Gnu-crypto PKCS7 NegativeArraySizeException
Hi guys, i read a lot of topics in the forum, but i cant find something that
could help me, so i post a topics. I hope somebody help me.
Im trying to do a simple PKCS7 padding using gnu-crypto, but when
a run the padding example that come with the distribution of gnu-cypto
i got a NegativeArraySizeException. Thers's anybody here with the same error?
If you can please help me, i read the gnu-cypto documentation, but i cant
do the code run ok.
When reaches padding.pad the exception is thrown... :(
what am i doing wrong????
<code>
IPad padding = PadFactory.getInstance("PKCS7");
byte[] input = inputString.getBytes("UTF8");
byte[] pad = padding.pad(input, 0, input.length);
byte[] pt = new byte[input.length + pad.length];
byte[] ct = new byte[pt.length];
byte[] cpt = new byte[pt.length];
System.arraycopy(input, 0, pt, 0, input.length);
System.arraycopy(pad, 0, pt, input.length, pad.length);
int unpad = padding.unpad(cpt, 0, cpt.length);
byte[] output = new byte[cpt.length - unpad];
System.arraycopy(cpt, 0, output, 0, output.length);
System.out.println("TEST " + input + " -- " + new String(output,"UTF8"));
</code>
<consoleOutput>
java.lang.NegativeArraySizeException
at gnu.crypto.pad.PKCS7.pad(PKCS7.java:113)
at org.Test.padding(Test.java:131)
at org.Test.main(Test.java:48)
</consoleOutput>
You have not published enough code. You have not published the error messages.
Similar Messages
-
Encryption using gnu.crypto package
Hello,
I have a program which implements a DES algorithm for encrypting files.
The program makes use of the following:
gnu.crypto.Registry;
gnu.crypto.Properties;
gnu.crypto.util.Util;
which are used in statements, for instance:
-> Util.toBytesFromString("011F1F01010E0E01");
and
-> boolean check = Properties.checkForWeakKeys();
and
-> *public DES() {*
super(Registry.DES_CIPHER, BLOCK_SIZE, KEY_SIZE);
However, when i tried to compile this program on jdk.1.6, the complier simply couldn't recognize any of the above statements, or for that matter, any statement that makes use of gnu.crypto.*;
I tried compiling it on jdk 1.3 and on jdk1.5, but in vain.
Can u please help me out with this?
DO i need anything extra to be imported? or do i need a different version of jdk?You have not published enough code. You have not published the error messages.
-
GSS-API/Kerberos v5 Authentication - Example throws strange exception
Hi There,
When II'm trying to run the GSS-API example I get this exception:
java.lang.SecurityException: D:\Program Files\jdk1.2.2\jre\lib\security\HBJAASLogin.config (The system cannot find the file specified)
I know that the exception is thrown because it cannot find the file: HBJAASLogin.config
The strangest thing is that I don't have that file, if I search for it on the NET it isn't found anywhere ?!?
And on the code there's no mention of the file ???
Why does it need the file?
Thank You
Pinhohi,
i am very sorry to disturb you..
already i sent this problem to [email protected]
but i not able to see my mail in users archives.
so i am forwarding this.
i don't know how to forward this to forum
please help me
Thanks and Regards
kumar
-----Original Message-----
From: kumar [mailto:[email protected]]
Sent: Wednesday, April 10, 2002 6:17 PM
To: [email protected]
Subject: Compilation error :: please help me.. it is urgent
hi ,
I downloaded following version of openssl and during compilation, i got the following error.
openssl-engine-0.9.6c.
i got the same result with version openssl-0.9.6 also
Step : Compile OpenSSL
C:\kumar\openssl-engine-0.9.6c.tar\openssl-engine-0.9.6c> ms\mingw32
C:\kumar\openssl-engine-0.9.6c.tar\openssl-engine-0.9.6c>perl Configure Mingw32
Configuring for Mingw32
IsWindows=1
CC =gcc
CFLAG =-DTHREADS -DDSO_WIN32 -DL_ENDIAN -fomit-frame-pointer -O3 -m486
-Wall
EX_LIBS =
BN_ASM =bn_asm.o
DES_ENC =des_enc.o fcrypt_b.o
BF_ENC =bf_enc.o
CAST_ENC =c_enc.o
RC4_ENC =rc4_enc.o
RC5_ENC =rc5_enc.o
MD5_OBJ_ASM =
SHA1_OBJ_ASM =
RMD160_OBJ_ASM=
PROCESSOR =
RANLIB =true
PERL =perl
THIRTY_TWO_BIT mode
DES_PTR used
DES_RISC1 used
DES_UNROLL used
BN_LLONG mode
RC4_INDEX mode
RC4_CHUNK is undefined
Configured for Mingw32.
Generating x86 for GNU assember
Bignum
DES
crypt
Blowfish
CAST5
RC4
MD5
SHA1
RIPEMD160
RC5\32
Generating makefile
Generating DLL definition files
Building OpenSSL
mkdir tmp
mkdir out
mkdir outinc
mkdir outinc\openssl
copy .\crypto\cryptlib.h tmp\cryptlib.h
1 file(s) copied.
copy .\crypto\buildinf.h tmp\buildinf.h
1 file(s) copied.
copy .\crypto\md32_common.h tmp\md32_common.h
1 file(s) copied.
copy .\crypto\md4\md4_locl.h tmp\md4_locl.h
1 file(s) copied.
copy .\crypto\md5\md5_locl.h tmp\md5_locl.h
1 file(s) copied.
copy .\crypto\sha\sha_locl.h tmp\sha_locl.h
1 file(s) copied.
copy .\crypto\ripemd\rmd_locl.h tmp\rmd_locl.h
1 file(s) copied.
copy .\crypto\ripemd\rmdconst.h tmp\rmdconst.h
1 file(s) copied.
copy .\crypto\des\des_locl.h tmp\des_locl.h
1 file(s) copied.
copy .\crypto\des\rpc_des.h tmp\rpc_des.h
1 file(s) copied.
copy .\crypto\des\spr.h tmp\spr.h
1 file(s) copied.
copy .\crypto\des\des_ver.h tmp\des_ver.h
1 file(s) copied.
copy .\crypto\rc2\rc2_locl.h tmp\rc2_locl.h
1 file(s) copied.
copy .\crypto\rc4\rc4_locl.h tmp\rc4_locl.h
1 file(s) copied.
copy .\crypto\rc5\rc5_locl.h tmp\rc5_locl.h
1 file(s) copied.
copy .\crypto\idea\idea_lcl.h tmp\idea_lcl.h
1 file(s) copied.
copy .\crypto\bf\bf_pi.h tmp\bf_pi.h
1 file(s) copied.
copy .\crypto\bf\bf_locl.h tmp\bf_locl.h
1 file(s) copied.
copy .\crypto\cast\cast_s.h tmp\cast_s.h
1 file(s) copied.
copy .\crypto\cast\cast_lcl.h tmp\cast_lcl.h
1 file(s) copied.
copy .\crypto\bn\bn_lcl.h tmp\bn_lcl.h
1 file(s) copied.
copy .\crypto\bn\bn_prime.h tmp\bn_prime.h
1 file(s) copied.
copy .\crypto\bio\bss_file.c tmp\bss_file.c
1 file(s) copied.
copy .\crypto\objects\obj_dat.h tmp\obj_dat.h
1 file(s) copied.
copy .\crypto\conf\conf_def.h tmp\conf_def.h
1 file(s) copied.
copy .\ssl\ssl_locl.h tmp\ssl_locl.h
1 file(s) copied.
copy .\apps\apps.h tmp\apps.h
1 file(s) copied.
copy .\apps\progs.h tmp\progs.h
1 file(s) copied.
copy .\apps\s_apps.h tmp\s_apps.h
1 file(s) copied.
copy .\apps\testdsa.h tmp\testdsa.h
1 file(s) copied.
copy .\apps\testrsa.h tmp\testrsa.h
1 file(s) copied.
copy .\.\e_os.h outinc\openssl\e_os.h
1 file(s) copied.
copy .\.\e_os2.h outinc\openssl\e_os2.h
1 file(s) copied.
copy .\crypto\crypto.h outinc\openssl\crypto.h
1 file(s) copied.
copy .\crypto\tmdiff.h outinc\openssl\tmdiff.h
1 file(s) copied.
copy .\crypto\opensslv.h outinc\openssl\opensslv.h
1 file(s) copied.
copy .\crypto\opensslconf.h outinc\openssl\opensslconf.h
1 file(s) copied.
copy .\crypto\ebcdic.h outinc\openssl\ebcdic.h
1 file(s) copied.
copy .\crypto\symhacks.h outinc\openssl\symhacks.h
1 file(s) copied.
copy .\crypto\md2\md2.h outinc\openssl\md2.h
1 file(s) copied.
copy .\crypto\md4\md4.h outinc\openssl\md4.h
1 file(s) copied.
