Gnu-crypto PKCS7 NegativeArraySizeException

Hi guys, i read a lot of topics in the forum, but i cant find something that
could help me, so i post a topics. I hope somebody help me.
Im trying to do a simple PKCS7 padding using gnu-crypto, but when
a run the padding example that come with the distribution of gnu-cypto
i got a NegativeArraySizeException. Thers's anybody here with the same error?
If you can please help me, i read the gnu-cypto documentation, but i cant
do the code run ok.
When reaches padding.pad the exception is thrown... :(
what am i doing wrong????
<code>
IPad padding = PadFactory.getInstance("PKCS7");
          byte[] input = inputString.getBytes("UTF8");
          byte[] pad = padding.pad(input, 0, input.length);
          byte[] pt = new byte[input.length + pad.length];
          byte[] ct = new byte[pt.length];
          byte[] cpt = new byte[pt.length];
          System.arraycopy(input, 0, pt, 0, input.length);
          System.arraycopy(pad, 0, pt, input.length, pad.length);
          int unpad = padding.unpad(cpt, 0, cpt.length);
          byte[] output = new byte[cpt.length - unpad];
          System.arraycopy(cpt, 0, output, 0, output.length);
          System.out.println("TEST " + input + " -- " + new String(output,"UTF8"));
</code>
<consoleOutput>
java.lang.NegativeArraySizeException
     at gnu.crypto.pad.PKCS7.pad(PKCS7.java:113)
     at org.Test.padding(Test.java:131)
     at org.Test.main(Test.java:48)
</consoleOutput>

You have not published enough code. You have not published the error messages.

Similar Messages

Encryption using gnu.crypto package

Hello,
I have a program which implements a DES algorithm for encrypting files.
The program makes use of the following:
gnu.crypto.Registry;
gnu.crypto.Properties;
gnu.crypto.util.Util;
which are used in statements, for instance:
-> Util.toBytesFromString("011F1F01010E0E01");
and
-> boolean check = Properties.checkForWeakKeys();
and
-> *public DES() {*
super(Registry.DES_CIPHER, BLOCK_SIZE, KEY_SIZE);
However, when i tried to compile this program on jdk.1.6, the complier simply couldn't recognize any of the above statements, or for that matter, any statement that makes use of gnu.crypto.*;
I tried compiling it on jdk 1.3 and on jdk1.5, but in vain.
Can u please help me out with this?
DO i need anything extra to be imported? or do i need a different version of jdk?

You have not published enough code. You have not published the error messages.

GSS-API/Kerberos v5 Authentication - Example throws strange exception

Hi There,
When II'm trying to run the GSS-API example I get this exception:
java.lang.SecurityException: D:\Program Files\jdk1.2.2\jre\lib\security\HBJAASLogin.config (The system cannot find the file specified)
I know that the exception is thrown because it cannot find the file: HBJAASLogin.config
The strangest thing is that I don't have that file, if I search for it on the NET it isn't found anywhere ?!?
And on the code there's no mention of the file ???
Why does it need the file?
Thank You
Pinho

