Issue with javax.crypto.SecretFactory
I am getting the following error in the following code:
DESedeKeySpec spec = new DESedeKeySpec( baKey );
SecretKeyFactory keyFactory = SecretKeyFactory.getInstanc( "DESede" );
Here is the error message:
java.security.NoSuchAlgorithmException: Algorithm DESede not available
at javax.crypto.SunJCE_b.a(DashoA6275)
at javax.crypto.SecretKeyFactory.getInstance(DashoA6275)
I will really appreciate any help.
Looks like it has something to do with the jdk installed on my machine. I changed the location of jdk and I get the following error:
javax.crypto.BadPaddingException: Given final block not properly padded
at com.sun.crypto.provider.DESedeCipher.engineDoFinal(DashoA6275)
at com.sun.crypto.provider.DESedeCipher.engineDoFinal(DashoA6275)
at javax.crypto.Cipher.doFinal(DashoA6275)
Similar Messages
-
Issue with multiple crypto isakmp policies
Hey folks,
I'm having an issue setting up multiple crypto isakmp policies on my 1921 router. Whenever I have only one crypto isakmp policy set up like so:
crypto isakmp policy 1
encr aes 256
group 5
It works perfectly fine with my certificate tunnel group in my ASA. When I debug crypto ipsec & debug crypto isakmp and watch the connection, I see this:
ISAKMP transform 1 against priority 1 policy
*Oct 7 20:04:09.263: ISAKMP: encryption AES-CBC
*Oct 7 20:04:09.263: ISAKMP: keylength of 256
*Oct 7 20:04:09.263: ISAKMP: hash SHA
*Oct 7 20:04:09.263: ISAKMP: default group 5
*Oct 7 20:04:09.263: ISAKMP: auth RSA sig
*Oct 7 20:04:09.263: ISAKMP: life type in seconds
*Oct 7 20:04:09.263: ISAKMP: life duration (VPI) of 0x0 0x1 0x51 0x80
*Oct 7 20:04:09.263: ISAKMP:(0):atts are acceptable. Next payload is 0
This is showing me that the handshake is verifying the policy with the "auth RSA sig" type, which is what I expected and is what I want.
Here is where my issue actually comes up. When I add another crypto isakmp policy (2) the "authorization pre-share" over rides the "authorization rsa-sig" of policy 1. Here is what I have set up:
crypto isakmp policy 1
encr aes 256
group 5
crypto isakmp policy 2
encr aes 256
authorization pre-share
group 5
This is showing me that crypto isakmp policy 1 is set with the default authorization type of rsa-sig (in fact if I manually enter that command under the policy 1 configuration mode and it doesn't print in the show run output), and the crypto isakmp policy 2 is set to authorization pre-share.
When I debug crypto ipsec & debug crypto isakmp with this configuration, this is what I'm getting:
56:46.259: ISAKMP:(0): PKI->IKE Got configured TrustPoints state (I) MM_NO_STATE (peer 199.46.128.5)
*Oct 7 19:56:46.263: ISAKMP:(0):Checking ISAKMP transform 2 against priority 1 policy
*Oct 7 19:56:46.263: ISAKMP: encryption AES-CBC
*Oct 7 19:56:46.263: ISAKMP: keylength of 256
*Oct 7 19:56:46.263: ISAKMP: hash SHA
*Oct 7 19:56:46.263: ISAKMP: default group 5
*Oct 7 19:56:46.263: ISAKMP: auth pre-share
*Oct 7 19:56:46.263: ISAKMP: life type in seconds
*Oct 7
19:56:46.263: ISAKMP: life duration (VPI) of 0x0 0x1 0x51 0x80
*Oct 7 19:56:46.263: ISAKMP:(0):Authentication method offered does not match policy!
*Oct 7 19:56:46.263: ISAKMP:(0):atts are not acceptable. Next payload is 0
*Oct 7 19:56:46.263: ISAKMP:(0):Checking ISAKMP transform 2 against priority 2 policy
*Oct 7 19:56:46.263: ISAKMP: encryption AES-CBC
*Oct 7 19:56:46.263: ISAKMP: keylength of 256
*Oct 7 19:56:46.263: ISAKMP: hash SHA
*Oct 7 19:56:46.263: ISAKMP:
default group 5
*Oct 7 19:56:46.263: ISAKMP: auth pre-share
*Oct 7 19:56:46.263: ISAKMP: life type in seconds
*Oct 7 19:56:46.263: ISAKMP: life duration (VPI) of 0x0 0x1 0x51 0x80
It looks like the first policy is being verified against "auth pre-share" and fails because "Authentication method offered does not match policy!". My question is, does anyone know how to correct this so that the first policy is set to authenticate via rsa-sig and the second policy is authenticated via pre-shared keys? Is there a bug that will not differentiate the authorization types between the two policies?
Just an FYI, here is the version information of the router:
Cisco IOS Software, C1900 Software (C1900-UNIVERSALK9-M), Version 15.2(4)M3, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Tue 26-Feb-13 02:11 by prod_rel_team
ROM: System Bootstrap, Version 15.0(1r)M16, RELEASE SOFTWARE (fc1)
System returned to ROM by power-on
System image file is "usbflash0:c1900-universalk9-mz.SPA.152-4.M3.bin"
Last reload type: Normal Reload
Last reload reason: power-on
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
Cisco CISCO1921/K9 (revision 1.0) with 491520K/32768K bytes of memory.
Processor board ID FTX171385L4
2 Gigabit Ethernet interfaces
1 terminal line
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity disabled.
255K bytes of non-volatile configuration memory.
249840K bytes of USB Flash usbflash0 (Read/Write)
License Info:
License UDI:
Device# PID SN
*0 CISCO1921/K9
Technology Package License Information for Module:'c1900'
Technology Technology-package Technology-package
Current Type Next reboot
ipbase ipbasek9 Permanent ipbasek9
security securityk9 Permanent securityk9
data None None None
Configuration register is 0x2102Thanks for the input Walter. That isn't it though. I have plenty of sites with crypto map <name> 1 which map to crypto isakmp policy 2 settings. The debug is showing that the behavior is to try to authenticate through policy 1 first, and then progress to any other policies until there is a match. Since there is a match with policy 2 settings, the tunnel comes up.
My real question is, why would it change from "auth RSA sig" in the first debug out put to the "auth pre-share" in the second debug output. Judging by the config on the router, it appears to me that the line for "authorization pre-share" under policy 2 SHOULD only apply to policy 2 and SHOULD NOT override the "authorization rsa-sig" of policy 1.
Again, when I debug crypto ipsec & debug crypto isakmp, it shows clearly that the first policy is being verified, however the "auth" is now "pre-share" and no longer "RSA sig":
56:46.259: ISAKMP:(0): PKI->IKE Got configured TrustPoints state (I) MM_NO_STATE (peer 199.46.128.5)
*Oct 7 19:56:46.263: ISAKMP:(0):Checking ISAKMP transform 2 against priority 1 policy
*Oct 7 19:56:46.263: ISAKMP: encryption AES-CBC
*Oct 7 19:56:46.263: ISAKMP: keylength of 256
*Oct 7 19:56:46.263: ISAKMP: hash SHA
*Oct 7 19:56:46.263: ISAKMP: default group 5
*Oct 7 19:56:46.263: ISAKMP: auth pre-share <---This should read "auth RSA sig"
*Oct 7 19:56:46.263: ISAKMP: life type in seconds
*Oct 7
19:56:46.263: ISAKMP: life duration (VPI) of 0x0 0x1 0x51 0x80
*Oct 7 19:56:46.263: ISAKMP:(0):Authentication method offered does not match policy!
*Oct 7 19:56:46.263: ISAKMP:(0):atts are not acceptable. Next payload is 0
*Oct 7 19:56:46.263: ISAKMP:(0):Checking ISAKMP transform 2 against priority 2 policy
*Oct 7 19:56:46.263: ISAKMP: encryption AES-CBC
*Oct 7 19:56:46.263: ISAKMP: keylength of 256
*Oct 7 19:56:46.263: ISAKMP: hash SHA
*Oct 7 19:56:46.263: ISAKMP:
default group 5
*Oct 7 19:56:46.263: ISAKMP: auth pre-share
*Oct 7 19:56:46.263: ISAKMP: life type in seconds
*Oct 7 19:56:46.263: ISAKMP: life duration (VPI) of 0x0 0x1 0x51 0x80 -
Evaluator.java won't compile due to issues with javax.tools.*
* Evaluator.java
* Created on January 23, 2007, 4:17 PM
* To change this template, choose Tools | Template Manager
* and open the template in the editor.
package ObjectTools;
import java.io.*;
import java.net.*;
import javax.tools.*;
import java.lang.reflect.*;
* Utilizes {@link java.lang.reflect} package
* @author ppowell-c
public abstract class Evaluator {
public static boolean writeSource(final String sourcePath, final String sourceCode)
throws FileNotFoundException {
PrintWriter writer = new PrintWriter(sourcePath);
writer.println(sourceCode);
writer.close();
return true;
public static boolean compile(final String sourcePath) throws IOException {
final JavaCompilerTool compiler = ToolProvider.defaultJavaCompiler();
final JavaFileManager manager = compiler.getStandardFileManager();
final JavaFileObject source =
manager.getFileForInput(sourcePath); /* java.io.IOException */
final JavaCompilerTool.CompilationTask task = compiler.run(null, source);
return task.getResult();
public static final java.lang.Class loadExpression(final String path, final String className)
throws MalformedURLException,
ClassNotFoundException { /* java.net.MalformedURLException */
final URLClassLoader myLoader = new URLClassLoader(new java.net.URL[] {
new File(path).toURI().toURL()
/* java.lang.ClassNotFoundException */
return Class.forName(className, true, myLoader);
public static java.lang.Object evalExpression(final Class test)
throws NoSuchMethodException, IllegalAccessException, InvocationTargetException {
final Class[] parameterType = null;
/* java.lang.NoSuchMethodException */
final Method method = test.getMethod("expression", parameterType);
final Object[] argument = null;
Object instance = null;
/* java.lang.IllegalAccessException, java.lang.reflect.InvocationTargetException */
return method.invoke(instance, argument);
public static Object eval(final String expression)
throws FileNotFoundException, IOException, MalformedURLException,
ClassNotFoundException, NoSuchMethodException, IllegalAccessException,
InvocationTargetException {
final Object result;
final String path = "c:/";
final String className = "ExpressionWrapper";
final String sourcePath = path + className + ".java";
writeSource(/* to */ sourcePath,
"public class " + className + "\n" +
"{ public static java.lang.Object expression()\n" +
" { return " + expression + "; }}\n" );
if(compile(sourcePath)) {
final Class class_ =
loadExpression(/* from */ path, className);
result = evalExpression(class_);
} else {
result = null;
return result;
}Produces compiler errors on javax.tools.ToolProvider along with nearly everything else in javax.tools to boot.