copy .\crypto\md5\md5.h outinc\openssl\md5.h
1 file(s) copied.
copy .\crypto\sha\sha.h outinc\openssl\sha.h
1 file(s) copied.
copy .\crypto\mdc2\mdc2.h outinc\openssl\mdc2.h
1 file(s) copied.
copy .\crypto\hmac\hmac.h outinc\openssl\hmac.h
1 file(s) copied.
copy .\crypto\ripemd\ripemd.h outinc\openssl\ripemd.h
1 file(s) copied.
copy .\crypto\des\des.h outinc\openssl\des.h
1 file(s) copied.
copy .\crypto\rc2\rc2.h outinc\openssl\rc2.h
1 file(s) copied.
copy .\crypto\rc4\rc4.h outinc\openssl\rc4.h
1 file(s) copied.
copy .\crypto\rc5\rc5.h outinc\openssl\rc5.h
1 file(s) copied.
copy .\crypto\idea\idea.h outinc\openssl\idea.h
1 file(s) copied.
copy .\crypto\bf\blowfish.h outinc\openssl\blowfish.h
1 file(s) copied.
copy .\crypto\cast\cast.h outinc\openssl\cast.h
1 file(s) copied.
copy .\crypto\bn\bn.h outinc\openssl\bn.h
1 file(s) copied.
copy .\crypto\rsa\rsa.h outinc\openssl\rsa.h
1 file(s) copied.
copy .\crypto\dsa\dsa.h outinc\openssl\dsa.h
1 file(s) copied.
copy .\crypto\dso\dso.h outinc\openssl\dso.h
1 file(s) copied.
copy .\crypto\dh\dh.h outinc\openssl\dh.h
1 file(s) copied.
copy .\crypto\buffer\buffer.h outinc\openssl\buffer.h
1 file(s) copied.
copy .\crypto\bio\bio.h outinc\openssl\bio.h
1 file(s) copied.
copy .\crypto\stack\stack.h outinc\openssl\stack.h
1 file(s) copied.
copy .\crypto\stack\safestack.h outinc\openssl\safestack.h
1 file(s) copied.
copy .\crypto\lhash\lhash.h outinc\openssl\lhash.h
1 file(s) copied.
copy .\crypto\rand\rand.h outinc\openssl\rand.h
1 file(s) copied.
copy .\crypto\err\err.h outinc\openssl\err.h
1 file(s) copied.
copy .\crypto\objects\objects.h outinc\openssl\objects.h
1 file(s) copied.
copy .\crypto\objects\obj_mac.h outinc\openssl\obj_mac.h
1 file(s) copied.
copy .\crypto\evp\evp.h outinc\openssl\evp.h
1 file(s) copied.
copy .\crypto\asn1\asn1.h outinc\openssl\asn1.h
1 file(s) copied.
copy .\crypto\asn1\asn1_mac.h outinc\openssl\asn1_mac.h
1 file(s) copied.
copy .\crypto\pem\pem.h outinc\openssl\pem.h
1 file(s) copied.
copy .\crypto\pem\pem2.h outinc\openssl\pem2.h
1 file(s) copied.
copy .\crypto\x509\x509.h outinc\openssl\x509.h
1 file(s) copied.
copy .\crypto\x509\x509_vfy.h outinc\openssl\x509_vfy.h
1 file(s) copied.
copy .\crypto\x509v3\x509v3.h outinc\openssl\x509v3.h
1 file(s) copied.
copy .\crypto\conf\conf.h outinc\openssl\conf.h
1 file(s) copied.
copy .\crypto\conf\conf_api.h outinc\openssl\conf_api.h
1 file(s) copied.
copy .\crypto\txt_db\txt_db.h outinc\openssl\txt_db.h
1 file(s) copied.
copy .\crypto\pkcs7\pkcs7.h outinc\openssl\pkcs7.h
1 file(s) copied.
copy .\crypto\pkcs12\pkcs12.h outinc\openssl\pkcs12.h
1 file(s) copied.
copy .\crypto\comp\comp.h outinc\openssl\comp.h
1 file(s) copied.
copy .\crypto\engine\engine.h outinc\openssl\engine.h
1 file(s) copied.
copy .\ssl\ssl.h outinc\openssl\ssl.h
1 file(s) copied.
copy .\ssl\ssl2.h outinc\openssl\ssl2.h
1 file(s) copied.
copy .\ssl\ssl3.h outinc\openssl\ssl3.h
1 file(s) copied.
copy .\ssl\ssl23.h outinc\openssl\ssl23.h
1 file(s) copied.
copy .\ssl\tls1.h outinc\openssl\tls1.h
1 file(s) copied.
copy .\rsaref\rsaref.h outinc\openssl\rsaref.h
1 file(s) copied.
gcc -o tmp\cryptlib.o -Ioutinc -Itmp -O3 -fomit-frame-pointer -DDSO_WIN32 -c .
\crypto\cryptlib.c
process_begin: CreateProcess((null), gcc -o tmp\cryptlib.o -Ioutinc -Itmp -O3 -f
omit-frame-pointer -DDSO_WIN32 -c .\crypto\cryptlib.c, ...) failed.
make (e=2): The system cannot find the file specified.
make: *** [tmp\cryptlib.o] Error 2
You can ignore the error messages above
1 file(s) copied.
Building the libraries
Building OpenSSL
gcc -o tmp/cryptlib.o -Ioutinc -Itmp -DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointe
r -O3 -m486 -Wall -DBN_ASM -DMD5_ASM -DSHA1_ASM -c ./crypto/cryptlib.c
process_begin: CreateProcess((null), gcc -o tmp/cryptlib.o -Ioutinc -Itmp -DL_EN
DIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -m486 -Wall -DBN_ASM -DMD5_ASM -DSHA1_
ASM -c ./crypto/cryptlib.c, ...) failed.
make (e=2): The system cannot find the file specified.
make: *** [tmp/cryptlib.o] Error 2
C:\kumar\openssl-engine-0.9.6c.tar\openssl-engine-0.9.6c>
Note :
As per readme instruction,
i am using following
1. GNU C (Mingw32) :
gcc-2.95.2-msvcrt.exe
make-3.76.1.zip
2. ActivePerl-5.6.1.631-MSWin32-x86.msi
what is the work around? is there any mistake from my side?
please help me.. it is urgent
Thanks and Regards
kumar -
Error while passing keystorePass value in tomcat server.xml
Hi,
I have created keystore in jdk 1.5.0_17 by the following commands::::
keytool -genkey -alias tomcat -keyalg RSA
But when i am trying to see the keytool list it is showing
Key store type: gkr
Key store provider: GNU-CRYPTO
And when i pass keystorePass in tomcat for ssl connection, I am not able to access https. Its showing error as invalid .keystore format.
Kindly help me out in this regard.My java_home is set to the path where i have installed sun jdk.Irrelevant. What does java -version print out. What does keytool -J-version print out?
I do not understand how r u saying that i am still using gnu java?BECAUSE IT PRINTED GNU-CRYPTO.
Can you please tell how to know where gnu java is installedI have no idea, but everybody else I've given this advice to has managed to figure it out. -
How to install sun studio 12 under Centos 5???
HI, all,
I am trying to install Sun Studio 12 into Centos 5. The followings are what I did:
1. Download sun studio 12 package by selecting Linex (x86) for Centos from web site and save this package under /var/tmp.
2. I used bzcat to unpack this package by:
bzcat < SunStudio12ml-linux-x86-200709-pkg.tar.bz2 | /bin/tar xvf -
3. I did prepare_system before installation by:
./prepare_system [-d /opt/sun/ ] [-R /var/tmp/ ] [-C | -s netbeans | java | patches | all_patches | jdk_patches | all | print_needed_steps ]
where [-d /opt/sun/ ] is the directory where all missing softwares will be installed, [-R /var/tmp/ ] is the directory where unpacked programs are saved.