hi,
i am very sorry to disturb you..
already i sent this problem to [email protected]
but i not able to see my mail in users archives.
so i am forwarding this.
i don't know how to forward this to forum
please help me
Thanks and Regards
kumar
-----Original Message-----
From: kumar [mailto:[email protected]]
Sent: Wednesday, April 10, 2002 6:17 PM
To: [email protected]
Subject: Compilation error :: please help me.. it is urgent
hi ,
I downloaded following version of openssl and during compilation, i got the following error.
openssl-engine-0.9.6c.
i got the same result with version openssl-0.9.6 also
Step : Compile OpenSSL
C:\kumar\openssl-engine-0.9.6c.tar\openssl-engine-0.9.6c> ms\mingw32
C:\kumar\openssl-engine-0.9.6c.tar\openssl-engine-0.9.6c>perl Configure Mingw32
Configuring for Mingw32
IsWindows=1
CC =gcc
CFLAG =-DTHREADS -DDSO_WIN32 -DL_ENDIAN -fomit-frame-pointer -O3 -m486
-Wall
EX_LIBS =
BN_ASM =bn_asm.o
DES_ENC =des_enc.o fcrypt_b.o
BF_ENC =bf_enc.o
CAST_ENC =c_enc.o
RC4_ENC =rc4_enc.o
RC5_ENC =rc5_enc.o
MD5_OBJ_ASM =
SHA1_OBJ_ASM =
RMD160_OBJ_ASM=
PROCESSOR =
RANLIB =true
PERL =perl
THIRTY_TWO_BIT mode
DES_PTR used
DES_RISC1 used
DES_UNROLL used
BN_LLONG mode
RC4_INDEX mode
RC4_CHUNK is undefined
Configured for Mingw32.
Generating x86 for GNU assember
Bignum
DES
crypt
Blowfish
CAST5
RC4
MD5
SHA1
RIPEMD160
RC5\32
Generating makefile
Generating DLL definition files
Building OpenSSL
mkdir tmp
mkdir out
mkdir outinc
mkdir outinc\openssl
copy .\crypto\cryptlib.h tmp\cryptlib.h
1 file(s) copied.
copy .\crypto\buildinf.h tmp\buildinf.h
1 file(s) copied.
copy .\crypto\md32_common.h tmp\md32_common.h
1 file(s) copied.
copy .\crypto\md4\md4_locl.h tmp\md4_locl.h
1 file(s) copied.
copy .\crypto\md5\md5_locl.h tmp\md5_locl.h
1 file(s) copied.
copy .\crypto\sha\sha_locl.h tmp\sha_locl.h
1 file(s) copied.
copy .\crypto\ripemd\rmd_locl.h tmp\rmd_locl.h
1 file(s) copied.
copy .\crypto\ripemd\rmdconst.h tmp\rmdconst.h
1 file(s) copied.
copy .\crypto\des\des_locl.h tmp\des_locl.h
1 file(s) copied.
copy .\crypto\des\rpc_des.h tmp\rpc_des.h
1 file(s) copied.
copy .\crypto\des\spr.h tmp\spr.h
1 file(s) copied.
copy .\crypto\des\des_ver.h tmp\des_ver.h
1 file(s) copied.
copy .\crypto\rc2\rc2_locl.h tmp\rc2_locl.h
1 file(s) copied.
copy .\crypto\rc4\rc4_locl.h tmp\rc4_locl.h
1 file(s) copied.
copy .\crypto\rc5\rc5_locl.h tmp\rc5_locl.h
1 file(s) copied.
copy .\crypto\idea\idea_lcl.h tmp\idea_lcl.h
1 file(s) copied.
copy .\crypto\bf\bf_pi.h tmp\bf_pi.h
1 file(s) copied.
copy .\crypto\bf\bf_locl.h tmp\bf_locl.h
1 file(s) copied.
copy .\crypto\cast\cast_s.h tmp\cast_s.h
1 file(s) copied.
copy .\crypto\cast\cast_lcl.h tmp\cast_lcl.h
1 file(s) copied.
copy .\crypto\bn\bn_lcl.h tmp\bn_lcl.h
1 file(s) copied.
copy .\crypto\bn\bn_prime.h tmp\bn_prime.h
1 file(s) copied.
copy .\crypto\bio\bss_file.c tmp\bss_file.c
1 file(s) copied.
copy .\crypto\objects\obj_dat.h tmp\obj_dat.h
1 file(s) copied.
copy .\crypto\conf\conf_def.h tmp\conf_def.h
1 file(s) copied.
copy .\ssl\ssl_locl.h tmp\ssl_locl.h
1 file(s) copied.
copy .\apps\apps.h tmp\apps.h
1 file(s) copied.
copy .\apps\progs.h tmp\progs.h
1 file(s) copied.
copy .\apps\s_apps.h tmp\s_apps.h
1 file(s) copied.
copy .\apps\testdsa.h tmp\testdsa.h
1 file(s) copied.
copy .\apps\testrsa.h tmp\testrsa.h
1 file(s) copied.
copy .\.\e_os.h outinc\openssl\e_os.h
1 file(s) copied.
copy .\.\e_os2.h outinc\openssl\e_os2.h
1 file(s) copied.
copy .\crypto\crypto.h outinc\openssl\crypto.h
1 file(s) copied.
copy .\crypto\tmdiff.h outinc\openssl\tmdiff.h
1 file(s) copied.
copy .\crypto\opensslv.h outinc\openssl\opensslv.h
1 file(s) copied.
copy .\crypto\opensslconf.h outinc\openssl\opensslconf.h
1 file(s) copied.
copy .\crypto\ebcdic.h outinc\openssl\ebcdic.h
1 file(s) copied.
copy .\crypto\symhacks.h outinc\openssl\symhacks.h
1 file(s) copied.
copy .\crypto\md2\md2.h outinc\openssl\md2.h
1 file(s) copied.
copy .\crypto\md4\md4.h outinc\openssl\md4.h
1 file(s) copied.
copy .\crypto\md5\md5.h outinc\openssl\md5.h
1 file(s) copied.
copy .\crypto\sha\sha.h outinc\openssl\sha.h
1 file(s) copied.
copy .\crypto\mdc2\mdc2.h outinc\openssl\mdc2.h
1 file(s) copied.
copy .\crypto\hmac\hmac.h outinc\openssl\hmac.h
1 file(s) copied.
copy .\crypto\ripemd\ripemd.h outinc\openssl\ripemd.h
1 file(s) copied.
copy .\crypto\des\des.h outinc\openssl\des.h
1 file(s) copied.
copy .\crypto\rc2\rc2.h outinc\openssl\rc2.h
1 file(s) copied.
copy .\crypto\rc4\rc4.h outinc\openssl\rc4.h
1 file(s) copied.
copy .\crypto\rc5\rc5.h outinc\openssl\rc5.h
1 file(s) copied.
copy .\crypto\idea\idea.h outinc\openssl\idea.h
1 file(s) copied.
copy .\crypto\bf\blowfish.h outinc\openssl\blowfish.h
1 file(s) copied.
copy .\crypto\cast\cast.h outinc\openssl\cast.h
1 file(s) copied.
copy .\crypto\bn\bn.h outinc\openssl\bn.h
1 file(s) copied.
copy .\crypto\rsa\rsa.h outinc\openssl\rsa.h
1 file(s) copied.
copy .\crypto\dsa\dsa.h outinc\openssl\dsa.h
1 file(s) copied.
copy .\crypto\dso\dso.h outinc\openssl\dso.h
1 file(s) copied.
copy .\crypto\dh\dh.h outinc\openssl\dh.h
1 file(s) copied.
copy .\crypto\buffer\buffer.h outinc\openssl\buffer.h
1 file(s) copied.
copy .\crypto\bio\bio.h outinc\openssl\bio.h
1 file(s) copied.
copy .\crypto\stack\stack.h outinc\openssl\stack.h
1 file(s) copied.
copy .\crypto\stack\safestack.h outinc\openssl\safestack.h
1 file(s) copied.
copy .\crypto\lhash\lhash.h outinc\openssl\lhash.h
1 file(s) copied.
copy .\crypto\rand\rand.h outinc\openssl\rand.h
1 file(s) copied.
copy .\crypto\err\err.h outinc\openssl\err.h
1 file(s) copied.
copy .\crypto\objects\objects.h outinc\openssl\objects.h
1 file(s) copied.
copy .\crypto\objects\obj_mac.h outinc\openssl\obj_mac.h
1 file(s) copied.
copy .\crypto\evp\evp.h outinc\openssl\evp.h
1 file(s) copied.
copy .\crypto\asn1\asn1.h outinc\openssl\asn1.h
1 file(s) copied.
copy .\crypto\asn1\asn1_mac.h outinc\openssl\asn1_mac.h
1 file(s) copied.
copy .\crypto\pem\pem.h outinc\openssl\pem.h
1 file(s) copied.
copy .\crypto\pem\pem2.h outinc\openssl\pem2.h
1 file(s) copied.
copy .\crypto\x509\x509.h outinc\openssl\x509.h
1 file(s) copied.
copy .\crypto\x509\x509_vfy.h outinc\openssl\x509_vfy.h
1 file(s) copied.
copy .\crypto\x509v3\x509v3.h outinc\openssl\x509v3.h
1 file(s) copied.
copy .\crypto\conf\conf.h outinc\openssl\conf.h
1 file(s) copied.
copy .\crypto\conf\conf_api.h outinc\openssl\conf_api.h
1 file(s) copied.
copy .\crypto\txt_db\txt_db.h outinc\openssl\txt_db.h
1 file(s) copied.
copy .\crypto\pkcs7\pkcs7.h outinc\openssl\pkcs7.h
1 file(s) copied.
copy .\crypto\pkcs12\pkcs12.h outinc\openssl\pkcs12.h
1 file(s) copied.
copy .\crypto\comp\comp.h outinc\openssl\comp.h
1 file(s) copied.
copy .\crypto\engine\engine.h outinc\openssl\engine.h
1 file(s) copied.
copy .\ssl\ssl.h outinc\openssl\ssl.h
1 file(s) copied.
copy .\ssl\ssl2.h outinc\openssl\ssl2.h
1 file(s) copied.
copy .\ssl\ssl3.h outinc\openssl\ssl3.h
1 file(s) copied.
copy .\ssl\ssl23.h outinc\openssl\ssl23.h
1 file(s) copied.
copy .\ssl\tls1.h outinc\openssl\tls1.h
1 file(s) copied.
copy .\rsaref\rsaref.h outinc\openssl\rsaref.h
1 file(s) copied.
gcc -o tmp\cryptlib.o -Ioutinc -Itmp -O3 -fomit-frame-pointer -DDSO_WIN32 -c .
\crypto\cryptlib.c
process_begin: CreateProcess((null), gcc -o tmp\cryptlib.o -Ioutinc -Itmp -O3 -f
omit-frame-pointer -DDSO_WIN32 -c .\crypto\cryptlib.c, ...) failed.
make (e=2): The system cannot find the file specified.
make: *** [tmp\cryptlib.o] Error 2
You can ignore the error messages above
1 file(s) copied.
Building the libraries
Building OpenSSL
gcc -o tmp/cryptlib.o -Ioutinc -Itmp -DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointe
r -O3 -m486 -Wall -DBN_ASM -DMD5_ASM -DSHA1_ASM -c ./crypto/cryptlib.c
process_begin: CreateProcess((null), gcc -o tmp/cryptlib.o -Ioutinc -Itmp -DL_EN
DIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -m486 -Wall -DBN_ASM -DMD5_ASM -DSHA1_
ASM -c ./crypto/cryptlib.c, ...) failed.
make (e=2): The system cannot find the file specified.
make: *** [tmp/cryptlib.o] Error 2
C:\kumar\openssl-engine-0.9.6c.tar\openssl-engine-0.9.6c>
Note :
As per readme instruction,
i am using following
     1. GNU C (Mingw32) :
          gcc-2.95.2-msvcrt.exe
          make-3.76.1.zip
     2. ActivePerl-5.6.1.631-MSWin32-x86.msi
what is the work around? is there any mistake from my side?
please help me.. it is urgent
Thanks and Regards
kumar

Error while passing keystorePass value in tomcat server.xml

Hi,
I have created keystore in jdk 1.5.0_17 by the following commands::::
keytool -genkey -alias tomcat -keyalg RSA
But when i am trying to see the keytool list it is showing
Key store type: gkr
Key store provider: GNU-CRYPTO
And when i pass keystorePass in tomcat for ssl connection, I am not able to access https. Its showing error as invalid .keystore format.
Kindly help me out in this regard.

My java_home is set to the path where i have installed sun jdk.Irrelevant. What does java -version print out. What does keytool -J-version print out?
I do not understand how r u saying that i am still using gnu java?BECAUSE IT PRINTED GNU-CRYPTO.
Can you please tell how to know where gnu java is installedI have no idea, but everybody else I've given this advice to has managed to figure it out.

How to install sun studio 12 under Centos 5???

HI, all,
I am trying to install Sun Studio 12 into Centos 5. The followings are what I did:
1. Download sun studio 12 package by selecting Linex (x86) for Centos from web site and save this package under /var/tmp.
2. I used bzcat to unpack this package by:
bzcat < SunStudio12ml-linux-x86-200709-pkg.tar.bz2 | /bin/tar xvf -
3. I did prepare_system before installation by:
./prepare_system [-d /opt/sun/ ] [-R /var/tmp/ ] [-C | -s netbeans | java | patches | all_patches | jdk_patches | all | print_needed_steps ]
where [-d /opt/sun/ ] is the directory where all missing softwares will be installed, [-R /var/tmp/ ] is the directory where unpacked programs are saved.
After running prepare_system, the resposes are:
bash: -s: command not found
bash: patches: command not found
bash: all_patches: command not found
bash: all: command not found
bash: print_needed_steps: command not found
bash: jdk_patches: command not found
*Usage: gij [OPTION] ... CLASS [ARGS] ...*
to invoke CLASS.main, or
*gij -jar [OPTION] ... JARFILE [ARGS] ...*
to execute a jar file
*Try `gij --help' for more information.*
4. I started to use installer with command line to install the sun studio 12 by:
./installer -nodisplay
The result shows me some exceptions and installation is failed as:
Exception in thread "Thread-1" java.awt.HeadlessException
at java.awt.dnd.DropTarget.<init>(libgcj.so.7rh)
at java.awt.dnd.DropTarget.<init>(libgcj.so.7rh)
at javax.swing.JComponent.<init>(libgcj.so.7rh)
at javax.swing.JPanel.<init>(libgcj.so.7rh)
at javax.swing.JPanel.<init>(libgcj.so.7rh)
at com.sun.wizards.core.WizardComponent.<init>(WizardComponent.java:159)
at com.sun.wizards.core.WizardComposite.<init>(WizardComposite.java:83)
at com.sun.wizards.core.WizardTreeManager.createWizardPanel(WizardTreeManager.java:890)
at com.sun.wizards.core.WizardTreeManager.<init>(WizardTreeManager.java:325)
at com.sun.wizards.core.CommandLineConsole.run(CommandLineConsole.java:75)
at java.lang.Thread.run(libgcj.so.7rh)
Task Failed: java.lang.NullPointerException
java.lang.NullPointerException
at java.lang.Class.isAssignableFrom(libgcj.so.7rh)
at java.util.ResourceBundle.tryBundle(libgcj.so.7rh)
at java.util.ResourceBundle.tryBundle(libgcj.so.7rh)
at java.util.ResourceBundle.getBundle(libgcj.so.7rh)
at java.util.ResourceBundle.getBundle(libgcj.so.7rh)
at com.sun.setup.util.wbResource.getString(wbResource.java:212)
at com.sun.setup.util.wbResource.getString(wbResource.java:132)
at com.sun.setup.util.setupInitializationTask.perform(setupInitializationTask.java:88)
at com.sun.wizards.core.Sequence.perform(Sequence.java:343)
at com.sun.wizards.core.SequenceManager.run(SequenceManager.java:226)
at java.lang.Thread.run(libgcj.so.7rh)
I followed installation instructions to install sun studio 12 under Centos 5. I can not make it. However, I made it under Solaries system.
So, is there any special for Centos 5?
Hunter 3D

