HMAC_SHA1 encryption using javax.crypto.MAC performance problems in SPARC

Similar Messages

• Problem when using javax.crypto.KeyGenerator in netbeans

  This is my IDE information:
  Product Version: NetBeans IDE 6.0.1 (Build 200801291616)
  Java: 1.6.0_03; Java HotSpot(TM) Client VM 1.6.0_03-b05
  System: Windows XP version 5.1 running on x86; Cp1252; en_US (nb)
  I am trying to develop a Test jar file. I created some simple jar files and could upload it in mobile.
  Now I want to implement some encryption. For that I started writing codes. But when trying to import javax.crypto.KeyGenerator class, netbeans is showing "cannot find symbol" error. I can use javax.crypto.Cipher/BadPaddingException/IllegalBlockSizeException/NoSuchPaddingException/spec/ShortBuffrException only. If i try to use any other class of javax.crypto, i get an error.
  I am new to mobility.I downloaded netbean mobility package and Installed it.
  Please provide some help.. thank you....

  This is my IDE information:
  Product Version: NetBeans IDE 6.0.1 (Build 200801291616)
  Java: 1.6.0_03; Java HotSpot(TM) Client VM 1.6.0_03-b05
  System: Windows XP version 5.1 running on x86; Cp1252; en_US (nb)
  I am trying to develop a Test jar file. I created some simple jar files and could upload it in mobile.
  Now I want to implement some encryption. For that I started writing codes. But when trying to import javax.crypto.KeyGenerator class, netbeans is showing "cannot find symbol" error. I can use javax.crypto.Cipher/BadPaddingException/IllegalBlockSizeException/NoSuchPaddingException/spec/ShortBuffrException only. If i try to use any other class of javax.crypto, i get an error.
  I am new to mobility.I downloaded netbean mobility package and Installed it.
  Please provide some help.. thank you....

• Unable to Decrypt the data properly using javax.crypto class and SunJCE

  Hello all,
  I am not new to Java but new to this forums
  but and JCE and i wanted to write a program that Encrypts a file and also another program that decrypts it. As far Encryption is concerned i have been successful but When it comes to Decryption things aren't looking bright i have some or the other Problem with it. plz help me out .
  Here is the Code for my Programs
  Encryption
  Code:
  import java.io.*;
  import javax.crypto.*;
  import javax.crypto.spec.SecretKeySpec;
  import java.security.*;
  import javax.swing.*;
  class MyJCE
  public static void main(String args[])throws Exception
  Provider sunjce = new com.sun.crypto.provider.SunJCE();
  Security.addProvider(sunjce);
  JFileChooser jfc = new JFileChooser();
  int selection= jfc.showOpenDialog(null);
  if(selection==JFileChooser.APPROVE_OPTION)
  FileInputStream fis = new FileInputStream(jfc.getSelectedFile());
  System.out.println("Selected file " + jfc.getSelectedFile());
  try{
  KeyGenerator kg = KeyGenerator.getInstance("DESede");
  SecretKey key= kg.generateKey();
  byte[] mkey=key.getEncoded();
  System.out.println(key);
  SecretKeySpec skey = new SecretKeySpec(mkey, "DESede");
  Cipher cipher=Cipher.getInstance("DESede/ECB/NoPadding");
  cipher.init(Cipher.ENCRYPT_MODE,skey);
  byte[] data= new byte[fis.available()];
  //reading the file into data byte array
  byte[] result= cipher.update(data);
  byte[] enc= new byte [fis.read(result)];
  System.out.println("Encrypted =" + result);
  File fi= new File("/home/srikar/Encrypted");
  FileOutputStream fos= new FileOutputStream(fi);
  fos.write(enc);
  fos.close();
  byte[] encodedSpeckey = skey.getEncoded();
  FileOutputStream ks= new FileOutputStream("./key.txt");
  ks.write(encodedSpeckey);
  System.out.println("Key written to a file");
  }//try
  catch(Exception ex)
  ex.printStackTrace();
  }//catch
  }This Creates a Encrypted File. and a Encrypted key.txt
  Code:
  import java.io.*;
  import javax.crypto.*;
  import javax.crypto.spec.SecretKeySpec;
  import java.security.*;
  import javax.swing.*;
  class Decrypt
  public static void main(String[] args)
  try
  JFileChooser jfc = new JFileChooser();
  int selection= jfc.showOpenDialog(null);
  if(selection==JFileChooser.APPROVE_OPTION)
  FileInputStream fis = new FileInputStream(jfc.getSelectedFile());
  System.out.println("Selected file " + jfc.getSelectedFile());
  //Read from the Encrypted Data
  int ll= (int)jfc.getSelectedFile().length();
  byte[] buffer = new byte[ll];
  int bytesRead=fis.read(buffer);
  byte[] data= new byte[bytesRead];
  System.arraycopy(buffer,0,data,0,bytesRead);
  //Read the Cipher Settings
  FileInputStream rkey= new FileInputStream("./key.txt");
  bytesRead = rkey.read(buffer);
  byte[] encodedKeySpec=new byte[bytesRead];
  System.arraycopy(buffer,0,encodedKeySpec,0,bytesRead);
  //Recreate the Secret Symmetric Key
  SecretKeySpec skeySpec= new SecretKeySpec(encodedKeySpec,"DESede");
  //create the cipher for Decrypting
  Cipher cipher = Cipher.getInstance("DESede/ECB/NoPadding");
  cipher.init(Cipher.DECRYPT_MODE,skeySpec);
  byte[] decrypted= cipher.update(data);
  FileOutputStream fos= new FileOutputStream("/home/srikar/Decrypted");
  fos.write(decrypted);
  }//if
  }//try
  catch(Exception e)
  e.printStackTrace();
  }//catch
  }//main
  }//classthis Decrypt.java is expected to decrypt the above encrypted file but this simply creates a plaintext file of the same size as the Encrypted file but its contents are unreadable.
  Or I endup with Exceptions like BadPadding or IllegalBlockSize Exception if i use any other Algorithm .
  Please help out
  thanx in advance