I'm using J2SE 1.5.0 with NetBeans 5.5 so they all should be there. I'm following the example at http://userpage.fu-berlin.de/~ram/pub/pub_jf47ht9Ht/evaluating-expressions-with-java since all I want to do is come up with a Java equivalent of "eval()", which I use in PHP whenever I need it.
Help appreciated, I'm lost here.
Thanx
PhilHow do you do the Java equivalent of eval()?The language provides no support for that.
Reflection lets you call any method, where you
specify that method's name as a string and go through
a few other steps to build the proper Method object
with the proper args.
(http://java.sun.com/docs/books/tutorial/reflect/) It
won't let you just evaluate Java source code as a
script interpreter though. To do that, see
www.beanshell.org. Jython and I think Ruby on Rails
also give you scriptingin Java. Jython uses Python's
syntax, but gives you access to your Java classes. I
don't know ayhthing about RoR.I am going to look up PHP/Java myself as I know no Python right offhand (but probably could learn it in about 10,000 years). Tried to figure out reflection but couldn't figure out how to do what in PHP we do like this:
$msg = eval('JButton ' . $nameArray[$i][0] . ' = new JButton("' . $nameArray[$i][1] . '");'); -
AES with two keys javax.crypto.BadPaddingException
Hello,
I'am trying to encrypt / decrypt using AES, which performs correctly for one level encryption / decryption. However, when I am trying a two level encryption / decryption. I have this code:
String message="This is just an example";
byte[] raw="df5ea29924d39c3be8785734f13169c6".getBytes("ISO-8859-1");
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted = cipher.doFinal((args.length == 0 ? "This is just an example" : args[0]).getBytes());
System.out.println("encrypted string: " + asHex(encrypted));
raw="ef5ea29924d39c3be8785734f13169c7".getBytes("ISO-8859-1");
skeySpec = new SecretKeySpec(raw, "AES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypteded = cipher.doFinal(encrypted);
raw="df5ea29924d39c3be8785734f13169c6".getBytes("ISO-8859-1");
skeySpec = new SecretKeySpec(raw, "AES");
cipher.init(Cipher.DECRYPT_MODE, skeySpec);
byte[] original1 = cipher.doFinal(encrypteded);
raw="ef5ea29924d39c3be8785734f13169c7".getBytes("ISO-8859-1");
skeySpec = new SecretKeySpec(raw, "AES");
cipher.init(Cipher.DECRYPT_MODE, skeySpec);
byte[] original2 = cipher.doFinal(original1);
I get this exception:
Exception in thread "main" javax.crypto.BadPaddingException: Given final block not properly padded
at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:811)
at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:676)
at com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:317)
at javax.crypto.Cipher.doFinal(Cipher.java:1813)
Thank you!marya_a wrote:
Thank you for you replay. Can you tell me if there is a symmetric and commutative cryptosystem. Since XOR commutes I would expect that any of the stream ciphers that generate a stream of pseudo random bits and XOR these with the cleartext to create the ciphertext will work. RC4 and block algorithms (AES, DES etc) using modes such as CFB spring to mind.
Of course these should only be used with random session keys since using fixed keys (as you seem to have) is fundamentally insecure.
I know that RSA is commutative, I'm pretty sure that this applies only if all stages use the same modulus.
but I want it to be also symmetric.Edited by: sabre150 on Apr 13, 2010 9:41 AM -
Javax.crypto.BadPaddingException: pad block corrupted with 1.4
I'm getting a javax.crypto.BadPaddingException: pad block corrupted Exception while working on converting our existing java jdk 1.2 to java 1.4. Any suggestions would be great. Here are the specifics:
We have a web application that been running for several years under java jdk 1.2 & jce_1_2.jar. Within the application we are exchanging data (XML) with a customer using the following encryption scheme:
1) We create a one time DESede key through the KeyGenerator class passing in ("DESede", "BC")
2) We encrypt the data with this one time key using ("DESede/ECB/PKCS5Padding", "BC")
3) This one time key is then encrypted using ("RSA/ECB/PKCS1Padding", "BC") and customer's public key
4) We create a signature with our private key, which they have the public key for.
This is process/api that we had to use for their API's and its worked fine under 1.2, with "ABA" as the provider. Now moving to 1.4, I'm using BouncyCastle as the provider.
Other differences, the keystore in 1.2 was defined as "JCEKS" provider "SunJCE" under 1.4 I changed them to "JKS" and "SUN" . I would get bad header exceptions from keystore until I changed it. I don't think its the BouncyCastle since I was able to download the 1.2 version of BC and get the existing app to work and I also got the 1.4 version of BC to work under the existing 1.2 application.
So something seems to be different with the algorithms/padding, but I can't seem to find it. I tried the following: "RSA" "RSA/ECB" "RSA//PKCS1Padding" "NoPadding" also changed the DESede algorithm with no luck. All I know is that its failing on the decryption of the one time key.
Thankshttp://forum.java.sun.com/forum.jsp?forum=60 is probably a better place to post this.
-
Javax.crypto.BadPaddingException: Data must start with zero
Actually, I didn't write the entire codes, most of it was written by someone here, and I only tried to add a method. Here:
public class RSAEncrypt {
private KeyPair keys;
private Cipher rsaCipher;
public RSAEncrypt() throws GeneralSecurityException {
KeyPairGenerator keygen = KeyPairGenerator.getInstance("RSA");
keygen.initialize(512);
keys = keygen.generateKeyPair();
rsaCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
public byte[] encrypt(byte[] message) throws GeneralSecurityException {
rsaCipher.init(Cipher.ENCRYPT_MODE, keys.getPublic());
return rsaCipher.doFinal(message);
public byte[] decrypt(byte[] encryptedMessage) throws GeneralSecurityException {
rsaCipher.init(Cipher.DECRYPT_MODE, keys.getPrivate());
return rsaCipher.doFinal(encryptedMessage);
* @param args
public static void main(String[] args) throws Exception {
String message = "The quick brown fox ran away";
System.out.println("Message: " + message);
byte[] encrypted = new RSAEncrypt().encrypt(message.getBytes());
System.out.println("Cipher Text: " + HexBin.encode(encrypted));
byte[] decrypted = new RSAEncrypt().decrypt(encrypted);
System.out.println("Decrypted Text: " + decrypted);
}The idea is that the program should encrypt the String, "The quick brown fox ran away," which it does. But when it gets to this line:
byte[] decrypted = new RSAEncrypt().decrypt(encrypted);i get the error: javax.crypto.BadPaddingException: Data must start with zero.
But here's the funny thing: If I edit the codes so that the encryption and decryption are done in the constructor, it works! Here:
public class RSAEncrypt {
private KeyPair keys;
private Cipher rsaCipher;
public RSAEncrypt() throws GeneralSecurityException {
KeyPairGenerator keygen = KeyPairGenerator.getInstance("RSA");
keygen.initialize(512);
keys = keygen.generateKeyPair();
rsaCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
rsaCipher.init(Cipher.ENCRYPT_MODE, keys.getPublic());
String message = "The quick brown fox ran away";
byte[] cipherText = rsaCipher.doFinal(message.getBytes());
System.out.println(new BASE64Encoder().encode(cipherText));
rsaCipher.init(Cipher.DECRYPT_MODE, keys.getPrivate());
byte[] decryptedText = rsaCipher.doFinal(cipherText);
String dText = new String(decryptedText);
System.out.println(dText);
* @param args
public static void main(String[] args) throws Exception {
new RSAEncrypt();
}So, I'm confused. The Data must start with zero error is coming up when I pass encrypted data to a method for decryption, but it doesn't come out when I run everything in one method or in the constructor. Why???
Also, when performing RSA encryption (or decryption) on a plaintext stored in a file (not a big file, just a file with probably one or two lines), this is what I do (and it works):
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
cipher.init(Cipher.ENCRYPT_MODE, pubKey);
CipherInputStream cis = new CipherInputStream(new FileInputStream(new File("message.txt")),cipher);My question is, I do see some people doing this as well:
cipher.doFinal(byteArray);The fact that I don't have this in my code when encrypting data from a file, that's ok, right? I don't need to do a ".doFinal()" method, do I?
Edited by: glenak on Aug 19, 2010 4:26 AMglenak wrote:
I don't quite understand, but if you mean this:
String message = "The quick brown fox ran away";
System.out.println("Message: " + message);
RSAEncrypt rsaEncrypt = new RSAEncrypt();
Creates and instance of RSAEncrypt with a new random RSA key pair.
byte[] encrypted = rsaEncrypt.encrypt(message.getBytes());Encrypts with the random public key created in the first instance.
System.out.println("Cipher Text: " + HexBin.encode(encrypted));
RSAEncrypt rsaDecrypt = new RSAEncrypt();Creates and second instance of RSAEncrypt with a new random RSA key pair nothing to do with the first instance.
byte[] decrypted = rsaDecrypt.decrypt(encrypted);Attempts to decrypt the ciphertext created with the public key of the first instance using the private key of the second, and totally unrelated, instance.
System.out.println("Decrypted Text: " + decrypted);I still get the "Data must start with zero" error.