Hi,
Thank you for your helps.
According to your suggestions, I downloaded JDK 6 update 10 RC, specifical in Linux platform : self-extracting JDK file named:
jdk-6u10-bin-b28-linux-i586-21-jul-2008.bin
I saved downloading under the directory where sun studio is located.
I used
yum search jdk
to find jdk exists in Centos 5.2 shown as the message as:
[root@localhost sun]# yum search jdk
Loading "priorities" plugin
Loading "fastestmirror" plugin
Loading mirror speeds from cached hostfile
* rpmforge: ftp-stud.fht-esslingen.de
* base: mirror.raystedman.net
* updates: mirror.raystedman.net
* addons: mirror.voxitas.com
* extras: mirror.raystedman.net
0 packages excluded due to repository priority protections
jakarta-commons-launcher.i386 : The Launcher Component is designed to be a cross platform Java application launcher.
jakarta-commons-collections.i386 : Jakarta Commons Collections Package
mockobjects-alt-jdk1.4.i386 : Mockable API for JDK 1.4
jakarta-commons-beanutils.i386 : Jakarta Commons BeanUtils Package
gnu-crypto-sasl-jdk1.4.i386 : Gnu Crypto SASL API
ldapjdk.i386 : The Mozilla LDAP Java SDK
ldapjdk-javadoc.i386 : Javadoc for ldapjdk
mockobjects-jdk1.4.i386 : MockObjects for 1.4 JDK
I used
./installer -nodisplay
to install sun studio 12 and error message show as:
[root@localhost sun]# ./installer -nodisplay
Exception in thread "Thread-1" java.awt.HeadlessException
at java.awt.dnd.DropTarget.<init>(libgcj.so.7rh)
at java.awt.dnd.DropTarget.<init>(libgcj.so.7rh)
at javax.swing.JComponent.<init>(libgcj.so.7rh)
at javax.swing.JPanel.<init>(libgcj.so.7rh)
at javax.swing.JPanel.<init>(libgcj.so.7rh)
at com.sun.wizards.core.WizardComponent.<init>(WizardComponent.java:159)
at com.sun.wizards.core.WizardComposite.<init>(WizardComposite.java:83)
at com.sun.wizards.core.WizardTreeManager.createWizardPanel(WizardTreeManager.java:890)
at com.sun.wizards.core.WizardTreeManager.<init>(WizardTreeManager.java:325)
at com.sun.wizards.core.CommandLineConsole.run(CommandLineConsole.java:75)
at java.lang.Thread.run(libgcj.so.7rh)
Task Failed: java.lang.NullPointerException
java.lang.NullPointerException
at java.lang.Class.isAssignableFrom(libgcj.so.7rh)
at java.util.ResourceBundle.tryBundle(libgcj.so.7rh)
at java.util.ResourceBundle.tryBundle(libgcj.so.7rh)
at java.util.ResourceBundle.getBundle(libgcj.so.7rh)
at java.util.ResourceBundle.getBundle(libgcj.so.7rh)
at com.sun.setup.util.wbResource.getString(wbResource.java:212)
at com.sun.setup.util.wbResource.getString(wbResource.java:132)
at com.sun.setup.util.setupInitializationTask.perform(setupInitializationTask.java:88)
at com.sun.wizards.core.Sequence.perform(Sequence.java:343)
at com.sun.wizards.core.SequenceManager.run(SequenceManager.java:226)
at java.lang.Thread.run(libgcj.so.7rh)
So, please tell me what I will do.
Thank you.

Code working in Windows, Problems in Linux

I am using the following lines of code in Windows for the required encryption
KeySpec keySpec = new PBEKeySpec(passPhrase.toCharArray(), this.salt, this.iterationCount);
this.key = SecretKeyFactory.getInstance("PBEWithMD5AndDES").generateSecret(keySpec);But this same code to get the key does not work in linux when I am using the same version on Java on both Windows and Linux. Do i need something more to get this thing working.
The Exception I got in Linux says : noSuchAlgorithmFound "PBEWithMD5AndDES"

