Dilettanto

Acrobat/Reader 9 were the first version to incorporate AES-256 code, so if you want to remain backwards compatible with Reader 7 or 8 you need to continue to use AES-128. I believe this is documented in the help for the section that describes how policy edit works.
Jonathan

Encrypt/decrypt AES 256, vorsalt error

Hiyas.
So I'm trying to get encrypt/decrypt to work for AES 256, with both 32byte key and 32byte IVorSalt. (Yup-new java security files v6 installed)
'IF' I 32byte key but dont use a IV at all, I get a nice looking AES 256 result. (I can tell it's AES 256 by looking the length of the encrypted string)
'IF' I use a 32byte key and 16bit salt, I get a AES 128 result (I know- as per docs theyre both s'posed to the same size, but the docs are wrong).
But when i switch to using both a 32byte key AND a 32byte salt I get the error below.
An error occurred while trying to encrypt or decrypt your input string: Bad parameters: invalid IvParameterSpec: com.rsa.jsafe.crypto.JSAFE_IVException: Invalid IV length. Should be 16.
Has anyone 'EVER' gotten encrypt to work for them using AES 256 32byte key and 32byte salt? Is this a bug in CF? Or Java? Or I am doing something wrong?

<cfset theAlgorithm = "Rijndael/CBC/PKCS5Padding" />
<cfset gKey = "hzj+1o52d9N04JRsj3vTu09Q8jcX+fNmeyQZSDlZA5w=">

<cfset theIV    = BinaryDecode("7fe8585328e9ac7b7fe8585328e9ac7b7fe8585328e9ac7b7fe8585328e9ac7b","hex")>

<cffunction    name="DoEncrypt" access="public" returntype="string" hint="Fires when the application is first created.">
    <cfargument    name="szToEncrypt" type="string" required="true"/>
    <cfset secretkey = gKey>
    <cfset szReturn=encrypt(szToEncrypt, secretkey, theAlgorithm, "Base64", theIV)>
    <cfreturn szReturn>
</cffunction>
<cffunction    name="DoDecrypt" access="public" returntype="string" hint="Fires when the application is first created.">
    <cfargument    name="szToDecrypt" type="string" required="true"/>
    <cfset secretkey = gKey>
    <cfset szReturn=decrypt(szToDecrypt, secretkey, theAlgorithm, "Base64",theIV)>
    <cfreturn szReturn>
</cffunction>
<cfset szStart = form["toencrypt"]>
<cfset szStart = "Test me!">
<cfset szEnc = DoEncrypt(szStart)>
<cfset szDec = DoDecrypt(szEnc)>
<cfoutput>#szEnc# #szDec#</cfoutput>