If you could show me an example of what you mean, it would help very muchNo example is required. You cannot encrypt with the public key of one key pair and expect to decrypt with the private key of a totally independent key pair. -
Does anyone have a link to where I could see the source code of classes in this package? I have already unzipped the java source code and cannot find the entire javax.crypto folder. Any suggestions? Thank you for your efforts.
Your second class is getting a Cipher with whatever the default mode/padding are for the various algorithms. The first is making the mode and padding requests explicit, and is failing on some of them.
That being said - in my environment (1.4.2, Win2K, unlimited-strength policy files in place) the only ones that fail are 8, 10, 11, 16, 18, and 19. Looks like the SunJCE only supports CBC when using PBE encryption.
I can't explain why your setup seems to be failing everything except ECB and OFB padding.
Grant -
Javax.crypto.* and javax.crypto.spec.* problem with MHP receiver
Hello to everyone, I started to program in MHP 1.0.2 on a MHP receiver and now i'm practicing in encrypting and decrypting. I load from the smart card in the MHP receiver an X509Certificate object (I have it both in byte[] form, called certArray, and X509Certificate object, called "certificate"). What i'd like to do is to :
1)calculate digest of the certificate (line 1 and 2 of the following code)
2) encrypt the digest using the same algorithm of the certificate (see line 3 and 4)
The problem is generated at line 3 : the receiver, probably, doesn't find the class of the algorithm of encrypting. It is important to notice that the instruments to encrypt/decrypt are included in javax.crypto and javax.crypto.spec packages.
MessageDigest md = MessageDigest.getInstance("SHA");
byte[] digest = md.digest(certArray);
Cipher encrypt = Cipher.getInstance(certificate.getSigAlgName());
encrypt.init(Cipher.ENCRYPT_MODE, certificate.getPublicKey());
The error message, in the log file, is the following :
[0#1:2] java.security.NoSuchAlgorithmException: SHA1withRSA not found
[0#1:2] at javax.crypto.Cipher.getInstance(Ljava/lang/String;)Ljavax/crypto/Cipher;(Unknown Source)
[0#1:2] at it.csp.SecurelabXlet.encrypt()V(Unknown Source)
[0#1:2] at it.csp.SecurelabXlet.cardInserted(Lopencard/core/event/CardTerminalEvent;)V(Unknown Source)
[0#1:2] at opencard.core.event.EventGenerator.createEventsForPresentCards(Lopencard/core/event/CTListener;)V(Unknown Source)
[0#1:2] at it.csp.SecurelabXlet.register()V(Unknown Source)
[0#1:2] at it.csp.SecurelabXlet.startXlet()V(Unknown Source)
[0#1:2] at java.lang.reflect.Method.invoke(Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;(Unknown Source)
[0#1:2] at tv.osmosys.application.AppManager$XletApp.xletStart()Z(Unknown Source)
[0#1:2] at tv.osmosys.application.AppManager$XletApp.loop0(Ltv/osmosys/application/AppManager$XletAction;)V(Unknown Source)
[0#1:2] at tv.osmosys.application.AppManager$XletApp.run()V(Unknown Source)
[0#1:2] at java.lang.Thread.run()V(Unknown Source)
[0#1:2] at java.lang.Thread.startup(Z)V(Unknown Source)
My question(s) is : how can I include javax.crypto and javax.crypto.spec in the Xlet application to upload it onto the MHP receiver?? Is it possibile to do so?
Eventually, do other libraries exist to use encrypting algorithms, included in MHP? The version I use of MHP is 1.0.2. Thank you! Bye!Hello to everyone, I started to program in MHP 1.0.2 on a MHP receiver and now i'm practicing in encrypting and decrypting. I load from the smart card in the MHP receiver an X509Certificate object (I have it both in byte[] form, called certArray, and X509Certificate object, called "certificate"). What i'd like to do is to :
1)calculate digest of the certificate (line 1 and 2 of the following code)
2) encrypt the digest using the same algorithm of the certificate (see line 3 and 4)
The problem is generated at line 3 : the receiver, probably, doesn't find the class of the algorithm of encrypting. It is important to notice that the instruments to encrypt/decrypt are included in javax.crypto and javax.crypto.spec packages.
MessageDigest md = MessageDigest.getInstance("SHA");
byte[] digest = md.digest(certArray);
Cipher encrypt = Cipher.getInstance(certificate.getSigAlgName());
encrypt.init(Cipher.ENCRYPT_MODE, certificate.getPublicKey());
The error message, in the log file, is the following :
[0#1:2] java.security.NoSuchAlgorithmException: SHA1withRSA not found
[0#1:2] at javax.crypto.Cipher.getInstance(Ljava/lang/String;)Ljavax/crypto/Cipher;(Unknown Source)
[0#1:2] at it.csp.SecurelabXlet.encrypt()V(Unknown Source)
[0#1:2] at it.csp.SecurelabXlet.cardInserted(Lopencard/core/event/CardTerminalEvent;)V(Unknown Source)
[0#1:2] at opencard.core.event.EventGenerator.createEventsForPresentCards(Lopencard/core/event/CTListener;)V(Unknown Source)
[0#1:2] at it.csp.SecurelabXlet.register()V(Unknown Source)
[0#1:2] at it.csp.SecurelabXlet.startXlet()V(Unknown Source)
[0#1:2] at java.lang.reflect.Method.invoke(Ljava/lang/Object;[Ljava/lang/Object;)Ljava/lang/Object;(Unknown Source)
[0#1:2] at tv.osmosys.application.AppManager$XletApp.xletStart()Z(Unknown Source)
[0#1:2] at tv.osmosys.application.AppManager$XletApp.loop0(Ltv/osmosys/application/AppManager$XletAction;)V(Unknown Source)
[0#1:2] at tv.osmosys.application.AppManager$XletApp.run()V(Unknown Source)
[0#1:2] at java.lang.Thread.run()V(Unknown Source)
[0#1:2] at java.lang.Thread.startup(Z)V(Unknown Source)
My question(s) is : how can I include javax.crypto and javax.crypto.spec in the Xlet application to upload it onto the MHP receiver?? Is it possibile to do so?
Eventually, do other libraries exist to use encrypting algorithms, included in MHP? The version I use of MHP is 1.0.2. Thank you! Bye! -
Unable to Decrypt the data properly using javax.crypto class and SunJCE
Hello all,
I am not new to Java but new to this forums
but and JCE and i wanted to write a program that Encrypts a file and also another program that decrypts it. As far Encryption is concerned i have been successful but When it comes to Decryption things aren't looking bright i have some or the other Problem with it. plz help me out .
Here is the Code for my Programs
Encryption
Code:
import java.io.*;
import javax.crypto.*;
import javax.crypto.spec.SecretKeySpec;
import java.security.*;
import javax.swing.*;
class MyJCE
public static void main(String args[])throws Exception
Provider sunjce = new com.sun.crypto.provider.SunJCE();
Security.addProvider(sunjce);
JFileChooser jfc = new JFileChooser();
int selection= jfc.showOpenDialog(null);
if(selection==JFileChooser.APPROVE_OPTION)
FileInputStream fis = new FileInputStream(jfc.getSelectedFile());
System.out.println("Selected file " + jfc.getSelectedFile());
try{
KeyGenerator kg = KeyGenerator.getInstance("DESede");
SecretKey key= kg.generateKey();
byte[] mkey=key.getEncoded();
System.out.println(key);
SecretKeySpec skey = new SecretKeySpec(mkey, "DESede");
Cipher cipher=Cipher.getInstance("DESede/ECB/NoPadding");
cipher.init(Cipher.ENCRYPT_MODE,skey);
byte[] data= new byte[fis.available()];
//reading the file into data byte array
byte[] result= cipher.update(data);
byte[] enc= new byte [fis.read(result)];
System.out.println("Encrypted =" + result);
File fi= new File("/home/srikar/Encrypted");
FileOutputStream fos= new FileOutputStream(fi);
fos.write(enc);
fos.close();
byte[] encodedSpeckey = skey.getEncoded();
FileOutputStream ks= new FileOutputStream("./key.txt");
ks.write(encodedSpeckey);
System.out.println("Key written to a file");
}//try
catch(Exception ex)
ex.printStackTrace();
}//catch
}This Creates a Encrypted File. and a Encrypted key.txt
Code:
import java.io.*;
import javax.crypto.*;
import javax.crypto.spec.SecretKeySpec;
import java.security.*;
import javax.swing.*;
class Decrypt
public static void main(String[] args)
try
JFileChooser jfc = new JFileChooser();
int selection= jfc.showOpenDialog(null);
if(selection==JFileChooser.APPROVE_OPTION)
FileInputStream fis = new FileInputStream(jfc.getSelectedFile());
System.out.println("Selected file " + jfc.getSelectedFile());
//Read from the Encrypted Data
int ll= (int)jfc.getSelectedFile().length();
byte[] buffer = new byte[ll];
int bytesRead=fis.read(buffer);
byte[] data= new byte[bytesRead];
System.arraycopy(buffer,0,data,0,bytesRead);
//Read the Cipher Settings
FileInputStream rkey= new FileInputStream("./key.txt");
bytesRead = rkey.read(buffer);
byte[] encodedKeySpec=new byte[bytesRead];
System.arraycopy(buffer,0,encodedKeySpec,0,bytesRead);
//Recreate the Secret Symmetric Key
SecretKeySpec skeySpec= new SecretKeySpec(encodedKeySpec,"DESede");
//create the cipher for Decrypting
Cipher cipher = Cipher.getInstance("DESede/ECB/NoPadding");
cipher.init(Cipher.DECRYPT_MODE,skeySpec);
byte[] decrypted= cipher.update(data);
FileOutputStream fos= new FileOutputStream("/home/srikar/Decrypted");
fos.write(decrypted);
}//if
}//try
catch(Exception e)
e.printStackTrace();
}//catch
}//main
}//classthis Decrypt.java is expected to decrypt the above encrypted file but this simply creates a plaintext file of the same size as the Encrypted file but its contents are unreadable.