Hi again,
Yes I am using the same version of Java in both Windows and Linux. The version I am using is "1.5.0_06"
My code is as follows
import javax.crypto.*;
import javax.crypto.spec.*;
import java.io.*;
import java.security.spec.*;
public class EncryptFile
     static public class EncryptionException extends Exception
        private EncryptionException(String text, Exception chain)
            super(text, chain);
     public EncryptFile(String passPhrase) throws EncryptionException
          try
            KeySpec keySpec = new PBEKeySpec(passPhrase.toCharArray(), this.salt, this.iterationCount);
            this.key = SecretKeyFactory.getInstance("PBEWithMD5AndDES").generateSecret(keySpec);
            // Prepare the parameter to the ciphers
            this.paramSpec = new PBEParameterSpec(this.salt, this.iterationCount);
               this.encryptCipher = Cipher.getInstance(this.key.getAlgorithm());
               this.encryptCipher.init(javax.crypto.Cipher.ENCRYPT_MODE, this.key, this.paramSpec);
               this.decryptCipher = Cipher.getInstance(this.key.getAlgorithm());
               this.decryptCipher.init(javax.crypto.Cipher.DECRYPT_MODE, this.key, this.paramSpec);
        }catch(Exception e)
               System.out.println(e);
     synchronized public void encrypt(File sourceFile, File destinationFile) throws EncryptionException
        try
            encryptOrDecryptFile(encryptCipher, sourceFile, destinationFile);
        catch (Exception e)
            throw new EncryptionException("Problem encrypting '" + sourceFile + "' to '" + destinationFile + "'", e);
     synchronized public void decrypt(File sourceFile, File destinationFile) throws EncryptionException
        try
            encryptOrDecryptFile(decryptCipher, sourceFile, destinationFile);
        catch (Exception e)
            throw new EncryptionException("Problem decrypting '" + sourceFile + "' to '" + destinationFile + "'", e);
     private void encryptOrDecryptFile(Cipher cipher, File sourceFile, File destinationFile) throws Exception
        InputStream istrm = new FileInputStream(sourceFile);
        istrm = new javax.crypto.CipherInputStream(istrm, cipher);
        OutputStream ostrm = new FileOutputStream(destinationFile);
        ostrm = new BufferedOutputStream(ostrm);
        byte[] buffer = new byte[65536];
        for (int len = 0; (len = istrm.read(buffer)) >= 0;)
            ostrm.write(buffer, 0, len);
        ostrm.flush();
        ostrm.close();
        istrm.close();
     public static void main(String[] args)
        try
               String line; // hold the input line
               String merchantID;
               String sourceFileAsString = null;
            BufferedReader input = new BufferedReader( new InputStreamReader(System.in));
               System.out.print("Enter the Merchant ID : ");
               merchantID = input.readLine().trim();
               merchantID = "secure" + merchantID + "connection";
               System.out.println("-------------MENU-------------");
               System.out.println("1 ---> Encrypt a file");
               System.out.println("2 ---> Decrypt a file");
               System.out.print("Enter your choice : ");
               line = input.readLine();
               line = line.trim();
               if(line.equals("1")) //Encrypt a file
                    System.out.print("Enter file to be encrypted : ");
                    sourceFileAsString = input.readLine().trim();
                    File sourceFile = new File(sourceFileAsString);
                    File destinationFile = new File(sourceFileAsString + ".encrypted");
                    final EncryptFile cryptoAgent = new EncryptFile(merchantID);
                    cryptoAgent.encrypt(sourceFile, destinationFile);
               else //Decrypt a file
                    System.out.print("Enter file to be decrypted : ");
                    sourceFileAsString = input.readLine().trim();
                    File destinationFile = new File(sourceFileAsString + ".encrypted");
                    //File decryptedSourceFile = new File(sourceFileAsString + ".decrypted");
                    File decryptedSourceFile = new File(sourceFileAsString);
                    final EncryptFile cryptoAgent = new EncryptFile(merchantID);
                    cryptoAgent.decrypt(destinationFile, decryptedSourceFile);
        catch (Exception e)
            e.printStackTrace(System.out);
     // 8-byte Salt
     private final byte[] salt = { (byte)0xA9, (byte)0x9B, (byte)0xC8, (byte)0x32,
                                (byte)0x56, (byte)0x35, (byte)0xE3, (byte)0x03 };
               // Iteration count
     private final int iterationCount = 19;
     private Cipher encryptCipher = null;
    private Cipher decryptCipher = null;
     private AlgorithmParameterSpec paramSpec = null;
     private SecretKey key = null;
}I checked the provider on Windows as printed the provider with PBE algorithm and got the following output
Provider: SunJCE, SunJCE Provider (implements RSA, DES, Triple DES, AES, Blowfish, ARCFOUR, RC2, PBE, Diffie-Hellman, HMAC)
        Mac.HmacPBESHA1 = com.sun.crypto.provider.HmacPKCS12PBESHA1
        AlgorithmParameters.PBEWithMD5AndTripleDES = com.sun.crypto.provider.PBEParameters
        AlgorithmParameters.PBEWithSHA1AndRC2_40 = com.sun.crypto.provider.PBEParameters
        Mac.HmacPBESHA1 SupportedKeyFormats = RAW
        AlgorithmParameters.PBEWithSHA1AndDESede = com.sun.crypto.provider.PBEParameters
        Cipher.PBEWithMD5AndDES = com.sun.crypto.provider.PBEWithMD5AndDESCipher
        Cipher.PBEWithMD5AndTripleDES = com.sun.crypto.provider.PBEWithMD5AndTripleDESCipher
        SecretKeyFactory.PBE = com.sun.crypto.provider.PBEKeyFactory
        SecretKeyFactory.PBEWithSHA1AndRC2_40 = com.sun.crypto.provider.PBEKeyFactory
        Cipher.PBEWithSHA1AndRC2_40 = com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC2_40
        SecretKeyFactory.PBEWithSHA1AndDESede = com.sun.crypto.provider.PBEKeyFactory
        Cipher.PBEWithSHA1AndDESede = com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndDESede
        AlgorithmParameters.PBEWithMD5AndDES = com.sun.crypto.provider.PBEParameters
        SecretKeyFactory.PBEWithMD5AndTripleDES = com.sun.crypto.provider.PBEKeyFactory
        SecretKeyFactory.PBEWithMD5AndDES = com.sun.crypto.provider.PBEKeyFactory
        AlgorithmParameters.PBE = com.sun.crypto.provider.PBEParameterswhereas the same thing on Linux gave me the provider info as follows
Provider: GNU-CRYPTO, GNU Crypto JCE Provider
        CIPHER.PBEWITHHMACMD5ANDTRIPLEDES = gnu.crypto.jce.cipher.PBES2$HMacMD5$TripleDES
        CIPHER.PBEWITHHMACSHA1ANDSERPENT = gnu.crypto.jce.cipher.PBES2$HMacSHA1$Serpent
        CIPHER.PBEWITHHMACHAVALANDSERPENT = gnu.crypto.jce.cipher.PBES2$HMacHaval$Serpent
        CIPHER.PBEWITHHMACHAVALANDCAST5 = gnu.crypto.jce.cipher.PBES2$HMacHaval$Cast5
        CIPHER.PBEWITHHMACHAVALANDKHAZAD = gnu.crypto.jce.cipher.PBES2$HMacHaval$Khazad
        CIPHER.PBEWITHHMACMD4ANDTWOFISH = gnu.crypto.jce.cipher.PBES2$HMacMD4$Twofish
        CIPHER.PBEWITHHMACSHA512ANDSQUARE = gnu.crypto.jce.cipher.PBES2$HMacSHA512$Square
        CIPHER.PBEWITHHMACSHA1ANDSQUARE = gnu.crypto.jce.cipher.PBES2$HMacSHA1$Square
        CIPHER.PBEWITHHMACHAVALANDDES = gnu.crypto.jce.cipher.PBES2$HMacHaval$DES
        CIPHER.PBEWITHHMACSHA512ANDKHAZAD = gnu.crypto.jce.cipher.PBES2$HMacSHA512$Khazad
        CIPHER.PBEWITHHMACSHA512ANDCAST5 = gnu.crypto.jce.cipher.PBES2$HMacSHA512$Cast5
        CIPHER.PBEWITHHMACWHIRLPOOLANDBLOWFISH = gnu.crypto.jce.cipher.PBES2$HMacWhirlpool$Blowfish
        CIPHER.PBEWITHHMACHAVALANDANUBIS = gnu.crypto.jce.cipher.PBES2$HMacHaval$Anubis