After running prepare_system, the resposes are:
bash: -s: command not found
bash: patches: command not found
bash: all_patches: command not found
bash: all: command not found
bash: print_needed_steps: command not found
bash: jdk_patches: command not found
*Usage: gij [OPTION] ... CLASS [ARGS] ...*
to invoke CLASS.main, or
*gij -jar [OPTION] ... JARFILE [ARGS] ...*
to execute a jar file
*Try `gij --help' for more information.*
4. I started to use installer with command line to install the sun studio 12 by:
./installer -nodisplay
The result shows me some exceptions and installation is failed as:
Exception in thread "Thread-1" java.awt.HeadlessException
at java.awt.dnd.DropTarget.<init>(libgcj.so.7rh)
at java.awt.dnd.DropTarget.<init>(libgcj.so.7rh)
at javax.swing.JComponent.<init>(libgcj.so.7rh)
at javax.swing.JPanel.<init>(libgcj.so.7rh)
at javax.swing.JPanel.<init>(libgcj.so.7rh)
at com.sun.wizards.core.WizardComponent.<init>(WizardComponent.java:159)
at com.sun.wizards.core.WizardComposite.<init>(WizardComposite.java:83)
at com.sun.wizards.core.WizardTreeManager.createWizardPanel(WizardTreeManager.java:890)
at com.sun.wizards.core.WizardTreeManager.<init>(WizardTreeManager.java:325)
at com.sun.wizards.core.CommandLineConsole.run(CommandLineConsole.java:75)
at java.lang.Thread.run(libgcj.so.7rh)
Task Failed: java.lang.NullPointerException
java.lang.NullPointerException
at java.lang.Class.isAssignableFrom(libgcj.so.7rh)
at java.util.ResourceBundle.tryBundle(libgcj.so.7rh)
at java.util.ResourceBundle.tryBundle(libgcj.so.7rh)
at java.util.ResourceBundle.getBundle(libgcj.so.7rh)
at java.util.ResourceBundle.getBundle(libgcj.so.7rh)
at com.sun.setup.util.wbResource.getString(wbResource.java:212)
at com.sun.setup.util.wbResource.getString(wbResource.java:132)
at com.sun.setup.util.setupInitializationTask.perform(setupInitializationTask.java:88)
at com.sun.wizards.core.Sequence.perform(Sequence.java:343)
at com.sun.wizards.core.SequenceManager.run(SequenceManager.java:226)
at java.lang.Thread.run(libgcj.so.7rh)
I followed installation instructions to install sun studio 12 under Centos 5. I can not make it. However, I made it under Solaries system.
So, is there any special for Centos 5?
Hunter 3DHi,
Thank you for your helps.
According to your suggestions, I downloaded JDK 6 update 10 RC, specifical in Linux platform : self-extracting JDK file named:
jdk-6u10-bin-b28-linux-i586-21-jul-2008.bin
I saved downloading under the directory where sun studio is located.
I used
yum search jdk
to find jdk exists in Centos 5.2 shown as the message as:
[root@localhost sun]# yum search jdk
Loading "priorities" plugin
Loading "fastestmirror" plugin
Loading mirror speeds from cached hostfile
* rpmforge: ftp-stud.fht-esslingen.de
* base: mirror.raystedman.net
* updates: mirror.raystedman.net
* addons: mirror.voxitas.com
* extras: mirror.raystedman.net
0 packages excluded due to repository priority protections
jakarta-commons-launcher.i386 : The Launcher Component is designed to be a cross platform Java application launcher.
jakarta-commons-collections.i386 : Jakarta Commons Collections Package
mockobjects-alt-jdk1.4.i386 : Mockable API for JDK 1.4
jakarta-commons-beanutils.i386 : Jakarta Commons BeanUtils Package
gnu-crypto-sasl-jdk1.4.i386 : Gnu Crypto SASL API
ldapjdk.i386 : The Mozilla LDAP Java SDK
ldapjdk-javadoc.i386 : Javadoc for ldapjdk
mockobjects-jdk1.4.i386 : MockObjects for 1.4 JDK
I used
./installer -nodisplay
to install sun studio 12 and error message show as:
[root@localhost sun]# ./installer -nodisplay
Exception in thread "Thread-1" java.awt.HeadlessException
at java.awt.dnd.DropTarget.<init>(libgcj.so.7rh)
at java.awt.dnd.DropTarget.<init>(libgcj.so.7rh)
at javax.swing.JComponent.<init>(libgcj.so.7rh)
at javax.swing.JPanel.<init>(libgcj.so.7rh)
at javax.swing.JPanel.<init>(libgcj.so.7rh)
at com.sun.wizards.core.WizardComponent.<init>(WizardComponent.java:159)
at com.sun.wizards.core.WizardComposite.<init>(WizardComposite.java:83)
at com.sun.wizards.core.WizardTreeManager.createWizardPanel(WizardTreeManager.java:890)
at com.sun.wizards.core.WizardTreeManager.<init>(WizardTreeManager.java:325)
at com.sun.wizards.core.CommandLineConsole.run(CommandLineConsole.java:75)
at java.lang.Thread.run(libgcj.so.7rh)
Task Failed: java.lang.NullPointerException
java.lang.NullPointerException
at java.lang.Class.isAssignableFrom(libgcj.so.7rh)
at java.util.ResourceBundle.tryBundle(libgcj.so.7rh)
at java.util.ResourceBundle.tryBundle(libgcj.so.7rh)
at java.util.ResourceBundle.getBundle(libgcj.so.7rh)
at java.util.ResourceBundle.getBundle(libgcj.so.7rh)
at com.sun.setup.util.wbResource.getString(wbResource.java:212)
at com.sun.setup.util.wbResource.getString(wbResource.java:132)
at com.sun.setup.util.setupInitializationTask.perform(setupInitializationTask.java:88)
at com.sun.wizards.core.Sequence.perform(Sequence.java:343)
at com.sun.wizards.core.SequenceManager.run(SequenceManager.java:226)
at java.lang.Thread.run(libgcj.so.7rh)
So, please tell me what I will do.
Thank you. -
Code working in Windows, Problems in Linux
I am using the following lines of code in Windows for the required encryption
KeySpec keySpec = new PBEKeySpec(passPhrase.toCharArray(), this.salt, this.iterationCount);
this.key = SecretKeyFactory.getInstance("PBEWithMD5AndDES").generateSecret(keySpec);But this same code to get the key does not work in linux when I am using the same version on Java on both Windows and Linux. Do i need something more to get this thing working.
The Exception I got in Linux says : noSuchAlgorithmFound "PBEWithMD5AndDES"Hi again,
Yes I am using the same version of Java in both Windows and Linux. The version I am using is "1.5.0_06"
My code is as follows
import javax.crypto.*;
import javax.crypto.spec.*;
import java.io.*;
import java.security.spec.*;
public class EncryptFile
static public class EncryptionException extends Exception
private EncryptionException(String text, Exception chain)
super(text, chain);
public EncryptFile(String passPhrase) throws EncryptionException
try
KeySpec keySpec = new PBEKeySpec(passPhrase.toCharArray(), this.salt, this.iterationCount);
this.key = SecretKeyFactory.getInstance("PBEWithMD5AndDES").generateSecret(keySpec);
// Prepare the parameter to the ciphers
this.paramSpec = new PBEParameterSpec(this.salt, this.iterationCount);
this.encryptCipher = Cipher.getInstance(this.key.getAlgorithm());
this.encryptCipher.init(javax.crypto.Cipher.ENCRYPT_MODE, this.key, this.paramSpec);
this.decryptCipher = Cipher.getInstance(this.key.getAlgorithm());