Or I endup with Exceptions like BadPadding or IllegalBlockSize Exception if i use any other Algorithm .
Please help out
thanx in advanceSrikar2871 wrote:
Well thanx for ur reply but
As i said there are No issues with ENCRYPTION and am getting an Encrypted file exactly of the same size as that of the original file and NOT as null bytes and Even am able to get a Decrypted file of again the same size of the Encrypted File but this time that data inside is in unreadable format.I ran your code EXACTLY* as posted and the contents of the file when viewed in a Hex editor was
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00So unless you are running different code to what you have posted, your file will look the same.
Cheers,
Shane -
Issue with Ftp Client / Server using Sockets
I have developed a Ftp Client and a Ftp Server. The client Connects to the Ftp Server and sends files to the ftp server. It is a multi threaded server and can have multiple clients connecting to it.
If a client goes down...the server waits till the client comes up
Similarly the client waits if a server goes down and reconnects when the server is again up and running
i am having a strange issue here. When two clients go down and reconnect to the server...They take a long time to connect and transferring of files takes a long time...
Other wise in all other scenarios the duo work properly.
Any feedback and suggestion about this strange issue from all you java gurus out there will be deeply appreciated.
Here is the client code
import java.net.*;
import java.net.Socket;
import java.net.InetAddress;
import java.io.*;
import java.io.File;
import java.util.*;
import java.lang.*;
import java.lang.Object;
import javax.crypto.*;
import java.util.regex.*;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.KeySpec;
import java.io.InputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.io.File.*;
import java.nio.channels.FileLock;
public class FTPClient {
public static void main(String[] args) throws Exception
Timer timer = new Timer("Test Timer");
timer.scheduleAtFixedRate(new TimerTask()
private int counter = 0;
public void run() {
try {
System.out.println(counter++);
Socket soc=new Socket("xxx.x.x.xx",5217);
System.out.println("Socket Initialised.");
transferfileClient t=new transferfileClient(soc);
t.SendFile();
System.out.println("run complete.");
catch(Exception ex)
}, 10000, 40000);
static class transferfileClient
Socket ClientSoc;
DataInputStream din;
DataOutputStream dout;
BufferedReader br;
transferfileClient(Socket soc)
try
ClientSoc=soc;
din=new DataInputStream(ClientSoc.getInputStream());
dout=new DataOutputStream(ClientSoc.getOutputStream());
br=new BufferedReader(new InputStreamReader(System.in));
catch(Exception ex)
//encrypto routine starts
class DesEncrypter {
Cipher ecipher;
Cipher dcipher;
// 8-byte Salt
byte[] salt = {
(byte)0xA9, (byte)0x9B, (byte)0xC8, (byte)0x32,
(byte)0x56, (byte)0x35, (byte)0xE3, (byte)0x03
// Iteration count
int iterationCount = 19;
DesEncrypter(String passPhrase) {
try {
// Create the key
KeySpec keySpec = new PBEKeySpec(passPhrase.toCharArray(), salt, iterationCount);
SecretKey key = SecretKeyFactory.getInstance(
"PBEWithMD5AndDES").generateSecret(keySpec);
ecipher = Cipher.getInstance(key.getAlgorithm());
dcipher = Cipher.getInstance(key.getAlgorithm());
// Prepare the parameter to the ciphers
AlgorithmParameterSpec paramSpec = new PBEParameterSpec(salt, iterationCount);
// Create the ciphers
ecipher.init(Cipher.ENCRYPT_MODE, key, paramSpec);
dcipher.init(Cipher.DECRYPT_MODE, key, paramSpec);
} catch (java.security.InvalidAlgorithmParameterException e) {
} catch (java.security.spec.InvalidKeySpecException e) {
} catch (javax.crypto.NoSuchPaddingException e) {
} catch (java.security.NoSuchAlgorithmException e) {
} catch (java.security.InvalidKeyException e) {
// Buffer used to transport the bytes from one stream to another
byte[] buf = new byte[1024];
public void encrypt(InputStream in, OutputStream out) {
try {
// Bytes written to out will be encrypted
out = new CipherOutputStream(out, ecipher);
// Read in the cleartext bytes and write to out to encrypt
int numRead = 0;
while ((numRead = in.read(buf)) >= 0) {
out.write(buf, 0, numRead);
out.close();
} catch (java.io.IOException e) {
public void decrypt(InputStream in, OutputStream out) {
try {
// Bytes read from in will be decrypted
in = new CipherInputStream(in, dcipher);
// Read in the decrypted bytes and write the cleartext to out
int numRead = 0;
while ((numRead = in.read(buf)) >= 0) {
out.write(buf, 0, numRead);
out.close();
} catch (java.io.IOException e) {
} //encryptor routine ends
void SendFile() throws Exception
try
String directoryName;
// File object referring to the directory.
String[] files; // Array of file names in the directory.
//directory = new File ( "C:\\FTP\\" ) ;
File directory1 = new File("C:\\FTP");
boolean successmk = directory1.mkdir();
if (!successmk) {
// Directory creation failed /Already Exists
File directory = new File("C:\\FTP\\ftpc");
boolean successmk1 = directory.mkdir();
if (!successmk1) {
// Directory creation failed /Already Exists
//directory = new File ( "E:\\FTP-encrypted" ) ;
if (directory.isDirectory() == false) {
if (directory.exists() == false)
System.out.println("There is no such directory!");
else
System.out.println("That file is not a directory.");
else {
files = directory.list();
System.out.println("Files in directory \"" + directory + "\":");
for (int i = 0; i < files.length; i++)
String patternStr = "xml";
Pattern pattern = Pattern.compile(patternStr);
Matcher matcher = pattern.matcher(files);
boolean matchFound = matcher.find();
if (matchFound) {
System.out.println(" " + files[i]);
String filename;
filename=files[i];
File f=new File(directory,filename);
FileLock lock = null;
FileOutputStream fos = new FileOutputStream(f, true);
lock = fos.getChannel().tryLock();
if (lock == null) {
System.out.println(" Failed to get the file lock: means that the file is locked by other instance.");
fos.close();
else
InetAddress addr = InetAddress.getLocalHost();
// Get IP Address
//byte[] ipAddr = addr.getAddress();
String ip= addr.toString();
// Get hostname
//String hostname = addr.getHostName();
System.out.println(" Lock Acquired.");
lock.release();
fos.close();
dout.writeUTF("SEND");
dout.writeUTF(ip);
dout.writeUTF(filename);
//String msgFromServer=din.readUTF();
DesEncrypter encrypter = new DesEncrypter("My Pass Phrase!");
// Encrypt
FileInputStream fino=new FileInputStream(f);
encrypter.encrypt(fino,
new FileOutputStream("ciphertext.txt"));
fino.close();
FileInputStream fin=new FileInputStream("ciphertext.txt");
int ch;
do
ch=fin.read();
dout.writeUTF(String.valueOf(ch));
while(ch!=-1);
fin.close();
String option;
option=din.readUTF();
if((option.compareTo("Delete")==0))
boolean success = (new File("ciphertext.txt")).delete();
boolean success1 = f.delete();
if (success) {
System.out.println("File Sent ...");
if (success1) {
System.out.println("--File deleted from Client ...");
for (int j = 0; j < 999999999; j++){}
}//pattermatch loop ends here
else
{ //System.out.println(" " + "Not an XML file-------->" +files[i]);
for (int jb = 0; jb < 111999999; jb++){}
}// for loop ends here for files in directory
}//else loop ends for directory files listing
System.out.println("sendfile finished...");
return;
} catch(Exception ex) {ex.printStackTrace();}
}//sendfile ends here
public void displayMenu() throws Exception
System.out.println(" Send File");
SendFile();
return;
And here is the server code...