Hi edevmachine,
This Bouncy Castle Encryption CFC supports Rijndael w/ 256-bit block size. (big thanks to Jason here and all who helped w/ that, btw!)
Example:
<cfscript>
BouncyCastleCFC = new path.to.BouncyCastle();
string = "ColdFusion Rocks!";
key = binaryEncode(binaryDecode(generateSecretKey("Rijndael", 256), "base64"), "hex");//the CFC takes hex'd key
ivSalt = binaryEncode(binaryDecode(generateSecretKey("Rijndael", 256), "base64"), "hex");//the CFC takes hex'd ivSalt
encrypted = BouncyCastleCFC.doEncrypt(string, key, ivSalt);
writeOutput(BouncyCastleCFC.doDecrypt(encrypted, key, ivSalt));
</cfscript>
Related links for anyone interested in adding 256-bit block size Rijndael support into ColdFusion:
- An explanation of how to install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files into ColdFusion
- An explanation of how to install the Bouncy Castle Crypto package into ColdFusion (near bottom, under the "Installing additional security providers" heading)
- An explanation of how to connect the Bouncy Castle classes together
- Bouncy Castle's doc for the Rijndael Engine
And here is the full CFC as posted in the StackOverflow discussion:
<cfcomponent displayname="Bounce Castle Encryption Component" hint="This provides bouncy castle encryption services" output="false">
<cffunction name="createRijndaelBlockCipher" access="private">
    <cfargument name="key" type="string" required="true" >
    <cfargument name="ivSalt" type="string" required="true" >
    <cfargument name="bEncrypt" type="boolean" required="false" default="1">
    <cfargument name="blocksize" type="numeric" required="false" default=256>
    <cfscript>
    // Create a block cipher for Rijndael
    var cryptEngine = createObject("java", "org.bouncycastle.crypto.engines.RijndaelEngine").init(arguments.blocksize);
    // Create a Block Cipher in CBC mode
    var blockCipher = createObject("java", "org.bouncycastle.crypto.modes.CBCBlockCipher").init(cryptEngine);
    // Create Padding - Zero Byte Padding is apparently PHP compatible.
    var zbPadding = CreateObject('java', 'org.bouncycastle.crypto.paddings.ZeroBytePadding').init();
    // Create a JCE Cipher from the Block Cipher
    var cipher = createObject("java", "org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher").init(blockCipher,zbPadding);
    // Create the key params for the cipher
    var binkey = binarydecode(arguments.key,"hex");
    var keyParams = createObject("java", "org.bouncycastle.crypto.params.KeyParameter").init(BinKey);
    var binIVSalt = Binarydecode(ivSalt,"hex");
    var ivParams = createObject("java", "org.bouncycastle.crypto.params.ParametersWithIV").init(keyParams, binIVSalt);
    cipher.init(javaCast("boolean",arguments.bEncrypt),ivParams);
    return cipher;
    </cfscript>
</cffunction>
<cffunction name="doEncrypt" access="public" returntype="string">
    <cfargument name="message" type="string" required="true">
    <cfargument name="key" type="string" required="true">
    <cfargument name="ivSalt" type="string" required="true">
    <cfscript>
    var cipher = createRijndaelBlockCipher(key=arguments.key,ivSalt=arguments.ivSalt);
    var byteMessage = arguments.message.getBytes();
    var outArray = getByteArray(cipher.getOutputSize(arrayLen(byteMessage)));
    var bufferLength = cipher.processBytes(byteMessage, 0, arrayLen(byteMessage), outArray, 0);
    var cipherText = cipher.doFinal(outArray,bufferLength);
    return toBase64(outArray);
    </cfscript>
</cffunction>
<cffunction name="doDecrypt" access="public" returntype="string">
    <cfargument name="message" type="string" required="true">
    <cfargument name="key" type="string" required="true">
    <cfargument name="ivSalt" type="string" required="true">
    <cfscript>
    var cipher = createRijndaelBlockCipher(key=arguments.key,ivSalt=arguments.ivSalt,bEncrypt=false);
    var byteMessage = toBinary(arguments.message);
    var outArray = getByteArray(cipher.getOutputSize(arrayLen(byteMessage)));
    var bufferLength = cipher.processBytes(byteMessage, 0, arrayLen(byteMessage), outArray, 0);
    var originalText = cipher.doFinal(outArray,bufferLength);
    return createObject("java", "java.lang.String").init(outArray);
    </cfscript>
</cffunction>
<cfscript>
function getByteArray(someLength)
    byteClass = createObject("java", "java.lang.Byte").TYPE;
    return createObject("java","java.lang.reflect.Array").newInstance(byteClass, someLength);
</cfscript>
</cfcomponent>
Thanks!,
-Aaron

Encrypt and Decrypt Card Number using AES 256 algorithm

Dear All,
I have a table in Sql Server database. in that table storing
Card_Information. This information is secured so that need to encrypt that data in sql server table.
Can some one help on Encrypting and decryption process using AES 256 algorithm.
Regards, Praveen

Hello,
See MSDN Cryptographic Functions (Transact-SQL) for all available en-/decryption function in SQL Server.
Olaf Helper
[ Blog] [ Xing] [ MVP]

CF9 Encrypt with AES 256-bit, example anyone?

Hi there. I'm looking for a working example of the Encrypt method using the AES 256 bit key. I think that I have the Unlimited Strength Jurisdiction Policy Files enabled. And I'm still getting the CFError,
The key specified is not a valid key for this encryption: Illegal key size.
Now i hit the wall, can't get it. What wrong am i doing? How can I verify that the policy files are installed and accessible to my cf file? Any help is greatly appreciated.
<cfset thePlainText = "Is this working for me?" />
Generate Secret Key (128):  <cfset AES128 = "#generatesecretkey('AES',128)#" /> <cfdump var="#AES128#"><BR>
Generate Secret Key (192):  <cfset AES192 = "#generatesecretkey('AES',192)#" /> <cfdump var="#AES192#"><BR>
Generate Secret Key (256):  <cfset AES256 = "#generatesecretkey('AES',256)#" /> <cfdump var="#AES256#"><BR><BR>
<cfset theKey    = AES256 />
<cfset theAlgorithm = "AES/CBC/PKCS5Padding" />
<cfset theEncoding = "base64" />
<cfset theIV    = BinaryDecode("6d795465737449566f7253616c7431323538704c6173745f", "hex") />
<cfset encryptedString = encrypt(thePlainText, theKey, theAlgorithm, theEncoding, theIV) />