this.decryptCipher.init(javax.crypto.Cipher.DECRYPT_MODE, this.key, this.paramSpec);
}catch(Exception e)
System.out.println(e);
synchronized public void encrypt(File sourceFile, File destinationFile) throws EncryptionException
try
encryptOrDecryptFile(encryptCipher, sourceFile, destinationFile);
catch (Exception e)
throw new EncryptionException("Problem encrypting '" + sourceFile + "' to '" + destinationFile + "'", e);
synchronized public void decrypt(File sourceFile, File destinationFile) throws EncryptionException
try
encryptOrDecryptFile(decryptCipher, sourceFile, destinationFile);
catch (Exception e)
throw new EncryptionException("Problem decrypting '" + sourceFile + "' to '" + destinationFile + "'", e);
private void encryptOrDecryptFile(Cipher cipher, File sourceFile, File destinationFile) throws Exception
InputStream istrm = new FileInputStream(sourceFile);
istrm = new javax.crypto.CipherInputStream(istrm, cipher);
OutputStream ostrm = new FileOutputStream(destinationFile);
ostrm = new BufferedOutputStream(ostrm);
byte[] buffer = new byte[65536];
for (int len = 0; (len = istrm.read(buffer)) >= 0;)
ostrm.write(buffer, 0, len);
ostrm.flush();
ostrm.close();
istrm.close();
public static void main(String[] args)
try
String line; // hold the input line
String merchantID;
String sourceFileAsString = null;
BufferedReader input = new BufferedReader( new InputStreamReader(System.in));
System.out.print("Enter the Merchant ID : ");
merchantID = input.readLine().trim();
merchantID = "secure" + merchantID + "connection";
System.out.println("-------------MENU-------------");
System.out.println("1 ---> Encrypt a file");
System.out.println("2 ---> Decrypt a file");
System.out.print("Enter your choice : ");
line = input.readLine();
line = line.trim();
if(line.equals("1")) //Encrypt a file
System.out.print("Enter file to be encrypted : ");
sourceFileAsString = input.readLine().trim();
File sourceFile = new File(sourceFileAsString);
File destinationFile = new File(sourceFileAsString + ".encrypted");
final EncryptFile cryptoAgent = new EncryptFile(merchantID);
cryptoAgent.encrypt(sourceFile, destinationFile);
else //Decrypt a file
System.out.print("Enter file to be decrypted : ");
sourceFileAsString = input.readLine().trim();
File destinationFile = new File(sourceFileAsString + ".encrypted");
//File decryptedSourceFile = new File(sourceFileAsString + ".decrypted");
File decryptedSourceFile = new File(sourceFileAsString);
final EncryptFile cryptoAgent = new EncryptFile(merchantID);
cryptoAgent.decrypt(destinationFile, decryptedSourceFile);
catch (Exception e)
e.printStackTrace(System.out);
// 8-byte Salt
private final byte[] salt = { (byte)0xA9, (byte)0x9B, (byte)0xC8, (byte)0x32,
(byte)0x56, (byte)0x35, (byte)0xE3, (byte)0x03 };
// Iteration count
private final int iterationCount = 19;
private Cipher encryptCipher = null;
private Cipher decryptCipher = null;
private AlgorithmParameterSpec paramSpec = null;
private SecretKey key = null;
}I checked the provider on Windows as printed the provider with PBE algorithm and got the following output
Provider: SunJCE, SunJCE Provider (implements RSA, DES, Triple DES, AES, Blowfish, ARCFOUR, RC2, PBE, Diffie-Hellman, HMAC)
Mac.HmacPBESHA1 = com.sun.crypto.provider.HmacPKCS12PBESHA1
AlgorithmParameters.PBEWithMD5AndTripleDES = com.sun.crypto.provider.PBEParameters
AlgorithmParameters.PBEWithSHA1AndRC2_40 = com.sun.crypto.provider.PBEParameters
Mac.HmacPBESHA1 SupportedKeyFormats = RAW
AlgorithmParameters.PBEWithSHA1AndDESede = com.sun.crypto.provider.PBEParameters
Cipher.PBEWithMD5AndDES = com.sun.crypto.provider.PBEWithMD5AndDESCipher
Cipher.PBEWithMD5AndTripleDES = com.sun.crypto.provider.PBEWithMD5AndTripleDESCipher
SecretKeyFactory.PBE = com.sun.crypto.provider.PBEKeyFactory
SecretKeyFactory.PBEWithSHA1AndRC2_40 = com.sun.crypto.provider.PBEKeyFactory
Cipher.PBEWithSHA1AndRC2_40 = com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC2_40
SecretKeyFactory.PBEWithSHA1AndDESede = com.sun.crypto.provider.PBEKeyFactory
Cipher.PBEWithSHA1AndDESede = com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndDESede
AlgorithmParameters.PBEWithMD5AndDES = com.sun.crypto.provider.PBEParameters
SecretKeyFactory.PBEWithMD5AndTripleDES = com.sun.crypto.provider.PBEKeyFactory
SecretKeyFactory.PBEWithMD5AndDES = com.sun.crypto.provider.PBEKeyFactory
AlgorithmParameters.PBE = com.sun.crypto.provider.PBEParameterswhereas the same thing on Linux gave me the provider info as follows
Provider: GNU-CRYPTO, GNU Crypto JCE Provider
CIPHER.PBEWITHHMACMD5ANDTRIPLEDES = gnu.crypto.jce.cipher.PBES2$HMacMD5$TripleDES
CIPHER.PBEWITHHMACSHA1ANDSERPENT = gnu.crypto.jce.cipher.PBES2$HMacSHA1$Serpent
CIPHER.PBEWITHHMACHAVALANDSERPENT = gnu.crypto.jce.cipher.PBES2$HMacHaval$Serpent
CIPHER.PBEWITHHMACHAVALANDCAST5 = gnu.crypto.jce.cipher.PBES2$HMacHaval$Cast5
CIPHER.PBEWITHHMACHAVALANDKHAZAD = gnu.crypto.jce.cipher.PBES2$HMacHaval$Khazad
CIPHER.PBEWITHHMACMD4ANDTWOFISH = gnu.crypto.jce.cipher.PBES2$HMacMD4$Twofish
CIPHER.PBEWITHHMACSHA512ANDSQUARE = gnu.crypto.jce.cipher.PBES2$HMacSHA512$Square
CIPHER.PBEWITHHMACSHA1ANDSQUARE = gnu.crypto.jce.cipher.PBES2$HMacSHA1$Square
CIPHER.PBEWITHHMACHAVALANDDES = gnu.crypto.jce.cipher.PBES2$HMacHaval$DES
CIPHER.PBEWITHHMACSHA512ANDKHAZAD = gnu.crypto.jce.cipher.PBES2$HMacSHA512$Khazad
CIPHER.PBEWITHHMACSHA512ANDCAST5 = gnu.crypto.jce.cipher.PBES2$HMacSHA512$Cast5
CIPHER.PBEWITHHMACWHIRLPOOLANDBLOWFISH = gnu.crypto.jce.cipher.PBES2$HMacWhirlpool$Blowfish
CIPHER.PBEWITHHMACHAVALANDANUBIS = gnu.crypto.jce.cipher.PBES2$HMacHaval$Anubis
CIPHER.PBEWITHHMACMD5ANDSERPENT = gnu.crypto.jce.cipher.PBES2$HMacMD5$Serpent
CIPHER.PBEWITHHMACWHIRLPOOLANDANUBIS = gnu.crypto.jce.cipher.PBES2$HMacWhirlpool$Anubis
CIPHER.PBEWITHHMACSHA512ANDDES = gnu.crypto.jce.cipher.PBES2$HMacSHA512$DES
CIPHER.PBEWITHHMACSHA1ANDKHAZAD = gnu.crypto.jce.cipher.PBES2$HMacSHA1$Khazad
CIPHER.PBEWITHHMACWHIRLPOOLANDTRIPLEDES = gnu.crypto.jce.cipher.PBES2$HMacWhirlpool$TripleDES
CIPHER.PBEWITHHMACSHA384ANDTWOFISH = gnu.crypto.jce.cipher.PBES2$HMacSHA384$Twofish
CIPHER.PBEWITHHMACSHA512ANDANUBIS = gnu.crypto.jce.cipher.PBES2$HMacSHA512$Anubis
CIPHER.PBEWITHHMACMD2ANDDES = gnu.crypto.jce.cipher.PBES2$HMacMD2$DES
CIPHER.PBEWITHHMACMD2ANDCAST5 = gnu.crypto.jce.cipher.PBES2$HMacMD2$Cast5
CIPHER.PBEWITHHMACWHIRLPOOLANDKHAZAD = gnu.crypto.jce.cipher.PBES2$HMacWhirlpool$Khazad
CIPHER.PBEWITHHMACSHA256ANDAES = gnu.crypto.jce.cipher.PBES2$HMacSHA256$AES
CIPHER.PBEWITHHMACWHIRLPOOLANDAES = gnu.crypto.jce.cipher.PBES2$HMacWhirlpool$AES