import java.net.*;
import java.io.*;
import java.util.*;
import java.util.Date;
import java.text.SimpleDateFormat;
import java.text.DateFormat;
import java.text.Format;
import java.lang.Object;
import java.lang.*;
import javax.crypto.*;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.KeySpec;
public class FTPServer
{ public static void main(String args[]) throws Exception
{ ServerSocket soc=new ServerSocket(5217);
System.out.println("FTP Server Started on Port Number 5217");
while(true)
System.out.println("Waiting for Connection ...");
transferfile t=new transferfile(soc.accept());
class transferfile extends Thread
Socket ClientSoc;
DataInputStream din;
DataOutputStream dout;
transferfile(Socket soc)
{ try
{ ClientSoc=soc;
din=new DataInputStream(ClientSoc.getInputStream());
dout=new DataOutputStream(ClientSoc.getOutputStream());
System.out.println("FTP Client Connected ...");
System.out.println("External IP of Client ..." + ClientSoc.getInetAddress());
//System.out.println("FTP Client Connected ..." + ClientSoc.getRemoteSocketAddress());
start();
catch(Exception ex)
//encrypto routine starts
class DesEncrypter {
Cipher ecipher;
Cipher dcipher;
// 8-byte Salt
byte[] salt = {
(byte)0xA9, (byte)0x9B, (byte)0xC8, (byte)0x32,
(byte)0x56, (byte)0x35, (byte)0xE3, (byte)0x03 };
// Iteration count
int iterationCount = 19;
DesEncrypter(String passPhrase) {
try {
// Create the key
KeySpec keySpec = new PBEKeySpec(passPhrase.toCharArray(), salt, iterationCount);
SecretKey key = SecretKeyFactory.getInstance(
"PBEWithMD5AndDES").generateSecret(keySpec);
ecipher = Cipher.getInstance(key.getAlgorithm());
dcipher = Cipher.getInstance(key.getAlgorithm());
// Prepare the parameter to the ciphers
AlgorithmParameterSpec paramSpec = new PBEParameterSpec(salt, iterationCount);
// Create the ciphers
ecipher.init(Cipher.ENCRYPT_MODE, key, paramSpec);
dcipher.init(Cipher.DECRYPT_MODE, key, paramSpec);
} catch (java.security.InvalidAlgorithmParameterException e) {
} catch (java.security.spec.InvalidKeySpecException e) {
} catch (javax.crypto.NoSuchPaddingException e) {
} catch (java.security.NoSuchAlgorithmException e) {
} catch (java.security.InvalidKeyException e) {
// Buffer used to transport the bytes from one stream to another
byte[] buf = new byte[1024];
public void encrypt(InputStream in, OutputStream out) {
try {
// Bytes written to out will be encrypted
out = new CipherOutputStream(out, ecipher);
// Read in the cleartext bytes and write to out to encrypt
int numRead = 0;
while ((numRead = in.read(buf)) >= 0) {
out.write(buf, 0, numRead);
out.close();
} catch (java.io.IOException e) {
public void decrypt(InputStream in, OutputStream out) {
try {
// Bytes read from in will be decrypted
in = new CipherInputStream(in, dcipher);
// Read in the decrypted bytes and write the cleartext to out
int numRead = 0;
while ((numRead = in.read(buf)) >= 0) {
out.write(buf, 0, numRead);
//added later on
in.close();
out.close();
} catch (java.io.IOException e) {
} //encryptor routine ends
//not implemented right now as we arent using the ftp server to download stuff...can be activated later on if we want
void SendFile() throws Exception
String filename=din.readUTF();
File f=new File(filename);
if(!f.exists())
dout.writeUTF("File Not Found");
return;
else
{ dout.writeUTF("READY");
FileInputStream fin=new FileInputStream(f);
int ch;
do
ch=fin.read();
dout.writeUTF(String.valueOf(ch));
while(ch!=-1);
fin.close();
dout.writeUTF("File Received Successfully");
String Compare(String filename) throws Exception
///dout.writeUTF("entering compare");
String dateTempString=new String();
Date dateValue=new Date();
SimpleDateFormat formatter = new SimpleDateFormat ("hhmmss");
dateTempString = formatter.format(dateValue);
File dir1 = new File("C:\\FTPnew");
boolean success2 = dir1.mkdir();
if (!success2) {
// Directory creation failed /Already Exists
File dir = new File("C:\\FTPnew\\server");
boolean success = dir.mkdir();
if (!success) {
// Directory creation failed /Already Exists
File ftemp=new File(dir,dateTempString + filename);
File fnewtemp=new File(dir,"new-enc-"+filename);
// Create encrypter/decrypter class
DesEncrypter encrypter = new DesEncrypter("My Pass Phrase!");
FileOutputStream fout=new FileOutputStream(fnewtemp);
int ch;
String temp;
do
{ temp=din.readUTF();
ch=Integer.parseInt(temp);
if(ch!=-1)
fout.write(ch);
}while(ch!=-1);
fout.close();
//dout.writeUTF("written temp en file");
// Decrypt
encrypter.decrypt(new FileInputStream(fnewtemp),
new FileOutputStream(ftemp));
//String Option;
dout.writeUTF("Delete");
System.out.println("File Upload Successfull--Duplicate file with timestamp Created");
boolean success1 = fnewtemp.delete();
return "hello" ;
void ReceiveFile() throws Exception
String ip=din.readUTF();
System.out.println("\tRequest Coming from Internal IP Address : "+ ip);
String filename=din.readUTF();
if(filename.compareTo("File not found")==0)
return;
// Destination directory
File dir11 = new File("C:\\FTPnew");
boolean success22 = dir11.mkdir();
if (!success22) {
// Directory creation failed /Already Exists
File dir = new File("C:\\FTPnew\\server");
boolean success21 = dir.mkdir();
if (!success21) {
// Directory creation failed /Already Exists
File f=new File(dir ,"enc-"+filename);
File fe=new File(dir,filename);
String option;
if(fe.exists())
//dout.writeUTF("File Already Exists");
String compvalue = Compare(filename);
//dout.writeUTF(compvalue);
if(compvalue.compareTo("hello")==0)
//dout.writeUTF("Transfer Completed");
return;
option=din.readUTF();
else
//dout.writeUTF("SendFile");
option="Y";
if(option.compareTo("Y")==0)
// Generate a temporary key.
// Create encrypter/decrypter class
DesEncrypter encrypter = new DesEncrypter("My Pass Phrase!");
FileOutputStream fout=new FileOutputStream(f);
int ch;
String temp;
do
{ temp=din.readUTF();
ch=Integer.parseInt(temp);
if(ch!=-1)
fout.write(ch);
}while(ch!=-1);
fout.close();
// Decrypt
encrypter.decrypt(new FileInputStream(f),
new FileOutputStream(fe));
boolean success2 = f.delete();
dout.writeUTF("Delete");
System.out.println("File Upload Successfull");
else
return;
public void run()
while(true)
try
String Command=din.readUTF();
if(Command.compareTo("SEND")==0)
System.out.println("\tSEND Command Received ...");
ReceiveFile();
continue;
catch(Exception ex)
//System.out.println("\tClient Terminated Abnormally ...........");
continue;Please note that this is not an FTP client and server. FTP is defined by a standard IETF protocol and this isn't it.
Then, move the following lines:
din=new DataInputStream(ClientSoc.getInputStream());
dout=new DataOutputStream(ClientSoc.getOutputStream());
System.out.println("FTP Client Connected ...");
System.out.println("External IP of Client ..." + ClientSoc.getInetAddress());
//System.out.println("FTP Client Connected ..."+ClientSoc.getRemoteSocketAddress());from the constructor into the run() method. i.e. don't do anything with the socket in the thread which handles the accept(). -
Unable to install IDM 11.1.1.6.0..Issue with ASInstance ..not empty....
Hello IDM experts, please help me. I have Oracle Linux 5.7 64 bit installed on Oracle Virtual box 4.1.10.
I have valid IP address and Domain name and I am able to ping both.
I have successfully installed database 11GR2 (11.2.0.1.0) for 64 bit linux. All issues with OS packages have been resolved. Nothing is ignored. All parameter setting has been followed as per the installation guide by Oracle.
Installed JDK 1.7_03 version linux 64 bit ( I selected this as per the certification matrix ).
Installed WLS 10.3.6 for 64 bit linux
Ran RCU 11.1.1.6.0 and created all required schemas.
Downloaded IDM 11.1.1.6.0 for linux 64 bit.
While installing and configuring,
I have looked into all other postings related to this error and I did not find anything missing in my configuration.
Really appreciate your great help in resolving this issue. It is show stopper for me now.
While runInstaller executing ASInstance step, I get in the log : "Error creating ASInstance asinst_1 "
Caused by: java.lang.SecurityException: Can not initialize cryptographic mechanism
at javax.crypto.JceSecurity.<clinit>(JceSecurity.java:86)
... 31 more
Caused by: java.lang.SecurityException: The jurisdiction policy files are not signed by a trusted signer!
at javax.crypto.JarVerifier.verifyPolicySigned(JarVerifier.java:289)
Error creating ASInstance asinst_1.Cause:
An internal operation has failed: java.lang.ExceptionInInitializerError
Action:
If I retry, I get error saying "Oracle instance not empty ... ...."
Greatly appreciate your valuable suggestions.
Edited by: 923360 on Mar 26, 2012 7:16 AM
Edited by: 923360 on Nov 11, 2012 6:19 AMHi Please find the steps to resolve this issue here. I resolved this completely.
http://obieelive.wordpress.com/2012/05/25/obiee-11g-installation-failed-at-configuration-step-13-of-14/
Regards,
Sandep -
AES -javax.crypto.BadPaddingException: Given final block notproperly padded
I have an Encrypt Util class to encrypt and decrypt CLOB content in the database(Oracle). During encryption there is no error/exception thrown., But while decryption it throws the exception javax.crypto.BadPaddingException: Given final block notproperly padded.
The error is thrown only for selected records, not for all. For most of them it works fine. I use 256 bit AES Encryption.The sequence of steps to generate and retrieve the key is as follows:
(Generating and Storing the Key)
Generate original Key Using JCE --> Then XOR it with a known String (Key) --> Write to a file in DB Server (Solaris 10) using a Stored Procedure.
(Retrieving the Key)
Read the key file using s Stored Procedure --> XOR it with known String(Key) --> Retrieve the original Key
The decryption works fine for most of the records (70%) but failing 30% of the time. There is no exception in the way the encrypted content gets stored in the db
The key is generated as a one time step in the application and stored in the file. It is retrieved and cached in the application once, everytime the appserver is restarted.
Could someone pls. help?