<cfset keyLengthInBits = arrayLen(BinaryDecode(theKey, "base64")) * 8 />
<cfset ivLengthInBits = arrayLen(theIV) * 8 />
<cfdump var="#variables#" label="AES/CBC/PKCS5Padding Results" />
<cfabort>

Verison 10 is different from 9 because they run on different servlet containers. CF 10 uses Tomcat, CF 9 uses JRun, so things are in different places.
\\ColdFusion10\jre\lib\security seems like the correct locaiton for the policy files to me. I actually gave you the wrong locations in my original post (sorry about that). According to the installation instructions they belong in <java-home>\lib\security, which is looks like you've found.
So something else is wrong. Here are some things to look at, in no particular order:
1. Are you using a JVM other than the Java 1.6 that comes with CF10?
2. Did you restart Tomcat after coping the files in?
3. Note that I keep saying FILES, did you copy BOTH of th .jar files from the JCE folder you unzipped into the security directory. It should have prompted you to overwrite existing files.
4. Did you try unzipping the files and copying them in again, on the chance that they did not overwrite the originals?
Sorry, I don't have CF10 installed to give this a try. But I have no reason to believe that it would not work in 10. It's all just JCA/JCE on the underlying JAVA, and I have heard no reports from anyone else that it doesn't work.
Jason

Cisco CUBE supports AES-256 Encryption?

Hi guys,
Same as the title ,
does the cisco CUBE SBC functionality support AES-256 encryption for SRTP and TLS?
Thanks

Standard is AES/128 this is by IEEE-802.11-2007 and this is what the WLC supports and AS most WLAN equipment.
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin

Windows 8.1 Pro Bitlocker AES 256-bit cypher question

Hi, all
Have an odd situation I cannot make any sense of. I have a desktop PC running Windows 8.1 Pro. I launched gpedit.msc and changed Bitlocker’s cypher strength from the default AES 128-bit to AES 256-bit.
I then connected a brand new Western Digital 4TB external drive (model WDBFJK0040HBK-04) to the PC via USB 3.0, and Bitlocker-encrypted the drive. Opened a command prompt window as administrator, ran “manage-bde –status” for the drive in question,
which indicated the drive was encrypted with the 128 bit cypher strength, instead of 256 bits, as I had selected. Have unencrypted, rebooted and re-encrypted the drive time and again, always with the same results.
When connecting the same external 4TB drive to a Windows Server 2012 R2 Essentials in which I had made the exact same changes via gpedit.msc,
I can encrypt it with the 256-bit cypher strength, with no problems.
No TPM is used in either scenario, just a passphrase.
Anyone has any idea why my 256-bit setting is being ignored in the Windows 8.1 Pro machine?
Thanks
Arsene
ArseneL

Well, running rsop.msc in my Server 2012 R2 machine does show my 256-bit bitlocker setting took, however, running rsop.msc in my Win 8.1 Pro machine shows it did not, which explains the problem I am having.
Now all I have to do is find out why my request is not taking, even though I am logged in as an admin.
Thanks!!
ArseneL

Jrockit and AES-256

I can not encrypt with AES 256 with JROCKIT *"jrockit-jdk1.6.0_22-R28.1.1-4.0.1"*
The "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files" is only for the ex SUN JAVA or I can use it with JROCKIT too ?
Is there any (JCE) Unlimited Strength Jurisdiction Policy Files for Jrockit?
Any suggestions?
Thanks in advance
Jordán

You could try it and see if it works. The files look like drop-in replacements for what comes distributed with JRockit - but you still need to verify it with a test.
Arshad Noor
StrongAuth, Inc.
P.S. One way or the other, do update this thread so future readers benefit from it.

Generating AES 256 bit key using seed

Hi
As part of encryption requirements for encrypting the body of the SOAP Message while calling an external Web Service, it is requried to encrypt using a shared symmetric key.
First step is to create a password digest
Base64(sha1(nonce + createdTimestamp + password)) - This step is working completely fine and produces a 160 bit Hash
The next step is to generate an AES 256 bit key using the above hash as the Seed. This should generate a 256 bit encrytpion key which can then be used to encrypt the message body.
Would appreciate if anyone who knows how to generate AES 256 bit key using a hash seed in Java (v1.4.2) can provide some guidance.
P:S. I am using WSS4J API to use WS-Security

I have to generate 256-bit AES key with a 128-bit IV using the above password digest and the IV used for in the creation of the AES key prefixes the cipher text.
The external WebService is .net webservice.
Edited by: GUPTAG on Nov 25, 2008 3:05 AM

AES-256 user home directory sparse image bundle in Lion?