CIPHER.PBEWITHHMACSHA1ANDANUBIS = gnu.crypto.jce.cipher.PBES2$HMacSHA1$Anubis
CIPHER.PBEWITHHMACMD2ANDTRIPLEDES = gnu.crypto.jce.cipher.PBES2$HMacMD2$TripleDES
CIPHER.PBEWITHHMACMD4ANDAES = gnu.crypto.jce.cipher.PBES2$HMacMD4$AES
CIPHER.PBEWITHHMACMD4ANDBLOWFISH = gnu.crypto.jce.cipher.PBES2$HMacMD4$Blowfish
CIPHER.PBEWITHHMACTIGERANDDES = gnu.crypto.jce.cipher.PBES2$HMacTiger$DES
CIPHER.PBEWITHHMACWHIRLPOOLANDSQUARE = gnu.crypto.jce.cipher.PBES2$HMacWhirlpool$Square
CIPHER.PBEWITHHMACSHA256ANDSQUARE = gnu.crypto.jce.cipher.PBES2$HMacSHA256$Square
CIPHER.PBEWITHHMACMD5ANDTWOFISH = gnu.crypto.jce.cipher.PBES2$HMacMD5$Twofish
CIPHER.PBEWITHHMACWHIRLPOOLANDSERPENT = gnu.crypto.jce.cipher.PBES2$HMacWhirlpool$Serpent
CIPHER.PBEWITHHMACSHA256ANDBLOWFISH = gnu.crypto.jce.cipher.PBES2$HMacSHA256$Blowfish
CIPHER.PBEWITHHMACSHA256ANDTWOFISH = gnu.crypto.jce.cipher.PBES2$HMacSHA256$Twofish
CIPHER.PBEWITHHMACMD4ANDCAST5 = gnu.crypto.jce.cipher.PBES2$HMacMD4$Cast5
CIPHER.PBEWITHHMACTIGERANDSERPENT = gnu.crypto.jce.cipher.PBES2$HMacTiger$Serpent
CIPHER.PBEWITHHMACSHA256ANDKHAZAD = gnu.crypto.jce.cipher.PBES2$HMacSHA256$Khazad
CIPHER.PBEWITHHMACMD4ANDSQUARE = gnu.crypto.jce.cipher.PBES2$HMacMD4$Square
CIPHER.PBEWITHHMACMD5ANDDES = gnu.crypto.jce.cipher.PBES2$HMacMD5$DES
CIPHER.PBEWITHHMACSHA1ANDTWOFISH = gnu.crypto.jce.cipher.PBES2$HMacSHA1$Twofish
CIPHER.PBEWITHHMACSHA256ANDTRIPLEDES = gnu.crypto.jce.cipher.PBES2$HMacSHA256$TripleDES
CIPHER.PBEWITHHMACMD2ANDBLOWFISH = gnu.crypto.jce.cipher.PBES2$HMacMD2$Blowfish
CIPHER.PBEWITHHMACMD4ANDKHAZAD = gnu.crypto.jce.cipher.PBES2$HMacMD4$Khazad
CIPHER.PBEWITHHMACSHA256ANDANUBIS = gnu.crypto.jce.cipher.PBES2$HMacSHA256$Anubis
CIPHER.PBEWITHHMACMD2ANDSQUARE = gnu.crypto.jce.cipher.PBES2$HMacMD2$Square
CIPHER.PBEWITHHMACWHIRLPOOLANDDES = gnu.crypto.jce.cipher.PBES2$HMacWhirlpool$DES
CIPHER.PBEWITHHMACSHA384ANDAES = gnu.crypto.jce.cipher.PBES2$HMacSHA384$AES
CIPHER.PBEWITHHMACSHA256ANDCAST5 = gnu.crypto.jce.cipher.PBES2$HMacSHA256$Cast5
CIPHER.PBEWITHHMACSHA1ANDTRIPLEDES = gnu.crypto.jce.cipher.PBES2$HMacSHA1$TripleDES
CIPHER.PBEWITHHMACSHA512ANDTWOFISH = gnu.crypto.jce.cipher.PBES2$HMacSHA512$Twofish
CIPHER.PBEWITHHMACTIGERANDAES = gnu.crypto.jce.cipher.PBES2$HMacTiger$AES
CIPHER.PBEWITHHMACTIGERANDTRIPLEDES = gnu.crypto.jce.cipher.PBES2$HMacTiger$TripleDES
CIPHER.PBEWITHHMACMD2ANDSERPENT = gnu.crypto.jce.cipher.PBES2$HMacMD2$Serpent
CIPHER.PBEWITHHMACMD4ANDANUBIS = gnu.crypto.jce.cipher.PBES2$HMacMD4$Anubis
CIPHER.PBEWITHHMACTIGERANDTWOFISH = gnu.crypto.jce.cipher.PBES2$HMacTiger$Twofish
CIPHER.PBEWITHHMACTIGERANDBLOWFISH = gnu.crypto.jce.cipher.PBES2$HMacTiger$Blowfish
CIPHER.PBEWITHHMACMD2ANDKHAZAD = gnu.crypto.jce.cipher.PBES2$HMacMD2$Khazad
CIPHER.PBEWITHHMACHAVALANDTRIPLEDES = gnu.crypto.jce.cipher.PBES2$HMacHaval$TripleDES
CIPHER.PBEWITHHMACSHA256ANDSERPENT = gnu.crypto.jce.cipher.PBES2$HMacSHA256$Serpent
CIPHER.PBEWITHHMACWHIRLPOOLANDTWOFISH = gnu.crypto.jce.cipher.PBES2$HMacWhirlpool$Twofish
CIPHER.PBEWITHHMACTIGERANDANUBIS = gnu.crypto.jce.cipher.PBES2$HMacTiger$Anubis
CIPHER.PBEWITHHMACMD5ANDAES = gnu.crypto.jce.cipher.PBES2$HMacMD5$AES
CIPHER.PBEWITHHMACMD2ANDANUBIS = gnu.crypto.jce.cipher.PBES2$HMacMD2$Anubis
CIPHER.PBEWITHHMACMD5ANDBLOWFISH = gnu.crypto.jce.cipher.PBES2$HMacMD5$Blowfish
CIPHER.PBEWITHHMACSHA384ANDTRIPLEDES = gnu.crypto.jce.cipher.PBES2$HMacSHA384$TripleDES
CIPHER.PBEWITHHMACTIGERANDKHAZAD = gnu.crypto.jce.cipher.PBES2$HMacTiger$Khazad
CIPHER.PBEWITHHMACSHA384ANDSQUARE = gnu.crypto.jce.cipher.PBES2$HMacSHA384$Square
CIPHER.PBEWITHHMACSHA512ANDTRIPLEDES = gnu.crypto.jce.cipher.PBES2$HMacSHA512$TripleDES
CIPHER.PBEWITHHMACSHA384ANDBLOWFISH = gnu.crypto.jce.cipher.PBES2$HMacSHA384$Blowfish
CIPHER.PBEWITHHMACSHA384ANDDES = gnu.crypto.jce.cipher.PBES2$HMacSHA384$DES
CIPHER.PBEWITHHMACSHA384ANDSERPENT = gnu.crypto.jce.cipher.PBES2$HMacSHA384$Serpent
CIPHER.PBEWITHHMACSHA384ANDCAST5 = gnu.crypto.jce.cipher.PBES2$HMacSHA384$Cast5
CIPHER.PBEWITHHMACSHA1ANDAES = gnu.crypto.jce.cipher.PBES2$HMacSHA1$AES
CIPHER.PBEWITHHMACMD4ANDTRIPLEDES = gnu.crypto.jce.cipher.PBES2$HMacMD4$TripleDES
CIPHER.PBEWITHHMACMD5ANDCAST5 = gnu.crypto.jce.cipher.PBES2$HMacMD5$Cast5
CIPHER.PBEWITHHMACTIGERANDSQUARE = gnu.crypto.jce.cipher.PBES2$HMacTiger$Square
CIPHER.PBEWITHHMACSHA384ANDKHAZAD = gnu.crypto.jce.cipher.PBES2$HMacSHA384$Khazad
CIPHER.PBEWITHHMACSHA1ANDCAST5 = gnu.crypto.jce.cipher.PBES2$HMacSHA1$Cast5
CIPHER.PBEWITHHMACMD5ANDSQUARE = gnu.crypto.jce.cipher.PBES2$HMacMD5$Square
CIPHER.PBEWITHHMACSHA512ANDBLOWFISH = gnu.crypto.jce.cipher.PBES2$HMacSHA512$Blowfish
CIPHER.PBEWITHHMACSHA1ANDBLOWFISH = gnu.crypto.jce.cipher.PBES2$HMacSHA1$Blowfish
CIPHER.PBEWITHHMACWHIRLPOOLANDCAST5 = gnu.crypto.jce.cipher.PBES2$HMacWhirlpool$Cast5
CIPHER.PBEWITHHMACHAVALANDAES = gnu.crypto.jce.cipher.PBES2$HMacHaval$AES
CIPHER.PBEWITHHMACSHA384ANDANUBIS = gnu.crypto.jce.cipher.PBES2$HMacSHA384$Anubis
CIPHER.PBEWITHHMACHAVALANDBLOWFISH = gnu.crypto.jce.cipher.PBES2$HMacHaval$Blowfish
CIPHER.PBEWITHHMACMD5ANDKHAZAD = gnu.crypto.jce.cipher.PBES2$HMacMD5$Khazad
CIPHER.PBEWITHHMACMD4ANDSERPENT = gnu.crypto.jce.cipher.PBES2$HMacMD4$Serpent
CIPHER.PBEWITHHMACSHA512ANDAES = gnu.crypto.jce.cipher.PBES2$HMacSHA512$AES
CIPHER.PBEWITHHMACHAVALANDTWOFISH = gnu.crypto.jce.cipher.PBES2$HMacHaval$Twofish
CIPHER.PBEWITHHMACTIGERANDCAST5 = gnu.crypto.jce.cipher.PBES2$HMacTiger$Cast5
CIPHER.PBEWITHHMACSHA512ANDSERPENT = gnu.crypto.jce.cipher.PBES2$HMacSHA512$Serpent
CIPHER.PBEWITHHMACMD2ANDAES = gnu.crypto.jce.cipher.PBES2$HMacMD2$AES
CIPHER.PBEWITHHMACMD5ANDANUBIS = gnu.crypto.jce.cipher.PBES2$HMacMD5$Anubis
CIPHER.PBEWITHHMACSHA256ANDDES = gnu.crypto.jce.cipher.PBES2$HMacSHA256$DES
CIPHER.PBEWITHHMACSHA1ANDDES = gnu.crypto.jce.cipher.PBES2$HMacSHA1$DES
CIPHER.PBEWITHHMACHAVALANDSQUARE = gnu.crypto.jce.cipher.PBES2$HMacHaval$Square
CIPHER.PBEWITHHMACMD2ANDTWOFISH = gnu.crypto.jce.cipher.PBES2$HMacMD2$Twofish
CIPHER.PBEWITHHMACMD4ANDDES = gnu.crypto.jce.cipher.PBES2$HMacMD4$DESAm i missing out some files to be included in my project to make my code work in Linux ? -
I was wondering if anyone knew how to implement the SRP6 protocol in Java. I know there's an impl of it in gnu-crypto, but i don't need all the extra stuff. I've been trying various combination's and none of them have worked. I'm comparing my results with the results from http://srp.stanford.edu/demo/demo.html , which i'm assuming are correct, due to the fact that it's written by the creator of the SRP protocol, I mean, I suppose it could be wrong, but then the site wouldn't be very effective then.