        CIPHER.PBEWITHHMACMD5ANDSERPENT = gnu.crypto.jce.cipher.PBES2$HMacMD5$Serpent
        CIPHER.PBEWITHHMACWHIRLPOOLANDANUBIS = gnu.crypto.jce.cipher.PBES2$HMacWhirlpool$Anubis
        CIPHER.PBEWITHHMACSHA512ANDDES = gnu.crypto.jce.cipher.PBES2$HMacSHA512$DES
        CIPHER.PBEWITHHMACSHA1ANDKHAZAD = gnu.crypto.jce.cipher.PBES2$HMacSHA1$Khazad
        CIPHER.PBEWITHHMACWHIRLPOOLANDTRIPLEDES = gnu.crypto.jce.cipher.PBES2$HMacWhirlpool$TripleDES
        CIPHER.PBEWITHHMACSHA384ANDTWOFISH = gnu.crypto.jce.cipher.PBES2$HMacSHA384$Twofish
        CIPHER.PBEWITHHMACSHA512ANDANUBIS = gnu.crypto.jce.cipher.PBES2$HMacSHA512$Anubis
        CIPHER.PBEWITHHMACMD2ANDDES = gnu.crypto.jce.cipher.PBES2$HMacMD2$DES
        CIPHER.PBEWITHHMACMD2ANDCAST5 = gnu.crypto.jce.cipher.PBES2$HMacMD2$Cast5
        CIPHER.PBEWITHHMACWHIRLPOOLANDKHAZAD = gnu.crypto.jce.cipher.PBES2$HMacWhirlpool$Khazad
        CIPHER.PBEWITHHMACSHA256ANDAES = gnu.crypto.jce.cipher.PBES2$HMacSHA256$AES
        CIPHER.PBEWITHHMACWHIRLPOOLANDAES = gnu.crypto.jce.cipher.PBES2$HMacWhirlpool$AES
        CIPHER.PBEWITHHMACSHA1ANDANUBIS = gnu.crypto.jce.cipher.PBES2$HMacSHA1$Anubis
        CIPHER.PBEWITHHMACMD2ANDTRIPLEDES = gnu.crypto.jce.cipher.PBES2$HMacMD2$TripleDES
        CIPHER.PBEWITHHMACMD4ANDAES = gnu.crypto.jce.cipher.PBES2$HMacMD4$AES
        CIPHER.PBEWITHHMACMD4ANDBLOWFISH = gnu.crypto.jce.cipher.PBES2$HMacMD4$Blowfish
        CIPHER.PBEWITHHMACTIGERANDDES = gnu.crypto.jce.cipher.PBES2$HMacTiger$DES
        CIPHER.PBEWITHHMACWHIRLPOOLANDSQUARE = gnu.crypto.jce.cipher.PBES2$HMacWhirlpool$Square
        CIPHER.PBEWITHHMACSHA256ANDSQUARE = gnu.crypto.jce.cipher.PBES2$HMacSHA256$Square
        CIPHER.PBEWITHHMACMD5ANDTWOFISH = gnu.crypto.jce.cipher.PBES2$HMacMD5$Twofish
        CIPHER.PBEWITHHMACWHIRLPOOLANDSERPENT = gnu.crypto.jce.cipher.PBES2$HMacWhirlpool$Serpent
        CIPHER.PBEWITHHMACSHA256ANDBLOWFISH = gnu.crypto.jce.cipher.PBES2$HMacSHA256$Blowfish
        CIPHER.PBEWITHHMACSHA256ANDTWOFISH = gnu.crypto.jce.cipher.PBES2$HMacSHA256$Twofish
        CIPHER.PBEWITHHMACMD4ANDCAST5 = gnu.crypto.jce.cipher.PBES2$HMacMD4$Cast5
        CIPHER.PBEWITHHMACTIGERANDSERPENT = gnu.crypto.jce.cipher.PBES2$HMacTiger$Serpent
        CIPHER.PBEWITHHMACSHA256ANDKHAZAD = gnu.crypto.jce.cipher.PBES2$HMacSHA256$Khazad
        CIPHER.PBEWITHHMACMD4ANDSQUARE = gnu.crypto.jce.cipher.PBES2$HMacMD4$Square
        CIPHER.PBEWITHHMACMD5ANDDES = gnu.crypto.jce.cipher.PBES2$HMacMD5$DES
        CIPHER.PBEWITHHMACSHA1ANDTWOFISH = gnu.crypto.jce.cipher.PBES2$HMacSHA1$Twofish
        CIPHER.PBEWITHHMACSHA256ANDTRIPLEDES = gnu.crypto.jce.cipher.PBES2$HMacSHA256$TripleDES
        CIPHER.PBEWITHHMACMD2ANDBLOWFISH = gnu.crypto.jce.cipher.PBES2$HMacMD2$Blowfish
        CIPHER.PBEWITHHMACMD4ANDKHAZAD = gnu.crypto.jce.cipher.PBES2$HMacMD4$Khazad
        CIPHER.PBEWITHHMACSHA256ANDANUBIS = gnu.crypto.jce.cipher.PBES2$HMacSHA256$Anubis
        CIPHER.PBEWITHHMACMD2ANDSQUARE = gnu.crypto.jce.cipher.PBES2$HMacMD2$Square
        CIPHER.PBEWITHHMACWHIRLPOOLANDDES = gnu.crypto.jce.cipher.PBES2$HMacWhirlpool$DES
        CIPHER.PBEWITHHMACSHA384ANDAES = gnu.crypto.jce.cipher.PBES2$HMacSHA384$AES
        CIPHER.PBEWITHHMACSHA256ANDCAST5 = gnu.crypto.jce.cipher.PBES2$HMacSHA256$Cast5
        CIPHER.PBEWITHHMACSHA1ANDTRIPLEDES = gnu.crypto.jce.cipher.PBES2$HMacSHA1$TripleDES
        CIPHER.PBEWITHHMACSHA512ANDTWOFISH = gnu.crypto.jce.cipher.PBES2$HMacSHA512$Twofish
        CIPHER.PBEWITHHMACTIGERANDAES = gnu.crypto.jce.cipher.PBES2$HMacTiger$AES
        CIPHER.PBEWITHHMACTIGERANDTRIPLEDES = gnu.crypto.jce.cipher.PBES2$HMacTiger$TripleDES
        CIPHER.PBEWITHHMACMD2ANDSERPENT = gnu.crypto.jce.cipher.PBES2$HMacMD2$Serpent
        CIPHER.PBEWITHHMACMD4ANDANUBIS = gnu.crypto.jce.cipher.PBES2$HMacMD4$Anubis
        CIPHER.PBEWITHHMACTIGERANDTWOFISH = gnu.crypto.jce.cipher.PBES2$HMacTiger$Twofish
        CIPHER.PBEWITHHMACTIGERANDBLOWFISH = gnu.crypto.jce.cipher.PBES2$HMacTiger$Blowfish
        CIPHER.PBEWITHHMACMD2ANDKHAZAD = gnu.crypto.jce.cipher.PBES2$HMacMD2$Khazad
        CIPHER.PBEWITHHMACHAVALANDTRIPLEDES = gnu.crypto.jce.cipher.PBES2$HMacHaval$TripleDES
        CIPHER.PBEWITHHMACSHA256ANDSERPENT = gnu.crypto.jce.cipher.PBES2$HMacSHA256$Serpent
        CIPHER.PBEWITHHMACWHIRLPOOLANDTWOFISH = gnu.crypto.jce.cipher.PBES2$HMacWhirlpool$Twofish
        CIPHER.PBEWITHHMACTIGERANDANUBIS = gnu.crypto.jce.cipher.PBES2$HMacTiger$Anubis
        CIPHER.PBEWITHHMACMD5ANDAES = gnu.crypto.jce.cipher.PBES2$HMacMD5$AES
        CIPHER.PBEWITHHMACMD2ANDANUBIS = gnu.crypto.jce.cipher.PBES2$HMacMD2$Anubis
        CIPHER.PBEWITHHMACMD5ANDBLOWFISH = gnu.crypto.jce.cipher.PBES2$HMacMD5$Blowfish
        CIPHER.PBEWITHHMACSHA384ANDTRIPLEDES = gnu.crypto.jce.cipher.PBES2$HMacSHA384$TripleDES
        CIPHER.PBEWITHHMACTIGERANDKHAZAD = gnu.crypto.jce.cipher.PBES2$HMacTiger$Khazad
        CIPHER.PBEWITHHMACSHA384ANDSQUARE = gnu.crypto.jce.cipher.PBES2$HMacSHA384$Square
        CIPHER.PBEWITHHMACSHA512ANDTRIPLEDES = gnu.crypto.jce.cipher.PBES2$HMacSHA512$TripleDES
        CIPHER.PBEWITHHMACSHA384ANDBLOWFISH = gnu.crypto.jce.cipher.PBES2$HMacSHA384$Blowfish
        CIPHER.PBEWITHHMACSHA384ANDDES = gnu.crypto.jce.cipher.PBES2$HMacSHA384$DES
        CIPHER.PBEWITHHMACSHA384ANDSERPENT = gnu.crypto.jce.cipher.PBES2$HMacSHA384$Serpent
        CIPHER.PBEWITHHMACSHA384ANDCAST5 = gnu.crypto.jce.cipher.PBES2$HMacSHA384$Cast5
        CIPHER.PBEWITHHMACSHA1ANDAES = gnu.crypto.jce.cipher.PBES2$HMacSHA1$AES
        CIPHER.PBEWITHHMACMD4ANDTRIPLEDES = gnu.crypto.jce.cipher.PBES2$HMacMD4$TripleDES
        CIPHER.PBEWITHHMACMD5ANDCAST5 = gnu.crypto.jce.cipher.PBES2$HMacMD5$Cast5
        CIPHER.PBEWITHHMACTIGERANDSQUARE = gnu.crypto.jce.cipher.PBES2$HMacTiger$Square
        CIPHER.PBEWITHHMACSHA384ANDKHAZAD = gnu.crypto.jce.cipher.PBES2$HMacSHA384$Khazad
        CIPHER.PBEWITHHMACSHA1ANDCAST5 = gnu.crypto.jce.cipher.PBES2$HMacSHA1$Cast5
        CIPHER.PBEWITHHMACMD5ANDSQUARE = gnu.crypto.jce.cipher.PBES2$HMacMD5$Square
        CIPHER.PBEWITHHMACSHA512ANDBLOWFISH = gnu.crypto.jce.cipher.PBES2$HMacSHA512$Blowfish
        CIPHER.PBEWITHHMACSHA1ANDBLOWFISH = gnu.crypto.jce.cipher.PBES2$HMacSHA1$Blowfish
        CIPHER.PBEWITHHMACWHIRLPOOLANDCAST5 = gnu.crypto.jce.cipher.PBES2$HMacWhirlpool$Cast5
        CIPHER.PBEWITHHMACHAVALANDAES = gnu.crypto.jce.cipher.PBES2$HMacHaval$AES
        CIPHER.PBEWITHHMACSHA384ANDANUBIS = gnu.crypto.jce.cipher.PBES2$HMacSHA384$Anubis
        CIPHER.PBEWITHHMACHAVALANDBLOWFISH = gnu.crypto.jce.cipher.PBES2$HMacHaval$Blowfish
        CIPHER.PBEWITHHMACMD5ANDKHAZAD = gnu.crypto.jce.cipher.PBES2$HMacMD5$Khazad
        CIPHER.PBEWITHHMACMD4ANDSERPENT = gnu.crypto.jce.cipher.PBES2$HMacMD4$Serpent
        CIPHER.PBEWITHHMACSHA512ANDAES = gnu.crypto.jce.cipher.PBES2$HMacSHA512$AES
        CIPHER.PBEWITHHMACHAVALANDTWOFISH = gnu.crypto.jce.cipher.PBES2$HMacHaval$Twofish
        CIPHER.PBEWITHHMACTIGERANDCAST5 = gnu.crypto.jce.cipher.PBES2$HMacTiger$Cast5
        CIPHER.PBEWITHHMACSHA512ANDSERPENT = gnu.crypto.jce.cipher.PBES2$HMacSHA512$Serpent
        CIPHER.PBEWITHHMACMD2ANDAES = gnu.crypto.jce.cipher.PBES2$HMacMD2$AES
        CIPHER.PBEWITHHMACMD5ANDANUBIS = gnu.crypto.jce.cipher.PBES2$HMacMD5$Anubis
        CIPHER.PBEWITHHMACSHA256ANDDES = gnu.crypto.jce.cipher.PBES2$HMacSHA256$DES
        CIPHER.PBEWITHHMACSHA1ANDDES = gnu.crypto.jce.cipher.PBES2$HMacSHA1$DES
        CIPHER.PBEWITHHMACHAVALANDSQUARE = gnu.crypto.jce.cipher.PBES2$HMacHaval$Square
        CIPHER.PBEWITHHMACMD2ANDTWOFISH = gnu.crypto.jce.cipher.PBES2$HMacMD2$Twofish
        CIPHER.PBEWITHHMACMD4ANDDES = gnu.crypto.jce.cipher.PBES2$HMacMD4$DESAm i missing out some files to be included in my project to make my code work in Linux ?