Snow Leopard and previous had file vault to protect users' home directories as, I believe, AES-128-encrypted sparse image bundles. As I understand it now, under Lion, the options are to enable AES-128 whole disk encryption, or, if upgrading an existing snow leopard machine with a legacy file vault user account, to maintain that legacy file vault user home directory. However, under this second approach, additional users' home directories cannot be individually "file-vaulted" and instead, would require that legacy file vault be decrytped and then the entire disk be encrypted.
I am thinking that it would be advantageous from a security standpoint if an individual user home directory could remain encrypted, if that user were not actively logged in. Then, all contents would be inaccessible to other users, including administratively privileged users, and also that user's home directory would remain encrypted when the computer was turned on and booted up because as I understand it, file vault 2's real strength lies in protecting "data at rest" versus "data on a powered up and mounted file vault 2 volume".
To that end, I am wondering, regardless of whether file vault 2 is enabled or not, whether an existing user home directory and all of its contents be converted to an AES-256-encrypted sparse image bundle, using Disk Utility, and exist at the /Users directory space, mounting and decrypting "on the fly" from the login window at user login just like how a legacy file vault home directory is treated under snow leopard, independently of whether file vault 2 was enabled on the whole disk or not. This would also permit later addition/conversion of another "file vaulted" user account whether fle vault 2 were enabled or not.
To recap, an AES-256-encrypted sparse image bundle that would mount upon user login just like a legacy file vault user home directory does. Does anyone know if something like that is doable, and has that road already been travelled successfully? If so, I'd love to read a step-by-step, play-by-play, set of instructions on how to do just that.

I think I got a solution worked out. I don't mind if things get installed in /opt as long as pacman tracks it, and I found ruby-enterprise-rmagick in the AUR as an orphan. I adopted it, updated it, installed it, and it's working great with my code.

AES-256 Security Provider ??

Hi,
Our company is using a tool called AdvenetNet WebNMS to create a network management system.
However, there is one particular section in the developer guide that refers to working with "providers" to support privacy in SNMPv3. Our software group would like to use AES-256 for the privacy.
The Advenetnet site says you can use "Cryptix or SunJCE" as a provider. I tried to look up Cryptix, but, didn't find much documentation on it. I downloaded the source, and didn't really see anything referring to AES-256, however, i saw many different types.
Can anyone give any ideas on what exactly i would need to do ? First of all, will Cryptix help me at all? (Is it a provider that supports AES-256) ? If not, is it difficult to create my own AES-256 provider (following the tutorial on Sun's website) ?
If anyone can clear up my confusion on providers, etc.... that would be great!
I'm pretty new to Java, and i found this link on Sun's web:
http://java.sun.com/j2se/1.4.2/docs/guide/security/HowToImplAProvider.html
Link to Adventnet description:
http://www.adventnet.com/products/webnms/help/developer_guide/management_protservices/mgmnt_protocols/snmp/proto_security_pack_snmpv3.html

This is where i'm getting confused. We are currently using JRE 1.5 for development. So, you're saying, with this version, AES 256 is already included.Yes.
>
According to the Adventnet documentation (in the link in my initial post), it has a blurb regarding JCE installation, etc by modifying the java.security file. Is this file already setup for me since i'm using java 1.5 ? If this is the case, do i technically need to do anything to get the AES - 256 (from a java side of things) to work? No need to modify the java.security file - the SunJCE provider is included by default.
>
There is little to no documentation on getting the SNMPv3 (from AdvenetNet) to use AES-256. They just refer to 'using a provider' because they don't support AES-256. I guess i'm also confused on how to get the AdventNet product to actually select to use AES-256 . I'll have to contact them regarding that.I know only a little about SNMPv3 and even less about AdvenetNet. I do wonder why you think you need AES 256. What is so secret about your data that you need twice as many bits as the industry norm. Even people playing really safe use only a 192 bit AES.