  Srikar2871 wrote:
  Well thanx for ur reply but
  As i said there are No issues with ENCRYPTION and am getting an Encrypted file exactly of the same size as that of the original file and NOT as null bytes and Even am able to get a Decrypted file of again the same size of the Encrypted File but this time that data inside is in unreadable format.I ran your code EXACTLY* as posted and the contents of the file when viewed in a Hex editor was
  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00So unless you are running different code to what you have posted, your file will look the same.
  Cheers,
  Shane

• Javax.crypto.* and javax.crypto.spec.* problem with MHP receiver

  Hello to everyone, I started to program in MHP 1.0.2 on a MHP receiver and now i'm practicing in encrypting and decrypting. I load from the smart card in the MHP receiver an X509Certificate object (I have it both in byte[] form, called certArray, and X509Certificate object, called "certificate"). What i'd like to do is to :
  1)calculate digest of the certificate (line 1 and 2 of the following code)
  2) encrypt the digest using the same algorithm of the certificate (see line 3 and 4)
  The problem is generated at line 3 : the receiver, probably, doesn't find the class of the algorithm of encrypting. It is important to notice that the instruments to encrypt/decrypt are included in javax.crypto and javax.crypto.spec packages.
  MessageDigest md = MessageDigest.getInstance("SHA");
  byte[] digest = md.digest(certArray);
  Cipher encrypt = Cipher.getInstance(certificate.getSigAlgName());
  encrypt.init(Cipher.ENCRYPT_MODE, certificate.getPublicKey());
  The error message, in the log file, is the following :
  [0#1:2] java.security.NoSuchAlgorithmException: SHA1withRSA not found
       [0#1:2]      at javax.crypto.Cipher.getInstance(Ljava/lang/String;)Ljavax/crypto/Cipher;(Unknown Source)
       [0#1:2]      at it.csp.SecurelabXlet.encrypt()V(Unknown Source)
       [0#1:2]      at it.csp.SecurelabXlet.cardInserted(Lopencard/core/event/CardTerminalEvent;)V(Unknown Source)
       [0#1:2]      at opencard.core.event.EventGenerator.createEventsForPresentCards(Lopencard/core/event/CTListener;)V(Unknown Source)
       [0#1:2]      at it.csp.SecurelabXlet.register()V(Unknown Source)
       [0#1:2]      at it.csp.SecurelabXlet.startXlet()V(Unknown Source)
       [0#1:2]      at java.lang.reflect.Method.invoke(Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;(Unknown Source)
       [0#1:2]      at tv.osmosys.application.AppManager$XletApp.xletStart()Z(Unknown Source)
       [0#1:2]      at tv.osmosys.application.AppManager$XletApp.loop0(Ltv/osmosys/application/AppManager$XletAction;)V(Unknown Source)
       [0#1:2]      at tv.osmosys.application.AppManager$XletApp.run()V(Unknown Source)
       [0#1:2]      at java.lang.Thread.run()V(Unknown Source)
       [0#1:2]      at java.lang.Thread.startup(Z)V(Unknown Source)
  My question(s) is : how can I include javax.crypto and javax.crypto.spec in the Xlet application to upload it onto the MHP receiver?? Is it possibile to do so?
  Eventually, do other libraries exist to use encrypting algorithms, included in MHP? The version I use of MHP is 1.0.2. Thank you! Bye!

  Hello to everyone, I started to program in MHP 1.0.2 on a MHP receiver and now i'm practicing in encrypting and decrypting. I load from the smart card in the MHP receiver an X509Certificate object (I have it both in byte[] form, called certArray, and X509Certificate object, called "certificate"). What i'd like to do is to :
  1)calculate digest of the certificate (line 1 and 2 of the following code)
  2) encrypt the digest using the same algorithm of the certificate (see line 3 and 4)
  The problem is generated at line 3 : the receiver, probably, doesn't find the class of the algorithm of encrypting. It is important to notice that the instruments to encrypt/decrypt are included in javax.crypto and javax.crypto.spec packages.
  MessageDigest md = MessageDigest.getInstance("SHA");
  byte[] digest = md.digest(certArray);
  Cipher encrypt = Cipher.getInstance(certificate.getSigAlgName());
  encrypt.init(Cipher.ENCRYPT_MODE, certificate.getPublicKey());
  The error message, in the log file, is the following :
  [0#1:2] java.security.NoSuchAlgorithmException: SHA1withRSA not found
       [0#1:2]      at javax.crypto.Cipher.getInstance(Ljava/lang/String;)Ljavax/crypto/Cipher;(Unknown Source)
       [0#1:2]      at it.csp.SecurelabXlet.encrypt()V(Unknown Source)
       [0#1:2]      at it.csp.SecurelabXlet.cardInserted(Lopencard/core/event/CardTerminalEvent;)V(Unknown Source)
       [0#1:2]      at opencard.core.event.EventGenerator.createEventsForPresentCards(Lopencard/core/event/CTListener;)V(Unknown Source)
       [0#1:2]      at it.csp.SecurelabXlet.register()V(Unknown Source)
       [0#1:2]      at it.csp.SecurelabXlet.startXlet()V(Unknown Source)
       [0#1:2]      at java.lang.reflect.Method.invoke(Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;(Unknown Source)
       [0#1:2]      at tv.osmosys.application.AppManager$XletApp.xletStart()Z(Unknown Source)
       [0#1:2]      at tv.osmosys.application.AppManager$XletApp.loop0(Ltv/osmosys/application/AppManager$XletAction;)V(Unknown Source)
       [0#1:2]      at tv.osmosys.application.AppManager$XletApp.run()V(Unknown Source)
       [0#1:2]      at java.lang.Thread.run()V(Unknown Source)
       [0#1:2]      at java.lang.Thread.startup(Z)V(Unknown Source)
  My question(s) is : how can I include javax.crypto and javax.crypto.spec in the Xlet application to upload it onto the MHP receiver?? Is it possibile to do so?
  Eventually, do other libraries exist to use encrypting algorithms, included in MHP? The version I use of MHP is 1.0.2. Thank you! Bye!