SRP6 Java Implementation

I was wondering if anyone knew how to implement the SRP6 protocol in Java. I know there's an impl of it in gnu-crypto, but i don't need all the extra stuff. I've been trying various combination's and none of them have worked. I'm comparing my results with the results from http://srp.stanford.edu/demo/demo.html , which i'm assuming are correct, due to the fact that it's written by the creator of the SRP protocol, I mean, I suppose it could be wrong, but then the site wouldn't be very effective then.
My biggest problem seems to be when hashing the salt with the hashed username and password.
SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
BigInteger salt = new BigInteger(random.generateSeed(32));
BigInteger innerHash = new BigInteger(SHA1.hash("zymus:apocalypse"));//According to many tested SHA1 impl's, this works correctly.
byte[] exp = new String(SHA1.hash(salt.toString(16) + innerHash.toString(16))).getBytes("UTF-8");;//This is where i believe I'm messing up. This is just one of the many combination's that i've tried.
System.out.println(salt.toString(16));
System.out.println(new BigInteger(exp).toString(16));Output:
>
8098f80df83b4f23d3f104acac3f6f165ae059ebe00966d1c3339afb37fe78c
20476ec2a3c2a9c2ad2ac3984f010769c3bec3b6e282ac11155fc2a71f
>
Expected output according to aforementioned site:
>
8098f80df83b4f23d3f104acac3f6f165ae059ebe00966d1c3339afb37fe78c
ffd90619e047303e3278be09314664b3557c89d5
>
As you can see, the hashed salt + pass doesn't compare. The protocol definition for hashing is:
x = SHA1(salt + SHA1(username + ":" + password));Any ideas?
Edited by: Zymus on Sep 3, 2010 7:20 AM
Edited by: Zymus on Sep 3, 2010 7:21 AM

check out this site www.sourceforge.net. There are a lot of free , opensource projects available for download. Try and search there. I am sure you'll get one.

SecurityException - AES 256

I tried the code listing from the following link and AES 128 works fine.
http://java.sun.com/developer/technicalArticles/Security/AES/AES_v1.html
I downloaded the Unlimited jurisdiction policy files and replaced the existing local_policy.jar and us_export_policy.jar with the new ones, but I get a Security exception when I do AES 256
Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
at javax.crypto.e.<clinit>(Unknown Source)
... 3 more
Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
I am working with RAD, so the new jar files went into eclipse\jre\lib\security and I also tried putting them under runtimes\base_v51\java\jre\lib\security
I dont know what I am missing, Can someone point me in the right direction please. Thanks a lot.

I have tried copying the two jar files to under lib/ext also. But no luck.
This is how the java.security file looks like:
security.provider.1=com.ibm.crypto.provider.IBMJCE
security.provider.2=com.ibm.jsse.IBMJSSEProvider
security.provider.3=com.ibm.security.jgss.IBMJGSSProvider
security.provider.4=com.ibm.security.cert.IBMCertPath
security.provider.5=com.ibm.crypto.pkcs11.provider.IBMPKCS11
security.provider.6=com.sun.crypto.provider.SunJCE
security.provider.7=gnu.crypto.jce.GnuCrypto
security.provider.8=org.bouncycastle.jce.provider.BouncyCastleProvider
I am trying to see what else could cause this problem.. Could it be a version issue?

Oracle.security.crypto.cert.PKCS7 signing xml message

Dear All
Can anybody have java sample code to sign xml message by using oracle.security.crypto.cert.PKCS7 libarary.
Regards
Aamir

Hi Michal,
> about a WM application (which only has SAP in the name)
I'm afraid you have a completely wrong understanding of the Business Connector...
About 10-20% of the code (everything that deals with RFC communication, IDoc processing and conversion of IDoc/function module data to and from XML) has been developed here at SAP. And with release 4.7 (2003), SAP obtained 100% control over the source code, and we have done many fixes and enhancements in the webMethods part of the code (as well as in our own...) since then.
I just wanted to make this point clear...
BTW: the problem reported here is neither related to webMethods, nor to SAP: it's simply a problem with the certificate (probably a mismatch between private key and public key?!)
Best Regards, Ulrich
(SAP BC team)

Javax.crypto.IllegalBlockSizeException: 6 trailing bytes

Hi everybody!
I'm facing a error when i try to encrypt a string with symmetric algorithm DES. I try to run the following code on Redhat:
byte[] data="It is a test!".getBytes();
     Cipher cipher = Cipher.getInstance(algName);
     cipher.init(Cipher.ENCRYPT_MODE, key);
int blocksize=cipher.getBlockSize();
     System.out.println("--------blocksize: "+blocksize); // blocksize=8
     byte[] cipherByte = cipher.doFinal(data); // 52 line
The error showing is:
javax.crypto.IllegalBlockSizeException: 6 trailing bytes
at gnu.javax.crypto.jce.cipher.CipherAdapter.engineDoFinal(CipherAdapter.java:491)
at javax.crypto.Cipher.doFinal(Cipher.java:495)
at javax.crypto.Cipher.doFinal(Cipher.java:461)
at cn.com.webinfo.security.SymmetricAlgorithm.encrypt(SymmetricAlgorithm.java:52)
at cn.com.webinfo.stest.MainSymmetricAlgorithm.main(MainSymmetricAlgorithm.java:32)
Can any one support.
Thanks and waiting your replies.

It would help if you showed the content of the String referenced by 'algName' since it looks to me like you are using "DES/ECB/NoPadding" and not either "DES" or "DES/ECB/PKCS5Padding".

Sun jce pkcs7 data encryption

Hi,
I want to be able to generate a pkcs7 with encrypted data. The data is encrypted using 3DES and the symmetric keys used are encrypted with RSA in the PKCS7.
I tried to do it with Sun jce but I can only encrypt the file with either RSA or symmetric keys.
I'm using sun jdk 1.5 as the former ones didn't seem to have RSA encryption included in them.
I know that you can do it with other providers but I'd like to do it with the sun JCE.
Anyone has an idea ?
thanks
regards

My point is, you don't know what mode/padding either end is using. You do know (or at least should strongly suspect) that the defaults don't match.
Another hint: "Given block is not mutiple of 8". That implies to me that whichever side is returning that error, isn't padding AT ALL. The whole point to padding is to fill the last block FOR YOU, so you don't have to pre-block your plaintext to match the blocksize of the algorithm.
When you happen to transmit exactly the right-sized output, no padding gets used on either side, and it All Just Works. The other 7/8's of the time, padding is used on one side but not the other, and things DON'T work. That, at least, would be my guess.
I gave up using the defaults for algorithms for this very reason - you never know what the developer of your crypto-lib decided was the "most reasonable" set of options. Always specify algorithm/node/padding, and you won't have to guess anymore...
Grant