AES-256, BouncyCastle, Sun Crypto Providers, Default Padding

Hi,
The subject alsmost says it all, but in a nutshell, I would like to use BC for AES-256. I also wanted to compare the ciphered outputs from both BC and SUN to make sure everything was working ok (I have installed the Unlimited Strength Jurisdiction Policy Files 6 for the Sun JRE 6).
I have noticed the following, when the data input is a multiple of 16, the ciphered data generated by both engines are the same (Sun = AES, BC = PaddedBufferedBlockCipher(AES Engine) + PKCS7Padding).
However, when the data input is not of a multiple of 16 - the ciphered output is different.
Hence my question: What is the default padding and mode used by the Sun JCE when doing a getInstance("AES") ?
How to make sure that the ciphered data is the same for both engines, regardless of the data input length pls?
Thx

Hi,
So what is the problem with using the BC provider?
The problem with using the BC provider is that if you have a web started application, the lambda user should not worry about installing an extra set of files for the JRE. And that lambda user might not know at all how to install the policy file as well. (Note that this policy is only required on Windows - works fine on Mac). All of this for AES-256 should be transparent.
Code for Sun JCE
public String encryptToBase64(String data) throws Exception {
          Cipher cipher = Cipher.getInstance(aesCipher); // "AES"
         cipher.init(Cipher.ENCRYPT_MODE, secretKey);
         final byte[] newData = EncryptionUtils.getBytes(data);
         final byte[] edata = cipher.doFinal(newData);
         return Base64.encodeBase64String(edata);
Code for BC Provider works fine (with policy) - same output
Only difference comes from:
Security.addProvider(new BouncyCastleProvider());and
Cipher cipher = Cipher.getInstance(aesCipher, "BC");What I am just trying to do is to use the BC API directly - no provider - so that my AES-256 ciphered output is the same that the Sun and BC provider with policy installed.
I managed to do it - but by padding manually the data myself so that it is a multiple of 16 in length (I would llike to avoid this):
public String encryptToBase64(String data) throws Exception {
          final byte[] newData = EncryptionUtils.getBytes(data);
          return Base64.encodeBase64String(encode(newData));
}     private byte[] encode(byte[] inputBytes) throws Exception {
         final BufferedBlockCipher cipher = getCipher(true);
         final byte[] outputBytes = new byte[cipher.getOutputSize(inputBytes.length)];
         int outputLen = cipher.processBytes(inputBytes, 0, inputBytes.length, outputBytes, 0);
         outputLen += cipher.doFinal(outputBytes, outputLen);
         final byte[] finalBytes = new byte[outputLen];
         System.arraycopy(outputBytes, 0, finalBytes, 0, outputLen);
         return finalBytes;
private BufferedBlockCipher getCipher(final boolean forEncryption) {
          final BlockCipher aesEngine = new AESEngine();
          final BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(aesEngine, new PKCS7Padding());
         cipher.init(forEncryption, new KeyParameter(rawKey));
         return cipher;
}with
public class EncryptionUtils {
     public static final int DEFAULT_BLOCK_SIZE = 16;
     public static final String pad = "                ";
     public static byte[] getBytes(final String str) {
          if (str.length() == DEFAULT_BLOCK_SIZE) {
               return str.getBytes();
          final int padding = 16 - str.length() % 16;
          final int newSize = str.length() + padding;
          return (str + pad).substring(0, newSize).getBytes();
}Apologies if I was not clear.
On top of that - if your code is deciphered on Android for ex, using BC makes sense as I think it is the provider for Android.
thx