My biggest problem seems to be when hashing the salt with the hashed username and password.
SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
BigInteger salt = new BigInteger(random.generateSeed(32));
BigInteger innerHash = new BigInteger(SHA1.hash("zymus:apocalypse"));//According to many tested SHA1 impl's, this works correctly.
byte[] exp = new String(SHA1.hash(salt.toString(16) + innerHash.toString(16))).getBytes("UTF-8");;//This is where i believe I'm messing up. This is just one of the many combination's that i've tried.
System.out.println(salt.toString(16));
System.out.println(new BigInteger(exp).toString(16));Output:
>
8098f80df83b4f23d3f104acac3f6f165ae059ebe00966d1c3339afb37fe78c
20476ec2a3c2a9c2ad2ac3984f010769c3bec3b6e282ac11155fc2a71f
>
Expected output according to aforementioned site:
>
8098f80df83b4f23d3f104acac3f6f165ae059ebe00966d1c3339afb37fe78c
ffd90619e047303e3278be09314664b3557c89d5
>
As you can see, the hashed salt + pass doesn't compare. The protocol definition for hashing is:
x = SHA1(salt + SHA1(username + ":" + password));Any ideas?
Edited by: Zymus on Sep 3, 2010 7:20 AM
Edited by: Zymus on Sep 3, 2010 7:21 AMcheck out this site www.sourceforge.net. There are a lot of free , opensource projects available for download. Try and search there. I am sure you'll get one.
-
I tried the code listing from the following link and AES 128 works fine.
http://java.sun.com/developer/technicalArticles/Security/AES/AES_v1.html
I downloaded the Unlimited jurisdiction policy files and replaced the existing local_policy.jar and us_export_policy.jar with the new ones, but I get a Security exception when I do AES 256
Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
at javax.crypto.e.<clinit>(Unknown Source)
... 3 more
Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
I am working with RAD, so the new jar files went into eclipse\jre\lib\security and I also tried putting them under runtimes\base_v51\java\jre\lib\security
I dont know what I am missing, Can someone point me in the right direction please. Thanks a lot.I have tried copying the two jar files to under lib/ext also. But no luck.
This is how the java.security file looks like:
security.provider.1=com.ibm.crypto.provider.IBMJCE
security.provider.2=com.ibm.jsse.IBMJSSEProvider
security.provider.3=com.ibm.security.jgss.IBMJGSSProvider
security.provider.4=com.ibm.security.cert.IBMCertPath
security.provider.5=com.ibm.crypto.pkcs11.provider.IBMPKCS11
security.provider.6=com.sun.crypto.provider.SunJCE
security.provider.7=gnu.crypto.jce.GnuCrypto
security.provider.8=org.bouncycastle.jce.provider.BouncyCastleProvider
I am trying to see what else could cause this problem.. Could it be a version issue? -
Oracle.security.crypto.cert.PKCS7 signing xml message
Dear All
Can anybody have java sample code to sign xml message by using oracle.security.crypto.cert.PKCS7 libarary.
Regards
AamirHi Michal,
> about a WM application (which only has SAP in the name)
I'm afraid you have a completely wrong understanding of the Business Connector...
About 10-20% of the code (everything that deals with RFC communication, IDoc processing and conversion of IDoc/function module data to and from XML) has been developed here at SAP. And with release 4.7 (2003), SAP obtained 100% control over the source code, and we have done many fixes and enhancements in the webMethods part of the code (as well as in our own...) since then.
I just wanted to make this point clear...
BTW: the problem reported here is neither related to webMethods, nor to SAP: it's simply a problem with the certificate (probably a mismatch between private key and public key?!)
Best Regards, Ulrich
(SAP BC team) -
Javax.crypto.IllegalBlockSizeException: 6 trailing bytes
Hi everybody!
I'm facing a error when i try to encrypt a string with symmetric algorithm DES. I try to run the following code on Redhat:
byte[] data="It is a test!".getBytes();
Cipher cipher = Cipher.getInstance(algName);
cipher.init(Cipher.ENCRYPT_MODE, key);
int blocksize=cipher.getBlockSize();
System.out.println("--------blocksize: "+blocksize); // blocksize=8
byte[] cipherByte = cipher.doFinal(data); // 52 line
The error showing is:
javax.crypto.IllegalBlockSizeException: 6 trailing bytes
at gnu.javax.crypto.jce.cipher.CipherAdapter.engineDoFinal(CipherAdapter.java:491)
at javax.crypto.Cipher.doFinal(Cipher.java:495)
at javax.crypto.Cipher.doFinal(Cipher.java:461)
at cn.com.webinfo.security.SymmetricAlgorithm.encrypt(SymmetricAlgorithm.java:52)
at cn.com.webinfo.stest.MainSymmetricAlgorithm.main(MainSymmetricAlgorithm.java:32)
Can any one support.
Thanks and waiting your replies.It would help if you showed the content of the String referenced by 'algName' since it looks to me like you are using "DES/ECB/NoPadding" and not either "DES" or "DES/ECB/PKCS5Padding".
-
Hi,
I want to be able to generate a pkcs7 with encrypted data. The data is encrypted using 3DES and the symmetric keys used are encrypted with RSA in the PKCS7.
I tried to do it with Sun jce but I can only encrypt the file with either RSA or symmetric keys.
I'm using sun jdk 1.5 as the former ones didn't seem to have RSA encryption included in them.
I know that you can do it with other providers but I'd like to do it with the sun JCE.
Anyone has an idea ?
thanks
regardsMy point is, you don't know what mode/padding either end is using. You do know (or at least should strongly suspect) that the defaults don't match.
Another hint: "Given block is not mutiple of 8". That implies to me that whichever side is returning that error, isn't padding AT ALL. The whole point to padding is to fill the last block FOR YOU, so you don't have to pre-block your plaintext to match the blocksize of the algorithm.
When you happen to transmit exactly the right-sized output, no padding gets used on either side, and it All Just Works. The other 7/8's of the time, padding is used on one side but not the other, and things DON'T work. That, at least, would be my guess.
I gave up using the defaults for algorithms for this very reason - you never know what the developer of your crypto-lib decided was the "most reasonable" set of options. Always specify algorithm/node/padding, and you won't have to guess anymore...
Grant -
Unable to Decrypt the data properly using javax.crypto class and SunJCE
Hello all,
I am not new to Java but new to this forums
but and JCE and i wanted to write a program that Encrypts a file and also another program that decrypts it. As far Encryption is concerned i have been successful but When it comes to Decryption things aren't looking bright i have some or the other Problem with it. plz help me out .
Here is the Code for my Programs
Encryption
Code:
import java.io.*;
import javax.crypto.*;
import javax.crypto.spec.SecretKeySpec;
import java.security.*;
import javax.swing.*;
class MyJCE
public static void main(String args[])throws Exception
Provider sunjce = new com.sun.crypto.provider.SunJCE();
Security.addProvider(sunjce);
JFileChooser jfc = new JFileChooser();
int selection= jfc.showOpenDialog(null);
if(selection==JFileChooser.APPROVE_OPTION)
FileInputStream fis = new FileInputStream(jfc.getSelectedFile());
System.out.println("Selected file " + jfc.getSelectedFile());
try{
KeyGenerator kg = KeyGenerator.getInstance("DESede");
SecretKey key= kg.generateKey();
byte[] mkey=key.getEncoded();
System.out.println(key);
SecretKeySpec skey = new SecretKeySpec(mkey, "DESede");
Cipher cipher=Cipher.getInstance("DESede/ECB/NoPadding");
cipher.init(Cipher.ENCRYPT_MODE,skey);
byte[] data= new byte[fis.available()];
//reading the file into data byte array
byte[] result= cipher.update(data);
byte[] enc= new byte [fis.read(result)];
System.out.println("Encrypted =" + result);
File fi= new File("/home/srikar/Encrypted");
FileOutputStream fos= new FileOutputStream(fi);
fos.write(enc);
fos.close();
byte[] encodedSpeckey = skey.getEncoded();
FileOutputStream ks= new FileOutputStream("./key.txt");
ks.write(encodedSpeckey);
System.out.println("Key written to a file");
}//try
catch(Exception ex)
ex.printStackTrace();
}//catch
}This Creates a Encrypted File. and a Encrypted key.txt
Code:
import java.io.*;
import javax.crypto.*;
import javax.crypto.spec.SecretKeySpec;
import java.security.*;
import javax.swing.*;
class Decrypt
public static void main(String[] args)
try
JFileChooser jfc = new JFileChooser();
int selection= jfc.showOpenDialog(null);
if(selection==JFileChooser.APPROVE_OPTION)
FileInputStream fis = new FileInputStream(jfc.getSelectedFile());
System.out.println("Selected file " + jfc.getSelectedFile());
//Read from the Encrypted Data
int ll= (int)jfc.getSelectedFile().length();
byte[] buffer = new byte[ll];
int bytesRead=fis.read(buffer);
byte[] data= new byte[bytesRead];
System.arraycopy(buffer,0,data,0,bytesRead);
//Read the Cipher Settings
FileInputStream rkey= new FileInputStream("./key.txt");
bytesRead = rkey.read(buffer);
byte[] encodedKeySpec=new byte[bytesRead];
System.arraycopy(buffer,0,encodedKeySpec,0,bytesRead);
//Recreate the Secret Symmetric Key
SecretKeySpec skeySpec= new SecretKeySpec(encodedKeySpec,"DESede");
//create the cipher for Decrypting
Cipher cipher = Cipher.getInstance("DESede/ECB/NoPadding");
cipher.init(Cipher.DECRYPT_MODE,skeySpec);
byte[] decrypted= cipher.update(data);
FileOutputStream fos= new FileOutputStream("/home/srikar/Decrypted");
fos.write(decrypted);
}//if
}//try
catch(Exception e)
e.printStackTrace();
}//catch
}//main
}//classthis Decrypt.java is expected to decrypt the above encrypted file but this simply creates a plaintext file of the same size as the Encrypted file but its contents are unreadable.