• Using javax.crypto in oracle 10g

  Hi,
  I have a java stored procedure for oracle 10g (running jdk1.4) that
  uses the javax.crypto package and the bouncy castle provider for RSA
  decryption. Here is a snippet of the code in the procedure:
  Security.addProvider(new
  org.bouncycastle.jce.provider.BouncyCastleProvider());
  Cipher rsaCipher = Cipher.getInstance("RSA");
  RSAPrivateKey key = (RSAPrivateKey)
  MSPrivKeytoJKey.getPrivateKey(aKey);
  rsaCipher.init(Cipher.DECRYPT_MODE, key);
  rsaCipher.doFinal(encryptedByteArray);
  This works fine on my own machine running jdk1.4. However, when I load
  my stored procedure into the database and run it, I get the following
  exception after the line
  Cipher rsaCipher = Cipher.getInstance("RSA");
  tries to execute:
  java.security.NoSuchAlgorithmException: Cannot find any provider
  supporting RSA
  I have tried the following (based on information gathered from various
  forums):
  - ran
  loadjava -u username/pass@DB -v bcprov-jdk14-137.jar
  - added the following line to java.security
  security.provider.4=org.bouncycastle.jce.provider.BouncyCastleProvider
  but i still get the same error.
  I am reaching out desperately to all you experts for help :)
  Pouria

  Hi,
  Unfortunately, the Java VM only supports the basic JDK functionalities; you could try the Metalink Note 356123.1 which should work using BC library but this note only addresses AES.
  Furthermore, you need the following two extra permissions:
  exec dbms_java.grant_permission('SCOTT', 'SYS:java.security.SecurityPermission','putProviderProperty.BC', '' );
  exec dbms_java.grant_permission( 'SCOTT', 'SYS:java.security.SecurityPermission','insertProvider.BC', '' );
  Oboviously SCOTT would be changed to whichever schema you are using.
  Kuassi http://db360.blogspot.com

• Crypt::cbc encrypt / decrypt using javax.crypto

  I am having a bit of a time encrypting with crypt::cbc and decrypting with java. To get to the point, here is my code, perl first, java 2nd - I have tried to keep things very simple.
  #!/usr/local/bin/perl -w
  use strict;
  use Crypt::CBC 2.30;
  die "Need to specify a file" if(!(my $infile = shift));
  my $key = q(nvA9s$233eOrlQG4);
  my $iv = q(0123456701234567);
  my $bufsize = 16384;
  my $cipher = Crypt::CBC->new({
            'key'          => $key,
            'iv'          => $iv,
            'header'     => 'none',
            'cipher'     => 'Rijndael',
            'keysize'     => '16',     #forced - default is 32 bytes
            'padding'     => 'standard',     #PKCS5
            'blocksize'     => '16',
            'literal_key'     => '1',          #do not MD5 hash key
  open (FORIG,"$infile")|| die "can't open file: $!";
  open (FCRYPT,">$infile.crypt")|| die "can't open file: $!";
  $cipher->start('encrypting');
  while(my $readsize = sysread(FORIG, my $buf, $bufsize)) {
       print FCRYPT $cipher->crypt($buf);
  print FCRYPT $cipher->finish();
  close FCRYPT;
  close FORIG;
  now the java:
  // i have elided the import stmts for brevity
  public class AESEncrypter {
       Cipher ecipher;
       Cipher dcipher;
       byte [] buf = new byte[1024];
       public AESEncrypter() {
            String strKey = "nvA9s$233eOrlQG4";
            byte[] keyBytes = null;
            try {
                 keyBytes = strKey.getBytes("UTF-8");
            } catch(java.io.UnsupportedEncodingException ex) {
                 ex.printStackTrace();
            byte[] iv = new byte[] { 0,1,2,3,4,5,6,7,0,1,2,3,4,5,6,7 };
            IvParameterSpec ivSpec = new IvParameterSpec(iv);
            try {
                 ecipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
                 dcipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            } catch (NoSuchAlgorithmException e) {
                 e.printStackTrace();
            } catch (NoSuchPaddingException e) {
                 e.printStackTrace();
            try {
                 SecretKeySpec key = new SecretKeySpec(keyBytes, "AES");
                 ecipher.init(Cipher.ENCRYPT_MODE, key, ivSpec);
                 dcipher.init(Cipher.DECRYPT_MODE, key, ivSpec);
            } catch (InvalidKeyException e1) {
                 e1.printStackTrace();
            } catch (InvalidAlgorithmParameterException e1) {
                 e1.printStackTrace();
       public void encrypt(InputStream in, OutputStream out) {
            try {
                 out = new CipherOutputStream(out, ecipher);
                 int numRead = 0;
                 while((numRead = in.read(buf)) >= 0) {
                      out.write(buf, 0, numRead);
                 out.close();
            } catch(java.io.IOException e) {
                 e.printStackTrace();
       public void decrypt(InputStream in, OutputStream out) {
            try {
                 out = new CipherOutputStream(out, dcipher);
                 int numRead = 0;
                 while((numRead = in.read(buf)) >= 0) {
                      out.write(buf, 0, numRead);
                 out.close();
            } catch(java.io.IOException e) {
                 e.printStackTrace();
       public static void main(String args[]) {
            if(args.length != 1) {
                 System.out.println("Usage: java AESEncrypter filename");
                 System.exit(0);
            AESEncrypter encrypter = new AESEncrypter();
            try {
       //          encrypter.encrypt(new FileInputStream(args[0]), new FileOutputStream("Java_encrypted.txt"));
                 encrypter.decrypt(new FileInputStream(args[0]), new FileOutputStream("Java_decrypted.txt"));
            } catch (java.io.FileNotFoundException ex) {
                 ex.printStackTrace();
  so with file named whoop.txt containing the following contents:
  whoop
  whoop
  whoop
  whoop
  I do:
  $>./encrypt.pl whoop.txt
  and get the resulting file whoop.txt.crypt. then I do
  $>java AESEncrypter whoop.txt.crypt
  and get the resulting file Java_decrypted.txt. when I do a hex dump of this file:
  $>dump.pl Java_decrypted.txt
  i get the following
  /0 /1 /2 /3 /4 /5 /6 /7 /8 /9 /A /B /C /D /E /F 0123456789ABCDEF
  0000 : 47 58 5F 5F 40 3A 47 58 5F 5F 40 3A 47 58 5F 5F GX__@:GX__@:GX__
  0010 : 70 0A 77 68 6F 6F 70 0A p.whoop.
  I have tried to ensure that everything matches between the perl and java code, however I am obviously missing something. Thanks in advance for any ideas!
  Gregg