Unable to Decrypt the data properly using javax.crypto class and SunJCE

Hello all,
I am not new to Java but new to this forums
but and JCE and i wanted to write a program that Encrypts a file and also another program that decrypts it. As far Encryption is concerned i have been successful but When it comes to Decryption things aren't looking bright i have some or the other Problem with it. plz help me out .
Here is the Code for my Programs
Encryption
Code:
import java.io.*;
import javax.crypto.*;
import javax.crypto.spec.SecretKeySpec;
import java.security.*;
import javax.swing.*;
class MyJCE
public static void main(String args[])throws Exception
Provider sunjce = new com.sun.crypto.provider.SunJCE();
Security.addProvider(sunjce);
JFileChooser jfc = new JFileChooser();
int selection= jfc.showOpenDialog(null);
if(selection==JFileChooser.APPROVE_OPTION)
FileInputStream fis = new FileInputStream(jfc.getSelectedFile());
System.out.println("Selected file " + jfc.getSelectedFile());
try{
KeyGenerator kg = KeyGenerator.getInstance("DESede");
SecretKey key= kg.generateKey();
byte[] mkey=key.getEncoded();
System.out.println(key);
SecretKeySpec skey = new SecretKeySpec(mkey, "DESede");
Cipher cipher=Cipher.getInstance("DESede/ECB/NoPadding");
cipher.init(Cipher.ENCRYPT_MODE,skey);
byte[] data= new byte[fis.available()];
//reading the file into data byte array
byte[] result= cipher.update(data);
byte[] enc= new byte [fis.read(result)];
System.out.println("Encrypted =" + result);
File fi= new File("/home/srikar/Encrypted");
FileOutputStream fos= new FileOutputStream(fi);
fos.write(enc);
fos.close();
byte[] encodedSpeckey = skey.getEncoded();
FileOutputStream ks= new FileOutputStream("./key.txt");
ks.write(encodedSpeckey);
System.out.println("Key written to a file");
}//try
catch(Exception ex)
ex.printStackTrace();
}//catch
}This Creates a Encrypted File. and a Encrypted key.txt
Code:
import java.io.*;
import javax.crypto.*;
import javax.crypto.spec.SecretKeySpec;
import java.security.*;
import javax.swing.*;
class Decrypt
public static void main(String[] args)
try
JFileChooser jfc = new JFileChooser();
int selection= jfc.showOpenDialog(null);
if(selection==JFileChooser.APPROVE_OPTION)
FileInputStream fis = new FileInputStream(jfc.getSelectedFile());
System.out.println("Selected file " + jfc.getSelectedFile());
//Read from the Encrypted Data
int ll= (int)jfc.getSelectedFile().length();
byte[] buffer = new byte[ll];
int bytesRead=fis.read(buffer);
byte[] data= new byte[bytesRead];
System.arraycopy(buffer,0,data,0,bytesRead);
//Read the Cipher Settings
FileInputStream rkey= new FileInputStream("./key.txt");
bytesRead = rkey.read(buffer);
byte[] encodedKeySpec=new byte[bytesRead];
System.arraycopy(buffer,0,encodedKeySpec,0,bytesRead);
//Recreate the Secret Symmetric Key
SecretKeySpec skeySpec= new SecretKeySpec(encodedKeySpec,"DESede");
//create the cipher for Decrypting
Cipher cipher = Cipher.getInstance("DESede/ECB/NoPadding");
cipher.init(Cipher.DECRYPT_MODE,skeySpec);
byte[] decrypted= cipher.update(data);
FileOutputStream fos= new FileOutputStream("/home/srikar/Decrypted");
fos.write(decrypted);
}//if
}//try
catch(Exception e)
e.printStackTrace();
}//catch
}//main
}//classthis Decrypt.java is expected to decrypt the above encrypted file but this simply creates a plaintext file of the same size as the Encrypted file but its contents are unreadable.
Or I endup with Exceptions like BadPadding or IllegalBlockSize Exception if i use any other Algorithm .
Please help out
thanx in advance

Srikar2871 wrote:
Well thanx for ur reply but
As i said there are No issues with ENCRYPTION and am getting an Encrypted file exactly of the same size as that of the original file and NOT as null bytes and Even am able to get a Decrypted file of again the same size of the Encrypted File but this time that data inside is in unreadable format.I ran your code EXACTLY* as posted and the contents of the file when viewed in a Hex editor was
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00So unless you are running different code to what you have posted, your file will look the same.
Cheers,
Shane

SAP Java Crypto Toolkit was not found

Hi,
I m trying to install Netweaver 7.0 BI and portal with SR3 package. Installation is Cluster installation on windows 2008 and sql 2008 platform. When I came to Centarl instance installtion. On Start Java Phase I had the error. I put the error below. I check the notes Note 1071472 - FileSystem SecureStore connection issues, Note 914818 - JSPM: Could not detect database, Note 1154133 - JSPM: SAP Java Crypto Toolkit was not found.
Thank you For your Help.
Bootstrap MODE:
<INSTANCE GLOBALS>
determined by parameter [ID0276347].
Exception occurred:
com.sap.engine.bootstrap.SynchronizationException: Database initialization failed! Check database properties!
     at com.sap.engine.bootstrap.Bootstrap.initDatabaseConnection(Bootstrap.java:476)
     at com.sap.engine.bootstrap.Bootstrap.<init>(Bootstrap.java:146)
     at com.sap.engine.bootstrap.Bootstrap.main(Bootstrap.java:971)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:324)
     at com.sap.engine.offline.OfflineToolStart.main(OfflineToolStart.java:81)
==[ Caused by: ]==----
com.sap.engine.frame.core.configuration.ConfigurationException: Error while connecting to DB.
     at com.sap.engine.core.configuration.impl.persistence.rdbms.DBConnectionPool.<init>(DBConnectionPool.java:115)
     at com.sap.engine.core.configuration.impl.persistence.rdbms.PersistenceHandler.<init>(PersistenceHandler.java:38)
     at com.sap.engine.core.configuration.impl.cache.ConfigurationCache.<init>(ConfigurationCache.java:149)
     at com.sap.engine.core.configuration.bootstrap.ConfigurationManagerBootstrapImpl.init(ConfigurationManagerBootstrapImpl.java:236)
     at com.sap.engine.core.configuration.bootstrap.ConfigurationManagerBootstrapImpl.<init>(ConfigurationManagerBootstrapImpl.java:49)
     at com.sap.engine.bootstrap.Synchronizer.<init>(Synchronizer.java:74)
     at com.sap.engine.bootstrap.Bootstrap.initDatabaseConnection(Bootstrap.java:473)
     at com.sap.engine.bootstrap.Bootstrap.<init>(Bootstrap.java:146)
     at com.sap.engine.bootstrap.Bootstrap.main(Bootstrap.java:971)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:324)
     at com.sap.engine.offline.OfflineToolStart.main(OfflineToolStart.java:81)
Caused by: com.sap.sql.log.OpenSQLException: Error while accessing secure store: Encryption or decryption is not possible because the full version of the SAP Java Crypto Toolkit was not found (iaik_jce.jar is required, iaik_jce_export.jar is not sufficient) or the JCE Jurisdiction Policy Files don't allow the use of the "PbeWithSHAAnd3_KeyTripleDES_CBC" algorithm..
     at com.sap.sql.log.Syslog.createAndLogOpenSQLException(Syslog.java:106)
     at com.sap.sql.log.Syslog.createAndLogOpenSQLException(Syslog.java:145)
     at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:226)
     at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:197)
     at com.sap.engine.core.configuration.impl.persistence.rdbms.DBConnectionPool.<init>(DBConnectionPool.java:112)
     ... 13 more
Caused by: com.sap.security.core.server.secstorefs.NoEncryptionException: Encryption or decryption is not possible because the full version of the SAP Java Crypto Toolkit was not found (iaik_jce.jar is required, iaik_jce_export.jar is not sufficient) or the JCE Jurisdiction Policy Files don't allow the use of the "PbeWithSHAAnd3_KeyTripleDES_CBC" algorithm.
     at com.sap.security.core.server.secstorefs.SecStoreFS.openExistingStore(SecStoreFS.java:1975)
     at com.sap.sql.connect.OpenSQLConnectInfo.getStore(OpenSQLConnectInfo.java:802)
     at com.sap.sql.connect.OpenSQLConnectInfo.lookup(OpenSQLConnectInfo.java:783)
     at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:209)
     ... 15 more
Caused by: javax.crypto.NoSuchPaddingException: Padding 'PKCS5Padding' not implemented.
     at iaik.security.cipher.w.engineSetPadding(Unknown Source)
     at iaik.security.cipher.PbeWithSHAAnd3_KeyTripleDES_CBC.<init>(Unknown Source)
     at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
     at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
     at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
     at java.lang.reflect.Constructor.newInstance(Constructor.java:274)
     at java.lang.Class.newInstance0(Class.java:308)
     at java.lang.Class.newInstance(Class.java:261)
     at javax.crypto.SunJCE_b.a(DashoA12275)
     at javax.crypto.SunJCE_b.a(DashoA12275)
     at javax.crypto.Cipher.a(DashoA12275)
     at javax.crypto.Cipher.getInstance(DashoA12275)
     at com.sap.security.core.server.secstorefs.Crypt.<init>(Crypt.java:220)
     at com.sap.security.core.server.secstorefs.SecStoreFS.<init>(SecStoreFS.java:1346)
     at com.sap.sql.connect.OpenSQLConnectInfo.getStore(OpenSQLConnectInfo.java:798)
     ... 17 more
[Bootstrap module]> Problem occurred while performing synchronization.