Or I endup with Exceptions like BadPadding or IllegalBlockSize Exception if i use any other Algorithm .
Please help out
thanx in advanceSrikar2871 wrote:
Well thanx for ur reply but
As i said there are No issues with ENCRYPTION and am getting an Encrypted file exactly of the same size as that of the original file and NOT as null bytes and Even am able to get a Decrypted file of again the same size of the Encrypted File but this time that data inside is in unreadable format.I ran your code EXACTLY* as posted and the contents of the file when viewed in a Hex editor was
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00So unless you are running different code to what you have posted, your file will look the same.
Cheers,
Shane -
SAP Java Crypto Toolkit was not found
Hi,
I m trying to install Netweaver 7.0 BI and portal with SR3 package. Installation is Cluster installation on windows 2008 and sql 2008 platform. When I came to Centarl instance installtion. On Start Java Phase I had the error. I put the error below. I check the notes Note 1071472 - FileSystem SecureStore connection issues, Note 914818 - JSPM: Could not detect database, Note 1154133 - JSPM: SAP Java Crypto Toolkit was not found.
Thank you For your Help.
Bootstrap MODE:
<INSTANCE GLOBALS>
determined by parameter [ID0276347].
Exception occurred:
com.sap.engine.bootstrap.SynchronizationException: Database initialization failed! Check database properties!
at com.sap.engine.bootstrap.Bootstrap.initDatabaseConnection(Bootstrap.java:476)
at com.sap.engine.bootstrap.Bootstrap.<init>(Bootstrap.java:146)
at com.sap.engine.bootstrap.Bootstrap.main(Bootstrap.java:971)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at com.sap.engine.offline.OfflineToolStart.main(OfflineToolStart.java:81)
==[ Caused by: ]==----
com.sap.engine.frame.core.configuration.ConfigurationException: Error while connecting to DB.
at com.sap.engine.core.configuration.impl.persistence.rdbms.DBConnectionPool.<init>(DBConnectionPool.java:115)
at com.sap.engine.core.configuration.impl.persistence.rdbms.PersistenceHandler.<init>(PersistenceHandler.java:38)
at com.sap.engine.core.configuration.impl.cache.ConfigurationCache.<init>(ConfigurationCache.java:149)
at com.sap.engine.core.configuration.bootstrap.ConfigurationManagerBootstrapImpl.init(ConfigurationManagerBootstrapImpl.java:236)
at com.sap.engine.core.configuration.bootstrap.ConfigurationManagerBootstrapImpl.<init>(ConfigurationManagerBootstrapImpl.java:49)
at com.sap.engine.bootstrap.Synchronizer.<init>(Synchronizer.java:74)
at com.sap.engine.bootstrap.Bootstrap.initDatabaseConnection(Bootstrap.java:473)
at com.sap.engine.bootstrap.Bootstrap.<init>(Bootstrap.java:146)
at com.sap.engine.bootstrap.Bootstrap.main(Bootstrap.java:971)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at com.sap.engine.offline.OfflineToolStart.main(OfflineToolStart.java:81)
Caused by: com.sap.sql.log.OpenSQLException: Error while accessing secure store: Encryption or decryption is not possible because the full version of the SAP Java Crypto Toolkit was not found (iaik_jce.jar is required, iaik_jce_export.jar is not sufficient) or the JCE Jurisdiction Policy Files don't allow the use of the "PbeWithSHAAnd3_KeyTripleDES_CBC" algorithm..
at com.sap.sql.log.Syslog.createAndLogOpenSQLException(Syslog.java:106)
at com.sap.sql.log.Syslog.createAndLogOpenSQLException(Syslog.java:145)
at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:226)
at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:197)
at com.sap.engine.core.configuration.impl.persistence.rdbms.DBConnectionPool.<init>(DBConnectionPool.java:112)
... 13 more
Caused by: com.sap.security.core.server.secstorefs.NoEncryptionException: Encryption or decryption is not possible because the full version of the SAP Java Crypto Toolkit was not found (iaik_jce.jar is required, iaik_jce_export.jar is not sufficient) or the JCE Jurisdiction Policy Files don't allow the use of the "PbeWithSHAAnd3_KeyTripleDES_CBC" algorithm.
at com.sap.security.core.server.secstorefs.SecStoreFS.openExistingStore(SecStoreFS.java:1975)
at com.sap.sql.connect.OpenSQLConnectInfo.getStore(OpenSQLConnectInfo.java:802)
at com.sap.sql.connect.OpenSQLConnectInfo.lookup(OpenSQLConnectInfo.java:783)
at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:209)
... 15 more
Caused by: javax.crypto.NoSuchPaddingException: Padding 'PKCS5Padding' not implemented.
at iaik.security.cipher.w.engineSetPadding(Unknown Source)
at iaik.security.cipher.PbeWithSHAAnd3_KeyTripleDES_CBC.<init>(Unknown Source)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:274)
at java.lang.Class.newInstance0(Class.java:308)
at java.lang.Class.newInstance(Class.java:261)
at javax.crypto.SunJCE_b.a(DashoA12275)
at javax.crypto.SunJCE_b.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.getInstance(DashoA12275)
at com.sap.security.core.server.secstorefs.Crypt.<init>(Crypt.java:220)
at com.sap.security.core.server.secstorefs.SecStoreFS.<init>(SecStoreFS.java:1346)
at com.sap.sql.connect.OpenSQLConnectInfo.getStore(OpenSQLConnectInfo.java:798)
... 17 more
[Bootstrap module]> Problem occurred while performing synchronization.Hi
> > Caused by: com.sap.sql.log.OpenSQLException: Error while accessing secure store: Encryption or decryption is not possible because the full version of the SAP Java Crypto Toolkit was not found (iaik_jce.jar is required, iaik_jce_export.jar is not sufficient) or the JCE Jurisdiction Policy Files don't allow the use of the "PbeWithSHAAnd3_KeyTripleDES_CBC" algorithm..
> at com.sap.sql.log.Syslog.createAndLogOpenSQLException(Syslog.java:106)
> at com.sap.sql.log.Syslog.createAndLogOpenSQLException(Syslog.java:145)
> at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:226)
> at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:197)
> at com.sap.engine.core.configuration.impl.persistence.rdbms.DBConnectionPool.<init>(DBConnectionPool.java:112)
It looks like the JCE file which you have downloaded is not the correct one. As you can see some jar files are missing. Check JCE files.
Check SAP Note 1240081 - "Java Cryptography Extension Jurisdiction Policy" files
Thanks
Sunny -
Issue with multiple crypto isakmp policies
Hey folks,
I'm having an issue setting up multiple crypto isakmp policies on my 1921 router. Whenever I have only one crypto isakmp policy set up like so:
crypto isakmp policy 1
encr aes 256
group 5
It works perfectly fine with my certificate tunnel group in my ASA. When I debug crypto ipsec & debug crypto isakmp and watch the connection, I see this:
ISAKMP transform 1 against priority 1 policy
*Oct 7 20:04:09.263: ISAKMP: encryption AES-CBC
*Oct 7 20:04:09.263: ISAKMP: keylength of 256
*Oct 7 20:04:09.263: ISAKMP: hash SHA
*Oct 7 20:04:09.263: ISAKMP: default group 5
*Oct 7 20:04:09.263: ISAKMP: auth RSA sig
*Oct 7 20:04:09.263: ISAKMP: life type in seconds
*Oct 7 20:04:09.263: ISAKMP: life duration (VPI) of 0x0 0x1 0x51 0x80
*Oct 7 20:04:09.263: ISAKMP:(0):atts are acceptable. Next payload is 0
This is showing me that the handshake is verifying the policy with the "auth RSA sig" type, which is what I expected and is what I want.