  i have hardcoded the IV in perl as:
  my $iv = q(0123456701234567);
  and in the .java file as:
  byte[] iv = new byte[] { 0,1,2,3,4,5,6,7,0,1,2,3,4,5,6,7 };
  IvParameterSpec ivSpec = new IvParameterSpec(iv)
  Are these not compatible?
  thanks - gh

• Legal trouble possible using javax.crypto?

  h4. The problem
  I'm currently doing an internship in france, where we need to use RSA encryption in our application as a part of our authentification.
  As we could possibly sell our application in all over the world and there seem to be complicate cryptological laws my question is:
  Can one possibly get into legal trouble for using the java encryption methods?
  I'm totally fine with using a relatively weak encryption (for exemple 512 Bit for RSA) and I do not need to change the policy files (as I understand it,
  the RSA keysize is not restricted by the standard policy files anyways) or do stronger encryption than this.
  I already found something to show that exporting an application like this is not a problem.
  If someone has a similar question, it can be found here: +[http://www.ssi.gouv.fr/fr/reglementation/regl_crypto.html]->Exportation et transfert de moyens de+
  cryptologie depuis la France->EXPORTATION VERS D'AUTRES ÉTATS->"assurant exclusivement des fonctions d’authentification ou de contrôle d’intégrité"->LIBRE.
  But my problem is not the export OUT of france but the import INTO another country (like china or russia for example).
  As I am only a student, consulting a lawyer is not an option for me (too expensive).
  I've ready many documents who all state what is forbidden and allowed but they mostly talk about providing cryptography and not using it.
  So while logically it makes sense to say "if its not written there it must be allowed", I would like to have something concrete to show my company.
  Is there an easy to prove, logical argument for this?
  h4. Sources I've already consulted:
  *1. [The Wassenaar Arrangement|http://www.wassenaar.org/]*
  In [5.A.2.a.1.b.1.|http://www.wassenaar.org/controllists/2007/WA-LIST%20(07)%202%20Corr.%20word%20files/08%20-%20WA-LIST%20(07)%202%20Corr.%20-%20Cat%205P2.doc] it states it regulates "An "asymmetric algorithm" where the security of the algorithm is based on any of the following:
  1.     Factorisation of integers in excess of 512 bits (e.g., RSA);[...]"
  So while it says "hey, be careful with anything more than 512 Bits" it does not explicitly state (at least I did not find it) "anything with 512 Bits or
  less is totally unproblematic".
  The list of participating states is quite huge so this could help me a lot if I could prove that this is not a problem:
  The states are: Argentina, Australia, Austria, Belgium, Bulgaria, Canada, Croatia, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece,
  Hungary, Ireland, Italy, Japan, Latvia, Lithuania, Luxembourg, Malta, Netherlands, New Zealand, Norway, Poland, Portugal, Republic of Korea, Romania,
  Russian Federation, Slovakia, Slovenia, South Africa, Spain, Sweden, Switzerland, Turkey, Ukraine, United Kingdom,
  United States
  *2.[RSA Laboratories: What are the cryptographic policies of some countries?|http://www.rsa.com/rsalabs/node.asp?id=2333]*
  There is a table showing each state in a category from 1 - no restriction for cryptography to 5 - "cryptography is tightly controlled". Unfortunately not a
  great part of those countries are in category 1. Unfortunatly it does not seem to differentiate between providing cryptography and using it.
  *3. [Java ™ Cryptography Architecture (JCA) Reference Guide|http://java.sun.com/javase/6/docs/technotes/guides/security/crypto/CryptoSpec.html]*
  It speaks about cryptographic restrictions that are in place and how you can lift them with special certificates and whatnot but it does not state that
  operating within those restrictions is legal inside every country.
  *4. [Bert-Jaap Koops homepage - Crypto Law Survey - Overview per country|http://rechten.uvt.nl/koops/cryptolaw/cls2.htm#co]*
  People's Republic of China
  Export/ import controls
  "+By State Council Order No. 273, "Commercial Use Password Management Regulations", published on 15 October 1999 and in effect since 7 October 1999, import and export of encryption products requires a license by the State Encryption Management Commission. According to a "clarification letter" sent to US+
  +businesses in China in early March 2000, this involves only hardware and software for which encryption and decoding operations are core functions. As a+
  +result, products in which cryptography is only built-in (such as mobile phones and browser software) are exempted. Moreover, the letter clarified that the+
  +regulations do not entail key escrow.+
  +However, the clarification letter only seems to apply to pre-2000 products. All products since 2000 seem to require a license.+"
  So does this mean that Java needs a license (which it probably has I hope) or our product which uses it does also need it?
  *5. Sun Developer Forums - Security - Cryptography*
  Search for keyword "legal": nothing which matches my problem found
  Search for keyword "import": nothing which matches my problem found within the first 13 pages
  Search for keyword "china": nothing which matches my problem found
  So, any backed up help will be greatly appreciated. Thanks!
  Edited by: kirdie on Jun 30, 2008 2:54 AM
  Edited by: kirdie on Jun 30, 2008 3:00 AM
  Edited by: kirdie on Jun 30, 2008 3:01 AM
  Edited by: kirdie on Jul 1, 2008 5:35 AM
  Edited by: kirdie on Jul 3, 2008 6:29 AM