Attaching below (1) code snippet for generating the key and (2) The code snipped to retrieve the key (3) the class which does the encryption and decryption of data
(1) code snippet for generating the key
String xorRefKey = "*&^%$#@!AiMsKey!*&^%$#@!AiMsKey!";
KeyGenerator kg = KeyGenerator.getInstance("AES");
kg.init(256);
String initialKey = new String (kg.generateKey().getEncoded());
char[] refArr = xorRefKey.toCharArray();
char[] initKeyArr = initialKey.toCharArray();
char[] finalKeyArr = new char[refArr.length];
for(int i=0;i<initKeyArr.length;i++){
finalKeyArr= (char)(initKeyArr[i] ^ refArr[i]);
String finalKey = new String(finalKeyArr);----------------------
(2) The code snipped to retrieve the keyString xorRefKey = "*&^%$#@!AiMsKey!*&^%$#@!AiMsKey!";
char[] refArr = xorRefKey.toCharArray();
//initialKey is the key read from the file using a db call
char[] initKeyArr = initialKey.toCharArray();
char[] finalKeyArr = new char[refArr.length];
for(int i=0;i<initKeyArr.length;i++){
finalKeyArr[i]= (char)(initKeyArr[i] ^ refArr[i]);
String finalKey= new String(finalKeyArr);
Class to encrypt/decrypt
(3) EncryptUtil classpublic class EncryptUtil {
private static SecretKeySpec skeySpec = null;
private static final String encryptionAlgorithm = "AES";
private static IGOLogger logger = IGOLogger.getInstance(IGOLogger.ENCRYPTION);
private static final String UNICODE_FORMAT = "UTF8";
private Cipher cipher = null;
public EncryptUtil(String key){
String lFuncName = "EncryptUtil :: EncryptUtil(): ";
try{
cipher = Cipher.getInstance(encryptionAlgorithm);
skeySpec = new SecretKeySpec(key.getBytes(), encryptionAlgorithm);
} catch (NoSuchAlgorithmException e) {
logger.error(lFuncName + "No Such Algorithm Error while creating Cipher and KeySpec ",e);
} catch (NoSuchPaddingException e) {
logger.error(lFuncName + "No Such Padding Error while creating Cipher and KeySpec ",e);
* Encrypts the data based on the key and algorithm
* @param data
* @return encrypted data
public String encrypt(String data){
String lFuncName = "EncryptUil :: encrypt(): ";
byte[] encryptedData = null;
String encryptedFinal = "";
try{
if(data!=null && data.length()>0){
cipher.init(Cipher.ENCRYPT_MODE, skeySpec,cipher.getParameters());
encryptedData = (cipher.doFinal(data.getBytes(UNICODE_FORMAT)));
encryptedFinal = new BASE64Encoder().encode(encryptedData);
} catch (InvalidKeyException e) {
logger.error(lFuncName + "Invalid Key Error while Encrypting Data ",e);
} catch (BadPaddingException e) {
logger.error(lFuncName + "Bad Padding Error while Encrypting Data ",e);
} catch (IllegalBlockSizeException e) {
logger.error(lFuncName + " Illegal Block Size Error while Encrypting Data ",e);
} catch (InvalidAlgorithmParameterException e) {
logger.error(lFuncName + " Invalid Alogirthm Parameter Error while Encrypting Data ",e);
} catch (UnsupportedEncodingException e) {
logger.error(lFuncName + " Unsupported Encoding Exception Error while Encrypting Data ",e);
}catch(Exception e){
logger.error(lFuncName + " Error while Encrypting Data ",e);
return encryptedFinal;
* Decrypts the encrypted data based on the key and algorithm
* @param data
* @return
public String decrypt (String data){
String lFuncName = "EncryptUil :: decrypt(): ";
byte[] decrypted = null;
byte[] decryptedFinal = null;
String decryptedData = "";
try{
if(data!=null && data.length()>0){
cipher.init(Cipher.DECRYPT_MODE, skeySpec);
decrypted = new BASE64Decoder().decodeBuffer(data);
decryptedFinal = (cipher.doFinal(decrypted));
decryptedData = this.bytes2String(decryptedFinal);
} catch (InvalidKeyException e) {
logger.error(lFuncName + "Invalid Key Error while Decrypting Data ",e);
} catch (BadPaddingException e) {
logger.error(lFuncName + "Bad Padding Error while Decrypting Data ",e);
} catch (IllegalBlockSizeException e) {
logger.error(lFuncName + " Illegal Block Size Error while Decrypting Data ",e);
} catch (IOException e) {
logger.error(lFuncName + " IO Exception while Decrypting Data ",e);
}catch (Exception e){
logger.error(lFuncName + " Error while Decrypting Data ",e);
return decryptedData;
private String bytes2String( byte[] bytes )
StringBuffer stringBuffer = new StringBuffer();
for (int i = 0; i < bytes.length; i++)
stringBuffer.append( (char) bytes[i] );
return stringBuffer.toString();
}The EncryptUtil is invoked as follows:EncryptUtil encryptUtil = new EncryptUtil("finalKey retrieved when application starts");
encryptUtil.encrypt(unencryptedData);shannara wrote:
thanks for your reply.
I am sorry but I am not able to get you exactly. Every time I invoke the Utility class, I do a
EncryptUtil eUtil = new EncryptUtil() Good. You seem to be using it in a thread safe manner since you create a new instance each time you need to use one.
>
and then invoke the decrypt() or encrypt() method, which gets the key from the cache (it is a read only object, so no problems of concurrent modification or any thing of that sort). And also these methods are called from a normal java class only, which inturn may be called from a jsp/servlet, but no scenarios of any concurrent access as such, so based on what you said, I am not able to figure out where exactly the thread safety could come as an issue.Each instance of a jsp or servlet can be being processed by many threads at the same time. Your statement above hints at a possible lack of understand on this point though I could be just reading it wrong. It indicates to me that your problem may be nothing to do with the encryption and everything to do with 'concurrent access' .
Make sure you have no instance variables or class variables in your jsp(s) and servlet(s).
Edit: The more I think about this the more I believe you have a thread safety problem in the code that reads the key. I would concentrate on that.
Edited by: sabre150 on Dec 18, 2007 10:10 AM -
Javax.crypto reference in NW Dev Studio
Has anyone encountered and resolved the issue with trying to reference javax.crypto.* as an import with the Netweaver Development Studio?
i.e. Add a line like the following to your code:
Cipher c;
Then organise imports; and javax.cryto.cipher will be added but not found.
Thanks,
MattSimple really - Just needed to add JCE.jar reference to project (wasn't automatically done like the others). Oh well - now I can debug my provider problem.
-
An issue with authentication and authorization on ISE 1.2
Hi, I'm new to ISE.
I have an issue with authentication and authorization.
I have ISE 1.2 plus patch 6 installed on VMware.
I have built-in Windows XP supplicant and 2960 cisco switch with IOS c2960-lanbasek9-mz.150-2.SE5.bin
On supplicant I use EAP(PEAP) with EAP-MSCHAP v2.
I created authentication and authorization rules with Active Directory as External Identity Source. Also I applied authorization profile with DACL.I login on Windows XP machine under different Active Directory accounts. Everything works fine (authentication, authorization ), but only for several hours. After several hours passed , authentication and authorization stop working . I can see that ISE trying authenticate and authorize users, but ISE always use only one account for authentication and authorization . Even if I login under different accounts ISE continue to use only one last account.
I traied to reboot switch and PC,but it didn’t help. Only rebooting of ISE helps. After ISE rebooting, authentication and authorization start to work properly for several hours.
I don’t understand is it a glitch or I misconfigured ISE or switch, supplicant?
What should I do to resolve this issue?
Switch configuration:
testISE#sh runn
Building configuration...
Current configuration : 7103 bytes
! Last configuration change at 12:20:15Tue Apr 15 2014
! NVRAM config last updated at 10:35:02 Tue Apr 15 2014
version 15.0
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname testISE
boot-start-marker
boot-end-marker
no logging console
logging monitor informational
enable secret 5 ************
enable password ********
username radius-test password 0 ********
username admin privilege 15 secret 5 ******************
aaa new-model
aaa authentication dot1x default group radius
aaa authorization network default group radius
aaa authorization auth-proxy default group radius
aaa accounting update periodic 5
aaa accounting dot1x default start-stop group radius
aaa server radius dynamic-author
client 172.16.0.90 server-key ********
aaa session-id common
clock timezone 4 0
system mtu routing 1500
authentication mac-move permit
ip dhcp snooping vlan 1,22
ip dhcp snooping
ip domain-name elauloks
ip device tracking probe use-svi
ip device tracking
epm logging
crypto pki trustpoint TP-self-signed-1888913408
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1888913408
revocation-check none
rsakeypair TP-self-signed-1888913408
crypto pki certificate chain TP-self-signed-1888913408
dot1x system-auth-control
spanning-tree mode pvst
spanning-tree extend system-id
vlan internal allocation policy ascending
ip ssh version 2
interface FastEthernet0/5
switchport mode access
ip access-group ACL-ALLOW in
authentication event fail action next-method
authentication event server dead action reinitialize vlan 1
authentication event server alive action reinitialize
authentication host-mode multi-auth
authentication open
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
authentication violation restrict
mab
dot1x pae authenticator
dot1x timeout tx-period 10
spanning-tree portfast
interface FastEthernet0/6
switchport mode access
ip access-group ACL-ALLOW in
authentication event fail action next-method
authentication event server dead action reinitialize vlan 1
authentication event server alive action reinitialize
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
authentication violation restrict
mab
dot1x pae authenticator
dot1x timeout tx-period 10
spanning-tree portfast
interface FastEthernet0/7
interface Vlan1
ip address 172.16.0.204 255.255.240.0
no ip route-cache
ip default-gateway 172.16.0.1
ip http server
ip http secure-server
ip access-list extended ACL-ALLOW
deny icmp any host 172.16.0.1
permit ip any any
ip radius source-interface Vlan1
logging origin-id ip
logging source-interface Vlan1
logging host 172.16.0.90 transport udp port 20514
snmp-server community public RO
snmp-server community ciscoro RO
snmp-server trap-source Vlan1
snmp-server source-interface informs Vlan1
snmp-server enable traps snmp linkdown linkup
snmp-server enable traps mac-notification change move
snmp-server host 172.16.0.90 ciscoro
radius-server attribute 6 on-for-login-auth
radius-server attribute 6 support-multiple
radius-server attribute 8 include-in-access-req
radius-server attribute 25 access-request include
radius-server dead-criteria time 5 tries 3
radius-server vsa send accounting
radius-server vsa send authentication
radius server ISE-Alex
address ipv4 172.16.0.90 auth-port 1812 acct-port 1813
automate-tester username radius-test idle-time 15
key ******
ntp server 172.16.0.1
ntp server 172.16.0.5
endYes. Tried that (several times) didn't work. 5 people in my office, all with vers. 6.0.1 couldn't access their gmail accounts. Kept getting error message that username and password invalid. Finally solved the issue by using Microsoft Exchange and "m.google.com" as server and domain and that the trick. Think there is an issue with imap.gmail.com and IOS 6.0.1. I'm sure the 5 of us suddently experiencing this issue aren't the only ones. Apple will figure it out. Thanks.
-
Calling issue with Cisco 7937 conference station
Hi Friends,
I am facing issue wiht Cisco 7937 conference station, our customer have various branch offices accross the world. All branches are connected over MPLS through service provider( SIP service provider) . there is a centralized CUCM and remote office have SIP Voice gateways .
When making calls from once remote site to another using Cisco 6921 phones calls working fine
When making calls from once remote site to another using Cisco 7937 conference station to make call any phone at remote office, calls are getting disconneted, remote phone rings when calls, but its gets fast busy tone when other party picks up the phone and not able to talk.