Here is where my issue actually comes up. When I add another crypto isakmp policy (2) the "authorization pre-share" over rides the "authorization rsa-sig" of policy 1. Here is what I have set up:
crypto isakmp policy 1
encr aes 256
group 5
crypto isakmp policy 2
encr aes 256
authorization pre-share
group 5
This is showing me that crypto isakmp policy 1 is set with the default authorization type of rsa-sig (in fact if I manually enter that command under the policy 1 configuration mode and it doesn't print in the show run output), and the crypto isakmp policy 2 is set to authorization pre-share.
When I debug crypto ipsec & debug crypto isakmp with this configuration, this is what I'm getting:
56:46.259: ISAKMP:(0): PKI->IKE Got configured TrustPoints state (I) MM_NO_STATE (peer 199.46.128.5)
*Oct 7 19:56:46.263: ISAKMP:(0):Checking ISAKMP transform 2 against priority 1 policy
*Oct 7 19:56:46.263: ISAKMP: encryption AES-CBC
*Oct 7 19:56:46.263: ISAKMP: keylength of 256
*Oct 7 19:56:46.263: ISAKMP: hash SHA
*Oct 7 19:56:46.263: ISAKMP: default group 5
*Oct 7 19:56:46.263: ISAKMP: auth pre-share
*Oct 7 19:56:46.263: ISAKMP: life type in seconds
*Oct 7
19:56:46.263: ISAKMP: life duration (VPI) of 0x0 0x1 0x51 0x80
*Oct 7 19:56:46.263: ISAKMP:(0):Authentication method offered does not match policy!
*Oct 7 19:56:46.263: ISAKMP:(0):atts are not acceptable. Next payload is 0
*Oct 7 19:56:46.263: ISAKMP:(0):Checking ISAKMP transform 2 against priority 2 policy
*Oct 7 19:56:46.263: ISAKMP: encryption AES-CBC
*Oct 7 19:56:46.263: ISAKMP: keylength of 256
*Oct 7 19:56:46.263: ISAKMP: hash SHA
*Oct 7 19:56:46.263: ISAKMP:
default group 5
*Oct 7 19:56:46.263: ISAKMP: auth pre-share
*Oct 7 19:56:46.263: ISAKMP: life type in seconds
*Oct 7 19:56:46.263: ISAKMP: life duration (VPI) of 0x0 0x1 0x51 0x80
It looks like the first policy is being verified against "auth pre-share" and fails because "Authentication method offered does not match policy!". My question is, does anyone know how to correct this so that the first policy is set to authenticate via rsa-sig and the second policy is authenticated via pre-shared keys? Is there a bug that will not differentiate the authorization types between the two policies?
Just an FYI, here is the version information of the router:
Cisco IOS Software, C1900 Software (C1900-UNIVERSALK9-M), Version 15.2(4)M3, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Tue 26-Feb-13 02:11 by prod_rel_team
ROM: System Bootstrap, Version 15.0(1r)M16, RELEASE SOFTWARE (fc1)
System returned to ROM by power-on
System image file is "usbflash0:c1900-universalk9-mz.SPA.152-4.M3.bin"
Last reload type: Normal Reload
Last reload reason: power-on
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
Cisco CISCO1921/K9 (revision 1.0) with 491520K/32768K bytes of memory.
Processor board ID FTX171385L4
2 Gigabit Ethernet interfaces
1 terminal line
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity disabled.
255K bytes of non-volatile configuration memory.
249840K bytes of USB Flash usbflash0 (Read/Write)
License Info:
License UDI:
Device# PID SN
*0 CISCO1921/K9
Technology Package License Information for Module:'c1900'
Technology Technology-package Technology-package
Current Type Next reboot
ipbase ipbasek9 Permanent ipbasek9
security securityk9 Permanent securityk9
data None None None
Configuration register is 0x2102Thanks for the input Walter. That isn't it though. I have plenty of sites with crypto map <name> 1 which map to crypto isakmp policy 2 settings. The debug is showing that the behavior is to try to authenticate through policy 1 first, and then progress to any other policies until there is a match. Since there is a match with policy 2 settings, the tunnel comes up.
My real question is, why would it change from "auth RSA sig" in the first debug out put to the "auth pre-share" in the second debug output. Judging by the config on the router, it appears to me that the line for "authorization pre-share" under policy 2 SHOULD only apply to policy 2 and SHOULD NOT override the "authorization rsa-sig" of policy 1.
Again, when I debug crypto ipsec & debug crypto isakmp, it shows clearly that the first policy is being verified, however the "auth" is now "pre-share" and no longer "RSA sig":
56:46.259: ISAKMP:(0): PKI->IKE Got configured TrustPoints state (I) MM_NO_STATE (peer 199.46.128.5)
*Oct 7 19:56:46.263: ISAKMP:(0):Checking ISAKMP transform 2 against priority 1 policy
*Oct 7 19:56:46.263: ISAKMP: encryption AES-CBC
*Oct 7 19:56:46.263: ISAKMP: keylength of 256
*Oct 7 19:56:46.263: ISAKMP: hash SHA
*Oct 7 19:56:46.263: ISAKMP: default group 5
*Oct 7 19:56:46.263: ISAKMP: auth pre-share <---This should read "auth RSA sig"
*Oct 7 19:56:46.263: ISAKMP: life type in seconds
*Oct 7
19:56:46.263: ISAKMP: life duration (VPI) of 0x0 0x1 0x51 0x80
*Oct 7 19:56:46.263: ISAKMP:(0):Authentication method offered does not match policy!
*Oct 7 19:56:46.263: ISAKMP:(0):atts are not acceptable. Next payload is 0
*Oct 7 19:56:46.263: ISAKMP:(0):Checking ISAKMP transform 2 against priority 2 policy
*Oct 7 19:56:46.263: ISAKMP: encryption AES-CBC
*Oct 7 19:56:46.263: ISAKMP: keylength of 256
*Oct 7 19:56:46.263: ISAKMP: hash SHA
*Oct 7 19:56:46.263: ISAKMP:
default group 5
*Oct 7 19:56:46.263: ISAKMP: auth pre-share
*Oct 7 19:56:46.263: ISAKMP: life type in seconds
*Oct 7 19:56:46.263: ISAKMP: life duration (VPI) of 0x0 0x1 0x51 0x80 -
Compatibility between Java crypto and open ssl
Hello
I have some question about compatibility between java crypto and openssl library.
This is my case:
1.I created DESede key and stored it to file:
SecretKey key = KeyGenerator.getInstance("TripleDES").generateKey();
File f = new File("c:\\key.dat");
DataOutputStream dos =new DataOutputStream(new FileOutputStream(f));
dos.write(key.getEncoded());
dos3.close();2.I encrypt some file "c:\\normal.dat" through:
ecipher.init(Cipher.ENCRYPT_MODE, key2);
byte[] enc = ecipher.doFinal(normalData);
File f2 = new File("c:\\enc.dat");
DataOutputStream dos =new DataOutputStream(new FileOutputStream(f2));
dos.write(enc);
dos.close();You have carefully left out some critical java code, namely the Cipher.getInstance() method. You'll notice in the documentation for this method that there 3 components to the "transform" argument of this method, the algorithm, the mode, and the padding. All of these must match exactly with the what openssl is using. Furthermore, if you are using one of the modes which require an IV, like CBC mode, then this must match exactly too. If you don't explicitly specify some of these parameters, you might get default values supplied. It is up to you to find out what these are.
Maybe you are looking for
-
Why is my font dropdown blinking in RH 11?
The Style, Font and Font Size dropdowns in the upper left of the RH11 window (above the project manager panel) begin blinking back and forth, in time with the cursor, as soon as more than one Design/HTML tab is opened. Attempting to drop one of thos
-
Safari audio goes through built in speakers
I am using an Edirol FA-66 audio interface and the default audio output is set to this, however recently the audio from safari (and firefox if used) comes through my built in speakers (as does the bbc radio widget) and volume is not controllable with
-
Aperture and Nikon D200 raw files
Can anyone tell me if they know when apple will release an update for Aperture to support Nikon D200 raw files.
-
hi to all, iam getting gap between address like company avs infrastructure banglore address is in command line defaultly it will be taking defaulat paragraph or how should we define for it kiran
-
Install netbeans 6.5 in windows vista
I am using Windows Xp and Windows Visa. I am having the package of Netbeans6.5. I was able to install the netbeans in Xp successfully.At the same time i was not able to install in vista. Whenever i tried to install in vista,the command prompt window