  In my opinion you are only partly right, it's a legal question about software :-)
  And unfortunately I can not pay a lawyer with my student earnings.
  As this question is very broad (it concerns everyone who sells java software which utilises the crypto package) am very interested in how you cope with this problem.
  Do you ignore it? Use weak encryption only? Ask each state for a licence? Don't sell your product to certain countries?
  P.S: Or should i rather move the topic to "Other Security APIs, Tools, and Issues"?
  Edited by: kirdie on Jul 4, 2008 12:39 AM

• Encryption using gnu.crypto package

  Hello,
  I have a program which implements a DES algorithm for encrypting files.
  The program makes use of the following:
  gnu.crypto.Registry;
  gnu.crypto.Properties;
  gnu.crypto.util.Util;
  which are used in statements, for instance:
  -> Util.toBytesFromString("011F1F01010E0E01");
  and
  -> boolean check = Properties.checkForWeakKeys();
  and
  -> *public DES() {*
  super(Registry.DES_CIPHER, BLOCK_SIZE, KEY_SIZE);
  However, when i tried to compile this program on jdk.1.6, the complier simply couldn't recognize any of the above statements, or for that matter, any statement that makes use of gnu.crypto.*;
  I tried compiling it on jdk 1.3 and on jdk1.5, but in vain.
  Can u please help me out with this?
  DO i need anything extra to be imported? or do i need a different version of jdk?

  You have not published enough code. You have not published the error messages.

• Javax.crypto.* problem in WLW

  Hi,
  I am trying to encrypt a String in WLW 8.1 SP2.
  The IDE is not recognizing javax.crypto.* package. When I use the same code and
  execute it with TextPad, it works just fine.
  FYI, the non-WLS JDK is 1.4.1_01-b01 and WLS uses 1.4.1_05.
  What do I need to do to be able to use javax.crypto.* packages in WebLogic? Any
  helpis greatly appreciated.
  Thanks, Eric

  I had to add it manually:(
  * Go to application properties (Tools Menu > Application Properties... Menu
  Item)
  * Under WebLogic Server look for Server classpath additions:
  * Click add jar
  * Navigate to jdk\jre\lib\jce.jar
  * Add the jar file
  "Eric J" <[email protected]> wrote in message
  news:404e34a9$[email protected]..
  >
  Hi,
  I am trying to encrypt a String in WLW 8.1 SP2.
  The IDE is not recognizing javax.crypto.* package. When I use the samecode and
  execute it with TextPad, it works just fine.
  FYI, the non-WLS JDK is 1.4.1_01-b01 and WLS uses 1.4.1_05.
  What do I need to do to be able to use javax.crypto.* packages inWebLogic? Any
  helpis greatly appreciated.
  Thanks, Eric

• Javax.crypto.BadPaddingException: Given final block not properly padded

  import java.security.*;
  import javax.crypto.*;
  public class Cryptographer
  private final String DEFAULT_KEY="1111111111111111";
  private String KEY;
  public Cryptographer(String key)
  if((key==null)||key.equals(""))
  this.KEY = DEFAULT_KEY;
  else
  this.KEY = key;
  public byte[] encrypt(String toEncrypt)
  if((toEncrypt==null)||(toEncrypt.trim().equals("")))
  return null;
  try
  return DESEncrypt(toEncrypt,KEY);
  catch(Exception e)
  e.printStackTrace();
  return null;
  public String decrypt(byte[] bytes)
  if(bytes==null)
  return null;
  try
  return DESDecrypt(bytes,KEY);
  catch(Exception e)
  e.printStackTrace();
  return null+"hi";
  public String ToMac(byte[] bytes,String key)
  if(bytes==null)
  return null;
  try
  return getMac(bytes,KEY);
  catch(Exception e)
  return null;
  private byte[] DESEncrypt(String toEncrypt, String key)
  throws Exception
  // create a binary key from the argument key (seed)
  SecureRandom sr = new SecureRandom(key.getBytes("UTF-8"));
  KeyGenerator kg = KeyGenerator.getInstance("DES");
  kg.init(56,sr);
  SecretKey sk = kg.generateKey();
  // do the encryption with that key
  Cipher cipher = Cipher.getInstance("DES");
  //DES/CFB8/NOPadding;DES/OFB32/PKCS5Padding;DESEDE/ECB/PKCS5Padding;DES/ECB/NOPadding==DES
  cipher.init(Cipher.ENCRYPT_MODE, sk);
  byte[] encrypted = cipher.doFinal(toEncrypt.getBytes("UTF-8"));
  return new sun.misc.BASE64Encoder().encode(encrypted).toUpperCase().getBytes();
  //return encrypted;
  private String DESDecrypt(byte[] toDecrypt, String key)
  throws Exception
  // create a binary key from the argument key (seed)
  SecureRandom sr = new SecureRandom(key.getBytes("UTF-8"));
  KeyGenerator kg = KeyGenerator.getInstance("DES");
  kg.init(56,sr);
  SecretKey sk = kg.generateKey();
  // do the decryption with that key
  Cipher cipher = Cipher.getInstance("DES");
  cipher.init(Cipher.DECRYPT_MODE, sk);
  byte[] decrypted = cipher.doFinal(toDecrypt);
  return new sun.misc.BASE64Encoder().encode(decrypted).toUpperCase();
  //return new String(decrypted,"UTF-8");
  //create mac String; byte[] to be maced
  private String getMac(byte[] bytes,String key)
  byte[] bmac =null;
  try
  // create a binary key from the argument key (seed)
  SecureRandom sr = new SecureRandom(key.getBytes());
  KeyGenerator kg = KeyGenerator.getInstance("DES");
  kg.init(56,sr);
  SecretKey sk = kg.generateKey();
  Mac mac = Mac.getInstance("HmacMD5");
  //HmacMD5;HmacSHA1;PBEWith<mac> e.g PBEWithHmacSHA1
  mac.init(sk);
  bmac = mac.doFinal(bytes);
  catch(Exception e)
  e.printStackTrace();
  return new String(bmac);
  public String byte2hex(byte[] b) //��������������
  String hs="";
  String stmp="";
  for (int n=0;n<b.length;n++)
  stmp=(java.lang.Integer.toHexString(b[n] & 0XFF));
  if (stmp.length()==1) hs=hs+"0"+stmp;
  else hs=hs+stmp;
  if (n<b.length-1) hs=hs+"";
  return hs.toUpperCase();
  public static void main(String args[])
  throws Exception
  String key = new String("1111111111111111");
  Cryptographer c = new Cryptographer(key); //use key to initialize the class
  String str = new String("4A6C98EAEF14EAB6");
  byte[] b = c.encrypt(str); //to encrypt data
  System.out.println(b.length);
  System.out.println("Encrypted data:"+new String(b)+":"+new String(c.byte2hex(b))); //println Encrypt data
  String st = c.decrypt(str.getBytes()); //to decrypt data
  System.out.println(st.getBytes().length);
  System.out.println(st.length());
  System.out.println("Decrypted data:"+st+":"+c.byte2hex(st.getBytes())); //println decrypt data
  please help me! thax