I suspect the issue with Codec but we have configured transcoders in VG and registered with CUCM
Please help me if any one experience such issue earlier.
Regards
Sivahi Basant,
1. Actually tow phones A and B are registerd with centralized CUCM, A and B are located in two different locations, RTP traffic between And B pass through service provider.
Call Flow --> Phone A ---->CUCMRouterpattern--> SIP trunk ----> Voice gateway--->Service provider cloud---> Respective Voice Gateway---> CUCM -- Phone B
Show Run
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2014.02.27 15:14:52 =~=~=~=~=~=~=~=~=~=~=~=
sh run
Building configuration...
Current configuration : 12139 bytes
! Last configuration change at 06:35:59 UTC Tue Feb 25 2014
! NVRAM config last updated at 11:16:38 UTC Mon Feb 24 2014 by administrator
! NVRAM config last updated at 11:16:38 UTC Mon Feb 24 2014 by administrator
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname eucamvgw01
boot-start-marker
boot system flash:c2900-universalk9-mz.SPA.151-4.M5.bin
boot-end-marker
card type e1 0 0
logging buffered 51200 warnings
no logging console
no aaa new-model
no network-clock-participate wic 0
no ipv6 cef
ip source-route
ip traffic-export profile cuecapture mode capture
bidirectional
ip cef
ip multicast-routing
ip domain name drreddys.eu
ip name-server 10.197.20.1
ip name-server 10.197.20.2
multilink bundle-name authenticated
stcapp ccm-group 2
stcapp
stcapp feature access-code
stcapp feature speed-dial
stcapp supplementary-services
port 0/1/0
fallback-dn 5428025
port 0/1/1
fallback-dn 5428008
port 0/1/2
fallback-dn 5421462
port 0/1/3
fallback-dn 5421463
isdn switch-type primary-net5
crypto pki token default removal timeout 0
voice-card 0
dsp services dspfarm
voice call send-alert
voice call disc-pi-off
voice call convert-discpi-to-prog
voice rtp send-recv
voice service voip
ip address trusted list
ipv4 10.198.0.0 255.255.255.0
ipv4 152.63.1.0 255.255.255.0
address-hiding
allow-connections sip to sip
no supplementary-service h225-notify cid-update
no supplementary-service sip moved-temporarily
no supplementary-service sip refer
fax protocol t38 version 0 ls-redundancy 0 hs-redundancy 0 fallback none
fax-relay ans-disable
sip
rel1xx supported "track"
privacy pstn
no update-callerid
early-offer forced
call-route p-called-party-id
voice class uri 100 sip
host 41.206.187.71
voice class codec 10
codec preference 1 g711alaw
codec preference 2 g711ulaw
codec preference 3 ilbc
codec preference 4 g729r8
codec preference 5 g729br8
voice class codec 20
codec preference 1 g729br8
codec preference 2 g729r8
voice moh-group 1
moh flash:moh/Panjo.alaw.wav
description MOH G711 alaw
multicast moh 239.1.1.2 port 16384 route 10.198.2.9
voice translation-rule 1
rule 1 /^012237280\(..\)/ /54280\1/
rule 2 /^012236514\(..\)/ /54214\1/
rule 3 /^01223651081/ /5428010/
rule 4 /^01223506701/ /5428010/
voice translation-rule 2
rule 1 /^00\(.+\)/ /+\1/
rule 2 /^0\(.+\)/ /+44\1/
rule 3 /^\([0-9].+\)/ /+\1/
voice translation-rule 3
rule 1 /^9\(.+\)/ /\1/
rule 2 /^\+44\(.+\)/ /0\1/
rule 3 /^\+\(.+\)/ /00\1/
voice translation-rule 4
rule 1 /^54280\(..\)/ /12237280\1/
rule 2 /^54214\(..\)/ /12236514\1/
rule 3 /^\+44\(.+\)/ /\1/
rule 4 /^.54280\(..\)/ /12237280\1/
rule 5 /^.54214\(..\)/ /12236514\1/
voice translation-rule 9
rule 1 /^\(....\)/ /542\1/
voice translation-rule 10
voice translation-rule 11
rule 1 /^\+44122372\(....\)/ /542\1/
rule 2 /^\+44122365\(....\)/ /542\1/
voice translation-rule 12
voice translation-rule 13
rule 1 /^\([18]...\)/ /542\1/
voice translation-rule 14
voice translation-profile MPLS-incoming
translate calling 10
translate called 9
voice translation-profile MPLS-outgoing
translate calling 11
translate called 12
voice translation-profile PSTN-incoming
translate calling 2
translate called 1
voice translation-profile PSTN-outgoing
translate calling 4
translate called 3
voice translation-profile SRST-incoming
translate calling 14
translate called 13
license udi pid CISCO2921/K9 sn FGL145110RE
hw-module ism 0
hw-module pvdm 0/0
username administrator privilege 15 secret 5 $1$syu5$DsxdOgfS7Wltx78o4PV.60
redundancy
controller E1 0/0/0
ip tcp path-mtu-discovery
ip scp server enable
interface Embedded-Service-Engine0/0
no ip address
shutdown
interface GigabitEthernet0/0
description internal LAN
ip address 10.198.2.9 255.255.255.0
duplex auto
speed auto
interface ISM0/0
ip unnumbered GigabitEthernet0/0
service-module ip address 10.198.2.8 255.255.255.0
!Application: CUE Running on ISM
service-module ip default-gateway 10.198.2.9
interface GigabitEthernet0/1
description to TATA NGN
ip address 115.114.225.122 255.255.255.252
duplex auto
speed auto
interface GigabitEthernet0/2
description SIP Trunks external
ip address 79.121.254.83 255.255.255.248
ip access-group SIP-InBound in
ip traffic-export apply cuecapture size 8000000
duplex auto
speed auto
interface ISM0/1
description Internal switch interface connected to Internal Service Module
no ip address
shutdown
interface Vlan1
no ip address
ip forward-protocol nd
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 10.198.2.1
ip route 10.198.2.8 255.255.255.255 ISM0/0
ip route 41.206.187.0 255.255.255.0 115.114.225.121
ip route 77.37.25.46 255.255.255.255 79.121.254.81
ip route 83.245.6.81 255.255.255.255 79.121.254.81
ip route 83.245.6.82 255.255.255.255 79.121.254.81
ip route 95.223.1.107 255.255.255.255 79.121.254.81
ip route 192.54.47.0 255.255.255.0 79.121.254.81
ip access-list extended SIP-InBound
permit ip host 77.37.25.46 any
permit ip host 83.245.6.81 any
permit ip host 83.245.6.82 any
permit ip 192.54.47.0 0.0.0.255 any
permit icmp any any
permit ip host 95.223.1.107 any
deny ip any any log
control-plane
voice-port 0/1/0
compand-type a-law
timeouts initial 60
timeouts interdigit 60
timeouts ringing infinity
caller-id enable
voice-port 0/1/1
compand-type a-law
timeouts initial 60
timeouts interdigit 60
timeouts ringing infinity
caller-id enable
voice-port 0/1/2
compand-type a-law
timeouts initial 60
timeouts interdigit 60
timeouts ringing infinity
caller-id enable
voice-port 0/1/3
compand-type a-law
timeouts initial 60
timeouts interdigit 60
timeouts ringing infinity
caller-id enable
no ccm-manager fax protocol cisco
ccm-manager music-on-hold bind GigabitEthernet0/0
ccm-manager config server 152.63.1.19 152.63.1.100 172.27.210.5
ccm-manager sccp local GigabitEthernet0/0
ccm-manager sccp
mgcp profile default
sccp local GigabitEthernet0/0
sccp ccm 10.198.2.9 identifier 3 priority 3 version 7.0
sccp ccm 152.63.1.19 identifier 4 version 7.0
sccp ccm 152.63.1.100 identifier 5 version 7.0
sccp ccm 172.27.210.5 identifier 6 version 7.0
sccp
sccp ccm group 2
bind interface GigabitEthernet0/0
associate ccm 4 priority 1
associate ccm 5 priority 2
associate ccm 6 priority 3
associate ccm 3 priority 4
associate profile 1002 register CFB_UK_CAM_02
associate profile 1001 register XCODE_UK_CAM_02
associate profile 1000 register MTP_UK_CAM_02
dspfarm profile 1001 transcode
codec ilbc
codec g722-64
codec g729br8
codec g729r8
codec gsmamr-nb
codec pass-through
codec g711ulaw
codec g711alaw
codec g729ar8
codec g729abr8
maximum sessions 18
associate application SCCP
dspfarm profile 1002 conference
codec g711ulaw
codec g711alaw
codec g729ar8
codec g729abr8
codec g729r8
codec g729br8
maximum sessions 2
associate application SCCP
dspfarm profile 1000 mtp
codec g711alaw
maximum sessions software 200
associate application SCCP
dial-peer cor custom
name SRSTMode
dial-peer cor list SRST
member SRSTMode
dial-peer voice 100 voip
description *** Inbound CUCM ***
translation-profile incoming PSTN-incoming
incoming called-number .
voice-class codec 10
voice-class sip call-route p-called-party-id
dtmf-relay rtp-nte
no vad
dial-peer voice 500 voip
description *** Inbound TATA MPLS ***
translation-profile incoming MPLS-incoming
session protocol sipv2
session target sip-server
incoming called-number ....
incoming uri from 100
voice-class codec 20
dtmf-relay rtp-nte
no vad
dial-peer voice 510 voip
description *** Outbound TATA MPLS ***
translation-profile outgoing MPLS-outgoing
destination-pattern 54[013-9]....
session protocol sipv2
session target ipv4:41.206.187.71
session transport udp
voice-class codec 20
dtmf-relay rtp-nte
no vad
dial-peer voice 520 voip
description *** Outbound TATA MPLS ***
translation-profile outgoing MPLS-outgoing
destination-pattern 5[0-35-9].....