Help enabling AES 256-bit cipher suites

I can't seem to create an SSLServerSocket with the 2 AES 256-bit cipher suites that are supposed to be available in JDK1.4.2. As you can see in the following code, the SSLServerSocket, ss, is enabled with the 2 AES_256 cipher suites. But, when ss.getEnabledCipherSuites() is invoked, those 2 suites aren't listed. What's up?
Also, what is this SSLv2Hello that I can't seem to get rid of?
    String[] PROTOCOLS = {"SSLv3", "TLSv1"};
    String[] CIPHER_SUITES = {"TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
                              "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
                              "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
                              "TLS_RSA_WITH_AES_256_CBC_SHA",
                              "TLS_RSA_WITH_AES_128_CBC_SHA",
                              "SSL_RSA_WITH_3DES_EDE_CBC_SHA"};// create an SSLServerSocket ss
        SSLContext context = SSLContext.getInstance("TLS", "SunJSSE");
        context.init(myKeyManagers, myTrustManagers, SecureRandom.getInstance("SHA1PRNG", "SUN"));
        SSLServerSocketFactory ssFactory = context.getServerSocketFactory();
        SSLServerSocket ss = ssFactory.createServerSocket();
        ss.setEnabledProtocols(PROTOCOLS);
        ss.setEnabledCipherSuites(CIPHER_SUITES);// output a bunch of useful debugging information
        System.out.println(System.getProperty("java.version") + "\n");
        Provider[] providers = Security.getProviders();
        for(int i=0; i < providers.length; ++i)
            System.out.println(providers[i] + "\n" + providers.getInfo() + "\n********************");
String[] enabledProtocols = ss.getEnabledProtocols();
for(int i=0; i < enabledProtocols.length; ++i)
System.out.println(enabledProtocols[i]);
String[] enabledCipherSuites = ss.getEnabledCipherSuites();
for(int i=0; i < enabledCipherSuites.length; ++i)
System.out.println(enabledCipherSuites[i]);
OUTPUT
1.4.2
SUN version 1.42
SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 certificates; JKS keystore; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores)
SunJSSE version 1.42
Sun JSSE provider(implements RSA Signatures, PKCS12, SunX509 key/trust factories, SSLv3, TLSv1)
SunRsaSign version 1.42
SUN's provider for RSA signatures
SunJCE version 1.42
SunJCE Provider (implements DES, Triple DES, AES, Blowfish, PBE, Diffie-Hellman, HMAC-MD5, HMAC-SHA1)
SunJGSS version 1.0
Sun (Kerberos v5)
SSLv2Hello
SSLv3
TLSv1
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA

Now I get an Exception when I run the same program.
OUTPUT
1.4.2
SUN version 1.42
SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 certificates; JKS keystore; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores)
SunJSSE version 1.42
Sun JSSE provider(implements RSA Signatures, PKCS12, SunX509 key/trust factories, SSLv3, TLSv1)
SunRsaSign version 1.42
SUN's provider for RSA signatures
SunJCE version 1.42
SunJCE Provider (implements DES, Triple DES, AES, Blowfish, PBE, Diffie-Hellman, HMAC-MD5, HMAC-SHA1)
SunJGSS version 1.0
Sun (Kerberos v5)
java.lang.IllegalArgumentException: Cannot support TLS_DHE_RSA_WITH_AES_256_CBC_SHA with currently installed providers
        at com.sun.net.ssl.internal.ssl.CipherSuiteList.<init>(DashoA6275)
        at com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.setEnabledCipherSuites(DashoA6275)
        at test.util.ConcreteSSLServerSocketFactory.initSocket(ConcreteSSLServerSocketFactory.java:111)
        at test.util.ConcreteSSLServerSocketFactory.createServerSocket(ConcreteSSLServerSocketFactory.java:100)
        at test.Test.main(Test.java:111)
Exception in thread "main"

Monitoring AES-256 on CiscoWorks VMS 2.3

We want to monitor our AES-256 VPN tunnels for our environment using CiscoWorks VMS 2.3. Our AES-256 VPN peers is a VPN concentrator with multiple PIX firewalls to our remote sites(hub and spoke design). Will CiscoWorks VMS 2.3 support this architecture for VPN monitoring?
Thanks in advance,
Erwin

The management functions for firewalls, Network IPS, Cisco Security Agents, VPNs, security monitoring, and performance monitoring have been updated with new features or usability improvements. Management Center for IDS Sensors is called Management Center for IPS Sensors for its increased IPS focus. The installation of VMS is faster and more streamlined. Management support for router-based IPS signatures has been added to extend security to the network infrastructure.
http://www.cisco.com/en/US/products/sw/cscowork/ps2330/products_installation_guide_chapter09186a00804d137d.html

AIR-AP1131AG-I-K9 support AES 256 bit ?

hi,
I have several AP devices:
Product/Model Number: AIR-AP1131AG-I-K9
System Software Filename: c1130-k9w7-tar.124-3g.JA
System Software Version: 12.4(3g)JA
Bootloader Version: 12.3(8)JEA
i need to know if AES 256 bit is supported by this devices and if the current software need to upgrade for that.
Regards,

HI Ben,
As per my knowledge this Software dont support 256 bit key size.
Here is the link:http://www.cisco.com/c/en/us/td/docs/wireless/access_point/12-4_3g_JA/configuration/guide/ios1243gjaconfigguide/s43wep.html
another version: 12.3(8)JA supports 256 bit key size to protect data traffic,
http://www.cisco.com/c/en/us/td/docs/wireless/access_point/12-3_8_JA/configuration/guide/1238jasc/s38wep.html
Regards
Don't forget to rate helpful posts

AES 256 Revision 6 (PDF 2.0) Encryption

Similar Messages

Maybe you are looking for