  One: Use the [ code ] tags. Please. It'll only help you get answers.
  Two: encrypt() is returning the getBytes() of the result of Base64'ing the ciphertext. Bad. The whole POINT to Base64 is to produce Strings from byte[]'s. Don't use Base64 to produce a byte[]. Change encrypt() to return the byte[] directly.
  Three: Given that encrypt() is returning the byte[] from the Base64 - decrypt() needs to be ready to UNDO that. It isn't. decrypt() assumes the byte[] it's getting is the ciphertext. That's not what you're giving to it. It's very, very unhappy.
  Four: your main() isn't even handing decrypt() the (bogus) return from encrypt(). Your main() is asking decrypt() to decrypt your plaintext. That trick never works...
  Five: your choice of variable names in your main() is...suboptimal. If you'd chosen names that reflected the purpose of the variable (things like, say, 'plaintext' and 'ciphertext'), some of this would have been obvious.
  Try the following:import java.security.SecureRandom;
  import javax.crypto.Cipher;
  import javax.crypto.KeyGenerator;
  import javax.crypto.Mac;
  import javax.crypto.SecretKey;
  public class Cryptographer {
      private final String DEFAULT_KEY = "1111111111111111";
      private String KEY;
      public Cryptographer(String key) {
          if ((key == null) || key.equals("")) {
              this.KEY = DEFAULT_KEY;
          } else {
              this.KEY = key;
      public byte[] encrypt(String toEncrypt) {
          if ((toEncrypt == null) || (toEncrypt.trim().equals("")))
              return null;
          try {
              return DESEncrypt(toEncrypt, KEY);
          } catch (Exception e) {
              e.printStackTrace();
              return null;
      public String decrypt(byte[] bytes) {
          if (bytes == null)
              return null;
          try {
              return DESDecrypt(bytes, KEY);
          } catch (Exception e) {
              e.printStackTrace();
              return null +"hi";
      public String ToMac(byte[] bytes, String key) {
          if (bytes == null)
              return null;
          try {
              return getMac(bytes, KEY);
          } catch (Exception e) {
              return null;
      private byte[] DESEncrypt(String toEncrypt, String key) throws Exception {
          // create a binary key from the argument key (seed)
          SecureRandom sr = new SecureRandom(key.getBytes("UTF-8"));
          KeyGenerator kg = KeyGenerator.getInstance("DES");
          kg.init(56, sr);
          SecretKey sk = kg.generateKey();
          // do the encryption with that key
          Cipher cipher = Cipher.getInstance("DES");
          //DES/CFB8/NOPadding;DES/OFB32/PKCS5Padding;DESEDE/ECB/PKCS5Padding;DES/ECB/NOPadding==DES
          cipher.init(Cipher.ENCRYPT_MODE, sk);
          byte[] encrypted = cipher.doFinal(toEncrypt.getBytes("UTF-8"));
          return encrypted;
      private String DESDecrypt(byte[] toDecrypt, String key) throws Exception {
          // create a binary key from the argument key (seed)
          SecureRandom sr = new SecureRandom(key.getBytes("UTF-8"));
          KeyGenerator kg = KeyGenerator.getInstance("DES");
          kg.init(56, sr);
          SecretKey sk = kg.generateKey();
          // do the decryption with that key
          Cipher cipher = Cipher.getInstance("DES");
          cipher.init(Cipher.DECRYPT_MODE, sk);
          byte[] decrypted = cipher.doFinal(toDecrypt);
          return new String(decrypted,"UTF-8");
      //create mac String; byte[] to be maced
      private String getMac(byte[] bytes, String key) {
          byte[] bmac = null;
          try {
              // create a binary key from the argument key (seed)
              SecureRandom sr = new SecureRandom(key.getBytes());
              KeyGenerator kg = KeyGenerator.getInstance("DES");
              kg.init(56, sr);
              SecretKey sk = kg.generateKey();
              Mac mac = Mac.getInstance("HmacMD5");
              //HmacMD5;HmacSHA1;PBEWith<mac> e.g PBEWithHmacSHA1
              mac.init(sk);
              bmac = mac.doFinal(bytes);
          } catch (Exception e) {
              e.printStackTrace();
          return new String(bmac);
      public String byte2hex(byte[] b) //��������������
          String hs = "";
          String stmp = "";
          for (int n = 0; n < b.length; n++) {
              stmp = (java.lang.Integer.toHexString(b[n] & 0XFF));
              if (stmp.length() == 1)
                  hs = hs + "0" + stmp;
              else
                  hs = hs + stmp;
              if (n < b.length - 1)
                  hs = hs + "";
          return hs.toUpperCase();
      public static void main(String args[]) throws Exception {
          String key = new String("1111111111111111");
          Cryptographer c = new Cryptographer(key); //use key to initialize the class
          String str = new String("Hello world!");
          byte[] ciphertext = c.encrypt(str); //to encrypt data
          System.out.println(ciphertext.length);
          System.out.println("Encrypted data:"  + new String(c.byte2hex(ciphertext )));
          String plaintext = c.decrypt(ciphertext );  //to decrypt data
          System.out.println(plaintext.getBytes().length);
          System.out.println(plaintext.length());
          System.out.println("Decrypted data:" + plaintext ); //println decrypt data
  }And please, please, PLEASE use the [ code ] tags...
  Grant

• How javax.crypto can do "ALG_DES_CBC_ISO9797_M2" padding?