session protocol sipv2
session target ipv4:41.206.187.71
session transport udp
voice-class codec 20
dtmf-relay rtp-nte
no vad
dial-peer voice 200 voip
description *** Inbound M12 *** 01223651081, 01223651440 - 01223651489
translation-profile incoming PSTN-incoming
session protocol sipv2
session target sip-server
session transport udp
incoming called-number 0122365....
dtmf-relay rtp-nte
codec g711ulaw
no vad
dial-peer voice 201 voip
description *** Inbound M12 *** 012237280XX
translation-profile incoming PSTN-incoming
session protocol sipv2
session target sip-server
session transport udp
incoming called-number 012237280..
dtmf-relay rtp-nte
codec g711ulaw
no vad
dial-peer voice 202 voip
description *** Inbound M12 *** 01223506701
translation-profile incoming PSTN-incoming
session protocol sipv2
session target sip-server
session transport udp
incoming called-number 01223506701
dtmf-relay rtp-nte
codec g711ulaw
no vad
dial-peer voice 210 voip
description *** Outbound M12 ***
translation-profile outgoing PSTN-outgoing
destination-pattern +...T
session protocol sipv2
session target ipv4:83.245.6.81
session transport udp
dtmf-relay rtp-nte
codec g711alaw
no vad
dial-peer voice 211 voip
description *** Outbound ISDN for SRST and emergency ***
translation-profile outgoing PSTN-outgoing
destination-pattern 9.T
session protocol sipv2
session target ipv4:83.245.6.81
session transport udp
dtmf-relay rtp-nte
codec g711alaw
no vad
dial-peer voice 212 voip
description *** Outbound ISDN for emergency ***
translation-profile outgoing PSTN-outgoing
destination-pattern 11[02]
session protocol sipv2
session target ipv4:83.245.6.81
session transport udp
dtmf-relay rtp-nte
codec g711alaw
no vad
dial-peer voice 2000 voip
description *** Outbound to CUCM Primary ***
preference 1
destination-pattern 542....
session protocol sipv2
session target ipv4:152.63.1.19
voice-class codec 10
voice-class sip call-route p-called-party-id
dtmf-relay rtp-nte
no vad
dial-peer voice 2001 voip
description *** Outbound to CUCM Secondary ***
preference 2
destination-pattern 542....
session protocol sipv2
session target ipv4:152.63.1.100
voice-class codec 10
voice-class sip call-route p-called-party-id
dtmf-relay rtp-nte
no vad
dial-peer voice 2002 voip
description *** Outbound to CUCM Teritiary ***
preference 3
destination-pattern 542....
session protocol sipv2
session target ipv4:172.27.210.5
voice-class codec 10
voice-class sip call-route p-called-party-id
dtmf-relay rtp-nte
no vad
dial-peer voice 999010 pots
service stcapp
port 0/1/0
dial-peer voice 999011 pots
service stcapp
port 0/1/1
dial-peer voice 999012 pots
service stcapp
port 0/1/2
dial-peer voice 999013 pots
service stcapp
port 0/1/3
sip-ua
no remote-party-id
gatekeeper
shutdown
call-manager-fallback
secondary-dialtone 9
max-conferences 4 gain -6
transfer-system full-consult
ip source-address 10.198.2.9 port 2000
max-ephones 110
max-dn 400 dual-line no-reg
translation-profile incoming SRST-incoming
moh flash:/moh/Panjo.ulaw.wav
multicast moh 239.1.1.1 port 16384 route 10.198.2.9
time-zone 22
time-format 24
date-format dd-mm-yy
line con 0
login local
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line 131
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
session-timeout 60
exec-timeout 60 0
privilege level 15
login local
transport input all
line vty 5 15
session-timeout 60
exec-timeout 60 0
privilege level 15
login local
transport input all
scheduler allocate 20000 1000
ntp server 10.1.30.1
end
eucamvgw01#
Sh SCCP
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2014.03.03 17:57:44 =~=~=~=~=~=~=~=~=~=~=~=
SCCP Admin State: UP
Gateway Local Interface: GigabitEthernet0/0
IPv4 Address: 10.198.2.9
Port Number: 2000
IP Precedence: 5
User Masked Codec list: None
Call Manager: 10.198.2.9, Port Number: 2000
Priority: 3, Version: 7.0, Identifier: 3
Call Manager: 152.63.1.19, Port Number: 2000
Priority: N/A, Version: 7.0, Identifier: 4
Trustpoint: N/A
Call Manager: 152.63.1.100, Port Number: 2000
Priority: N/A, Version: 7.0, Identifier: 5
Trustpoint: N/A
Call Manager: 172.27.210.5, Port Number: 2000
Priority: N/A, Version: 7.0, Identifier: 6
Trustpoint: N/A
MTP Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Profile Identifier: 1000
Reported Max Streams: 400, Reported Max OOS Streams: 0
Supported Codec: g711alaw, Maximum Packetization Period: 30
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: rfc2833 pass-thru, Maximum Packetization Period: 30
Supported Codec: inband-dtmf to rfc2833 conversion, Maximum Packetization Period: 30
TLS : ENABLED
Transcoding Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Profile Identifier: 1001
Reported Max Streams: 36, Reported Max OOS Streams: 0
Supported Codec: ilbc, Maximum Packetization Period: 120
Supported Codec: g722r64, Maximum Packetization Period: 30
Supported Codec: g729br8, Maximum Packetization Period: 60
Supported Codec: g729r8, Maximum Packetization Period: 60
Supported Codec: gsmamr-nb, Maximum Packetization Period: 60
Supported Codec: pass-thru, Maximum Packetization Period: N/A
Supported Codec: g711ulaw, Maximum Packetization Period: 30
Supported Codec: g711alaw, Maximum Packetization Period: 30
Supported Codec: g729ar8, Maximum Packetization Period: 60
Supported Codec: g729abr8, Maximum Packetization Period: 60
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: rfc2833 pass-thru, Maximum Packetization Period: 30
Supported Codec: inband-dtmf to rfc2833 conversion, Maximum Packetization Period: 30
Conferencing Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Profile Identifier: 1002
Reported Max Streams: 16, Reported Max OOS Streams: 0
Supported Codec: g711ulaw, Maximum Packetization Period: 30
Supported Codec: g711alaw, Maximum Packetization Period: 30
Supported Codec: g729ar8, Maximum Packetization Period: 60
Supported Codec: g729abr8, Maximum Packetization Period: 60
Supported Codec: g729r8, Maximum Packetization Period: 60
Supported Codec: g729br8, Maximum Packetization Period: 60
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: rfc2833 pass-thru, Maximum Packetization Period: 30
Supported Codec: inband-dtmf to rfc2833 conversion, Maximum Packetization Period: 30
TLS : ENABLED
Alg_Phone Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Device Name: AN71FEF7F070080
Reported Max Streams: 1, Reported Max OOS Streams: 0
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: g711ulaw, Maximum Packetization Period: 20
Supported Codec: g711alaw, Maximum Packetization Period: 20
Supported Codec: g729r8, Maximum Packetization Period: 220Supported Codec: g729ar8, Maximum Packetization Period: 220
Supported Codec: g729br8, Maximum Packetization Period: 220
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: ilbc, Maximum Packetization Period: 120
Alg_Phone Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Device Name: AN71FEF7F070081
Reported Max Streams: 1, Reported Max OOS Streams: 0
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: g711ulaw, Maximum Packetization Period: 20
Supported Codec: g711alaw, Maximum Packetization Period: 20
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: g729ar8, Maximum Packetization Period: 220
Supported Codec: g729br8, Maximum Packetization Period: 220
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: ilbc, Maximum Packetization Period: 120
Alg_Phone Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Device Name: AN71FEF7F070082
Reported Max Streams: 1, Reported Max OOS Streams: 0
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: g711ulaw, Maximum Packetization Period: 20Supported Codec: g711alaw, Maximum Packetization Period: 20
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: g729ar8, Maximum Packetization Period: 220
Supported Codec: g729br8, Maximum Packetization Period: 220
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: ilbc, Maximum Packetization Period: 120
Alg_Phone Oper State: ACTIVE - Cause Code: NONE
Active Call Manager: 152.63.1.19, Port Number: 2000
TCP Link Status: CONNECTED, Device Name: AN71FEF7F070083
Reported Max Streams: 1, Reported Max OOS Streams: 0
Supported Codec: rfc2833 dtmf, Maximum Packetization Period: 30
Supported Codec: g711ulaw, Maximum Packetization Period: 20
Supported Codec: g711alaw, Maximum Packetization Period: 20
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: g729ar8, Maximum Packetization Period: 220
Supported Codec: g729br8, Maximum Packetization Period: 220
Supported Codec: g729r8, Maximum Packetization Period: 220
Supported Codec: ilbc, Maximum Packetization Period: 120
eucamvgw01#
Maybe you are looking for
-
Oracle 11g Application Express 3.2.0.00.27 SSL_CLIENT_S_DN not being set if the user has "Use TLS 1.1" or "Use TLS 1.2" checked in Internet Explorer Advanced Settings. We are using mod_ossl, are there any updates to this module that would fix the abo
-
Albums disappeared (Elements 11 under Windows 7) - how to search/retrieve?
Completely frustrated, started to rearrange my photos into Albums after the functionality to sort after file name was unexplainably abolished. After having arranged 5 albums over a number of days , all of them have disappeard after start of Elements
-
SCCM 2012 R2 Install - Reporting Services Point, Remote SRS Server
Hi all, Here's a brief run down of the setup so far. SCCM 2012 R2 installed on Windows 2012 R2 (SCCM01). SQL 2012 back end is off box, on a separate cluster (SQL01C01). Reporting Services for SQL 2012 is due to be installed on a different server (SRS
-
File not showing up inside iTune
Hi. I have some albums I bought from iTunes store that came with a pdf album liner file. The pdf liner used to show up inside iTunes, but they no longer do, even though they are inside the correct folder and can be seen via Finder. When I add them to
-
How to Create an XML document from XSQL servlet which follows a particular DTD struct
how to Create an XML document from XSQL servlet which follows a particular DTD structure.Could anyone send me a sample code for this.