Hi
> > Caused by: com.sap.sql.log.OpenSQLException: Error while accessing secure store: Encryption or decryption is not possible because the full version of the SAP Java Crypto Toolkit was not found (iaik_jce.jar is required, iaik_jce_export.jar is not sufficient) or the JCE Jurisdiction Policy Files don't allow the use of the "PbeWithSHAAnd3_KeyTripleDES_CBC" algorithm..
>      at com.sap.sql.log.Syslog.createAndLogOpenSQLException(Syslog.java:106)
>      at com.sap.sql.log.Syslog.createAndLogOpenSQLException(Syslog.java:145)
>      at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:226)
>      at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:197)
>      at com.sap.engine.core.configuration.impl.persistence.rdbms.DBConnectionPool.<init>(DBConnectionPool.java:112)
It looks like the JCE file which you have downloaded is not the correct one. As you can see some jar files are missing. Check JCE files.
Check SAP Note 1240081 - "Java Cryptography Extension Jurisdiction Policy" files
Thanks
Sunny

Issue with multiple crypto isakmp policies

Hey folks,
I'm having an issue setting up multiple crypto isakmp policies on my 1921 router. Whenever I have only one crypto isakmp policy set up like so:
crypto isakmp policy 1
encr aes 256
group 5
It works perfectly fine with my certificate tunnel group in my ASA. When I debug crypto ipsec & debug crypto isakmp and watch the connection, I see this:
ISAKMP transform 1 against priority 1 policy
*Oct 7 20:04:09.263: ISAKMP:      encryption AES-CBC
*Oct 7 20:04:09.263: ISAKMP:      keylength of 256
*Oct 7 20:04:09.263: ISAKMP:      hash SHA
*Oct 7 20:04:09.263: ISAKMP:      default group 5
*Oct 7 20:04:09.263: ISAKMP:      auth RSA sig
*Oct 7 20:04:09.263: ISAKMP:      life type in seconds
*Oct 7 20:04:09.263: ISAKMP:      life duration (VPI) of 0x0 0x1 0x51 0x80
*Oct 7 20:04:09.263: ISAKMP:(0):atts are acceptable. Next payload is 0
This is showing me that the handshake is verifying the policy with the "auth RSA sig" type, which is what I expected and is what I want.
Here is where my issue actually comes up. When I add another crypto isakmp policy (2) the "authorization pre-share" over rides the "authorization rsa-sig" of policy 1. Here is what I have set up:
crypto isakmp policy 1
encr aes 256
group 5
crypto isakmp policy 2
encr aes 256
authorization pre-share
group 5
This is showing me that crypto isakmp policy 1 is set with the default authorization type of rsa-sig (in fact if I manually enter that command under the policy 1 configuration mode and it doesn't print in the show run output), and the crypto isakmp policy 2 is set to authorization pre-share.
When I debug crypto ipsec & debug crypto isakmp with this configuration, this is what I'm getting:
56:46.259: ISAKMP:(0): PKI->IKE Got configured TrustPoints state (I) MM_NO_STATE (peer 199.46.128.5)
*Oct 7 19:56:46.263: ISAKMP:(0):Checking ISAKMP transform 2 against priority 1 policy
*Oct 7 19:56:46.263: ISAKMP:      encryption AES-CBC
*Oct 7 19:56:46.263: ISAKMP:      keylength of 256
*Oct 7 19:56:46.263: ISAKMP:      hash SHA
*Oct 7 19:56:46.263: ISAKMP:      default group 5
*Oct 7 19:56:46.263: ISAKMP:      auth pre-share
*Oct 7 19:56:46.263: ISAKMP:      life type in seconds
*Oct 7
19:56:46.263: ISAKMP:      life duration (VPI) of 0x0 0x1 0x51 0x80
*Oct 7 19:56:46.263: ISAKMP:(0):Authentication method offered does not match policy!
*Oct 7 19:56:46.263: ISAKMP:(0):atts are not acceptable. Next payload is 0
*Oct 7 19:56:46.263: ISAKMP:(0):Checking ISAKMP transform 2 against priority 2 policy
*Oct 7 19:56:46.263: ISAKMP:      encryption AES-CBC
*Oct 7 19:56:46.263: ISAKMP:      keylength of 256
*Oct 7 19:56:46.263: ISAKMP:      hash SHA
*Oct 7 19:56:46.263: ISAKMP:
default group 5
*Oct 7 19:56:46.263: ISAKMP:      auth pre-share
*Oct 7 19:56:46.263: ISAKMP:      life type in seconds
*Oct 7 19:56:46.263: ISAKMP:      life duration (VPI) of 0x0 0x1 0x51 0x80
It looks like the first policy is being verified against "auth pre-share" and fails because "Authentication method offered does not match policy!". My question is, does anyone know how to correct this so that the first policy is set to authenticate via rsa-sig and the second policy is authenticated via pre-shared keys? Is there a bug that will not differentiate the authorization types between the two policies?
Just an FYI, here is the version information of the router:
Cisco IOS Software, C1900 Software (C1900-UNIVERSALK9-M), Version 15.2(4)M3, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Tue 26-Feb-13 02:11 by prod_rel_team
ROM: System Bootstrap, Version 15.0(1r)M16, RELEASE SOFTWARE (fc1)
System returned to ROM by power-on
System image file is "usbflash0:c1900-universalk9-mz.SPA.152-4.M3.bin"
Last reload type: Normal Reload
Last reload reason: power-on
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
Cisco CISCO1921/K9 (revision 1.0) with 491520K/32768K bytes of memory.
Processor board ID FTX171385L4
2 Gigabit Ethernet interfaces
1 terminal line
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity disabled.
255K bytes of non-volatile configuration memory.
249840K bytes of USB Flash usbflash0 (Read/Write)
License Info:
License UDI:
Device#   PID                   SN
*0        CISCO1921/K9
Technology Package License Information for Module:'c1900'
Technology    Technology-package           Technology-package
              Current       Type           Next reboot
ipbase        ipbasek9      Permanent      ipbasek9
security      securityk9    Permanent      securityk9
data          None          None           None
Configuration register is 0x2102

Thanks for the input Walter. That isn't it though. I have plenty of sites with crypto map <name> 1 which map to crypto isakmp policy 2 settings. The debug is showing that the behavior is to try to authenticate through policy 1 first, and then progress to any other policies until there is a match. Since there is a match with policy 2 settings, the tunnel comes up.
My real question is, why would it change from "auth RSA sig" in the first debug out put to the "auth pre-share" in the second debug output. Judging by the config on the router, it appears to me that the line for "authorization pre-share" under policy 2 SHOULD only apply to policy 2 and SHOULD NOT override the "authorization rsa-sig" of policy 1.
Again, when I debug crypto ipsec & debug crypto isakmp, it shows clearly that the first policy is being verified, however the "auth" is now "pre-share" and no longer "RSA sig":
56:46.259: ISAKMP:(0): PKI->IKE Got configured TrustPoints state (I) MM_NO_STATE (peer 199.46.128.5)
*Oct 7 19:56:46.263: ISAKMP:(0):Checking ISAKMP transform 2 against priority 1 policy
*Oct 7 19:56:46.263: ISAKMP:      encryption AES-CBC
*Oct 7 19:56:46.263: ISAKMP:      keylength of 256
*Oct 7 19:56:46.263: ISAKMP:      hash SHA
*Oct 7 19:56:46.263: ISAKMP:      default group 5
*Oct 7 19:56:46.263: ISAKMP:      auth pre-share     <---This should read "auth RSA sig"
*Oct 7 19:56:46.263: ISAKMP:      life type in seconds
*Oct 7
19:56:46.263: ISAKMP:      life duration (VPI) of 0x0 0x1 0x51 0x80
*Oct 7 19:56:46.263: ISAKMP:(0):Authentication method offered does not match policy!
*Oct 7 19:56:46.263: ISAKMP:(0):atts are not acceptable. Next payload is 0
*Oct 7 19:56:46.263: ISAKMP:(0):Checking ISAKMP transform 2 against priority 2 policy
*Oct 7 19:56:46.263: ISAKMP:      encryption AES-CBC
*Oct 7 19:56:46.263: ISAKMP:      keylength of 256
*Oct 7 19:56:46.263: ISAKMP:      hash SHA
*Oct 7 19:56:46.263: ISAKMP:
default group 5
*Oct 7 19:56:46.263: ISAKMP:      auth pre-share
*Oct 7 19:56:46.263: ISAKMP:      life type in seconds
*Oct 7 19:56:46.263: ISAKMP:      life duration (VPI) of 0x0 0x1 0x51 0x80

Compatibility between Java crypto and open ssl

Hello
I have some question about compatibility between java crypto and openssl library.
This is my case:
1.I created DESede key and stored it to file:
SecretKey key = KeyGenerator.getInstance("TripleDES").generateKey();
File f = new File("c:\\key.dat");
DataOutputStream dos =new DataOutputStream(new FileOutputStream(f));
dos.write(key.getEncoded());
dos3.close();2.I encrypt some file "c:\\normal.dat" through:
ecipher.init(Cipher.ENCRYPT_MODE, key2);
byte[] enc = ecipher.doFinal(normalData);
File f2 = new File("c:\\enc.dat");
DataOutputStream dos =new DataOutputStream(new FileOutputStream(f2));
dos.write(enc);
dos.close();

You have carefully left out some critical java code, namely the Cipher.getInstance() method. You'll notice in the documentation for this method that there 3 components to the "transform" argument of this method, the algorithm, the mode, and the padding. All of these must match exactly with the what openssl is using. Furthermore, if you are using one of the modes which require an IV, like CBC mode, then this must match exactly too. If you don't explicitly specify some of these parameters, you might get default values supplied. It is up to you to find out what these are.

Gnu-crypto PKCS7 NegativeArraySizeException

Similar Messages

Maybe you are looking for