  First Question :
  Do "javacardx.crypto, javacard.security" can use outside applet in card?
  I try to use this on client-side ?(in RMI, we say client-side is reader , card is host-side) but it's not work , throw exception.
  I write javacard RMI style. My problem is...
  Source code below is work when it write in applet (card - side)
  but in client-side (reader -side) I copy it to client - side code and test to run, if fail --> throw exception 0x3 - javacard.security.CryptoException.NO_SUCH_ALGORITHM
  It seem to be "javacardx.crypto" and "javacard.security" is make for use in applet in card only. Did I misunderstand?
  if it make for use in applet only, how is possible to do like this " card use privatekey to sign message and send to reader , reader use card's publickey to verify that card sign this signature or not."
  or
  "card use reader's publickey to encrypt message and send to reader, then reader use privatekey to decrypt message (reader authencate itself) "
  because I can't do any of cipher , keybuilder in RMI-client side(reader)
  Cipher.getInstance(Cipher.ALG_RSA_PKCS1,false);
  it will throw nullPointerException
  and if (change false to true)
  Cipher.getInstance(Cipher.ALG_RSA_PKCS1,true);
  throw exception 0x3 - javacard.security.CryptoException.NO_SUCH_ALGORITHM
  after that I swap this line with
  pri_key = (RSAPrivateKey) KeyBuilder.buildKey(KeyBuilder.TYPE_RSA_PRIVATE,KeyBuilder.LENGTH_RSA_512, false);
  since it will do this first (i swap the line already) it also throw exception 0x3 - javacard.security.CryptoException.NO_SUCH_ALGORITHM
  also be the same result with swap
  kp = new KeyPair(KeyPair.ALG_RSA,(short)KeyBuilder.LENGTH_RSA_512 );
  to a first line
  it throw exception 0x3 - javacard.security.CryptoException.NO_SUCH_ALGORITHM
  Please help me
  RSAPrivateKey pri_key;
  RSAPublicKey pub_key;
  KeyPair kp;
  Cipher RSAcipher;
  RSAcipher = Cipher.getInstance(Cipher.ALG_RSA_PKCS1,false);
  pri_key = (RSAPrivateKey) KeyBuilder.buildKey(KeyBuilder.TYPE_RSA_PRIVATE,KeyBuilder.LENGTH_RSA_512, false);
  pub_key =(RSAPublicKey) KeyBuilder.buildKey(KeyBuilder.TYPE_RSA_PUBLIC,KeyBuilder.LENGTH_RSA_512, false);
  kp = new KeyPair(KeyPair.ALG_RSA,(short)KeyBuilder.LENGTH_RSA_512 );
  kp.genKeyPair();
  pri_key = (RSAPrivateKey) kp.getPrivate();
  pub_key = (RSAPublicKey) kp.getPublic();
  //ENCRYPT
  RSAcipher.init(pub_key, Cipher.MODE_ENCRYPT);
  t_cipherLengthRSA = RSAcipher.doFinal(plaintxt,(short)0, (short)plaintxt.length, t_cipherText, (short)0);
  //DECRYPT
  RSAcipher.init(pri_key, Cipher.MODE_DECRYPT);
  RSAcipher.doFinal(ciphertxt,(short)0,(short) t_cipherLengthRSA, temp1, (short)0);
  I just think to new solution , client-side(reader) is use normal crypto class from javax.crypto , java.security
  if I use javax.crypto
  Question : Can it do "ALG_DES_CBC_ISO9797_M2" padding?
  I want to use card to encrypt/sign and send to reader. Then reader decrypt/verify it.

  See my answer to your other post "RMI client-side -> how to encrypt,decrypt in client-side"
  Jan

• Javax.crypto.* is not present in JDK 1.4 plz help

  Hi,
  Currently i am using jdk 1.4 and I am trying to compile the security applications which are using javax.crypto.* package.
  Hence it is giving error so can any one please help me how can I include this package into jdk 1.4 or is there any other alternative for it.
  Need help immediately.
  It would be apprciable if i get an immediate reply.
  Thanks in advance.

  What is a "marker" interface?
  Marker Interface pattern
  c2.com - Marker Interface
  experts.about.com - Marker Interfaces
  The Purpose of the Marker Interface
  Maximize your Design ROI with Marker Interfaces and JavaDoc

• Javax.crypto classes not found using JDK1.4

  We're trying to upgrade to using JDK 1.4, in which the Java Cryptography Extensions are incorporated into the JDK. However, iPlanet does not seem to be able to find the classes that make up the extension.
  If I write a simple Java app that creates a java.crypto.SecretKey, and run it from the command line on our web server machine using our Java 1.4 JDK, it runs fine.
  If I adapt the same program into a simple servlet and run it from within iPlanet, it fails with a ClassNotFound error trying to find javax/crypto/NoSuchPaddingException.
  I've done a lot of variations trying to hone in on the problem, but I'm running out of options. Does anyone have any information or experience with this particular problem?
  We're running iPlanet 6.0 SP5 and the JDK is build 1.4.1-b21.

  David,
  I'm also facing the same problem, none of the javax.crypto classes are found.When I'm running the Encryption code it's working standlone and in Tomcat 4.0 but in IPlanet it's giving me ClassNotFound.
  I have added jce.jar in the classpath as mentioned and it's getting picked.
  But you have mentioned some start-jvm files, I'm not able to find these files.
  Can u please summarize what all settings you did?.
  As it's urgent if possible mail me at,
  [email protected] (OR)
  [email protected]
  Sachin

• Javax.crypto.BadPaddingException in DES encrypt/decrypt algorithm

  I am using DES algorithm, the default provided by J2ME to encrypt and decrypt some text. My problem is that I can encrypt the text but when I decrypt I get javax.crypto.BadPaddingException. I used a sample code from this forum I suppose and modified it to some extend.
  Here's the output -
  Plain Text :debayandas
  Cipher Text :Ɩ2&#65533;Ü°*Yð´4}&#65533;f¥
  Recovered Plain Text :javax.crypto.BadPaddingExceptionAnd here's the J2ME code -
  Declaration part:
  private boolean midletPaused = false;
          private static String algorithm = "DES";
       private static byte[] secretKey = {(byte) 0x2b, (byte) 0x7e, (byte) 0x15, (byte) 0x16,
                                                    (byte) 0x28, (byte) 0xae, (byte) 0xd2, (byte) 0xa6 };
       private static String secretKeyAlgorithm = "DES";
       private static byte[] iv = "DES".getBytes();
       private static byte[] plainText = null;
       private Key key = null;
       private static Cipher cipher = null;
       private static int ciphertextLength = 512;
          private static byte[] cipherText = new byte[ciphertextLength];
          private static int decryptedtextLength = 1024;
          private static byte[] decryptedText = new byte[decryptedtextLength];commandAction:
  public void commandAction(Command command, Displayable displayable) {                                              
          if (displayable == form) {                                          
              if (command == exitCommand) {                                        
                  exitMIDlet();                                          
              } else if (command == okCommand) {
                  plainText=textField.getString().getBytes();
                  encrypt();
                  decrypt();                                                        
      } Encrypt:
  public void encrypt()
              try
                  key = new SecretKeySpec(secretKey,0,secretKey.length,secretKeyAlgorithm);
            cipher = Cipher.getInstance(algorithm);
                  cipher.init(Cipher.ENCRYPT_MODE, key);
                  cipher.doFinal(plainText, 0, plainText.length, cipherText, 0);
            System.out.println("Plain Text :"+new String(plainText));
            System.out.println("Cipher Text :"+new String(cipherText));
              catch(Exception e)
                  System.out.println(""+e);
      }Decrypt:
  public void decrypt()
          try
  //            cipher = Cipher.getInstance(algorithm);
              cipher.init(Cipher.DECRYPT_MODE,key);
              cipher.doFinal(cipherText,0,cipherText.length,decryptedText,0);
              System.out.println("Recovered Plain Text :"+new String(decryptedText));
          catch(Exception e)
              System.out.println(""+e);
      }Where am I going wrong?

  debayandas wrote:
  I am using DES algorithm, the default provided by J2ME to encrypt and decrypt some text. My problem is that I can encrypt the text but when I decrypt I get javax.crypto.BadPaddingException. I used a sample code from this forum I suppose and modified it to some extend.How did you get DES in J2ME?
  I am asking as there isn't one default implementation in J2ME and as far as I am aware it is not included in any Configurations or Profiles of J2ME.
  You might be using [Bouncycastle library|http://www.bouncycastle.org/java.html] or any other third party implementation of DES, in which case please refer to the documentation of it to see in which methods throw BadPaddingException and in what circumstances, in order to pinpoint the problem.
  Daniel

• Javax.crypto.BadPaddingException: pad block corrupted  when using Java 1.4

  I'm getting a javax.crypto.BadPaddingException: pad block corrupted Exception while working on converting our existing java jdk 1.2 to java 1.4. Any suggestions would be great. Here are the specifics:
  We have a web application that been running for 3+ years under java jdk 1.2 & jce_1_2.jar. Within the application we are exchanging data (XML) with a customer using the following encryption scheme:
  1) We create a one time DESede key through the KeyGenerator class passing in ("DESede", "BC")
  2) We encrypt the data with this one time key using ("DESede/ECB/PKCS5Padding", "BC")
  3) This one time key is then encrypted using ("RSA/ECB/PKCS1Padding", "BC") and customer's public key
  4) We create a signature with our private key, which they have the public key for.
  This is process/api that we required to use for their API's and its worked fine under 1.2, with "ABA" as the provider. Now moving to 1.4, I'm using BouncyCastle as the provider.
  Other differences, the keystore was created under 1.2 and in 1.2 it was defined as "JCEKS" provider "SunJCE" under 1.4 I changed them to "JKS" and "SUN" . I would get bad header exceptions when reading from the keystore until I changed it. I don't think its the BouncyCastle since I was able to download the 1.2 version of BC and get the existing app to work and I also got the 1.4 version of BC to work under the existing 1.2 application.
  So something seems to be different with the algorithms/padding, but I can't seem to find it. I tried the following: "RSA" "RSA/ECB" "RSA//PKCS1Padding" "NoPadding" also changed the DESede algorithm with no luck. All I know is that its failing on the decryption of the one time key, since its failing on the customer side, I don't have much other insight into it, other then the exception that they sent me.
  More info: getting error on Java: build 1.4.2_02-b03 on Solaris 5.8
  Existing application running: Java JDK_1.2.2_10 on Solaris 5.8
  BouncyCastle: bcprov-jdk14-124.jar
  Thanks

  Here is the stackTrace that I was sent:
  20040804;10:29:37: javax.crypto.BadPaddingException: pad block corrupted
  20040804;10:29:37: at org.bouncycastle.jce.provider.JCEBlockCipher.engineDo
  Final(JCEBlockCipher.java:460)
  20040804;10:29:37: at javax.crypto.Cipher.doFinal(Cipher.java:1129)
  20040804;10:29:37: at com.customer.crypto.SymmetricCryptor.decrypt(SymmetricCryptor.java:105)
  20040804;10:29:37: at com.customer.crypto.SymmetricCryptor.decryptToStr
  ing(SymmetricCryptor.java:95)
  20040804;10:29:37: at com.customer.api.Data.DataServlet doPost(DataServlet.java:88)