KeyStore Algorithm & Cipher Algorithm
Hi,
Generated the KeyStore using the keytool using Default KeyStrore Type & KeyStore = User, Password=password
With keystore am able to retrieve the both Private & Public Keys by making use of KeyStore.getDefaultType())
When i tried 2 encrypt the message using the params Cipher, PublicKey, MESSAGE, Cipher.ENCRYPT_MODE
As above cipher is initialized with "RSA" & meantime the KeyStore is also created by "RSA"
But when program is executed, getting an error "java.security.InvalidKeyException: Could not initialize for signing with the given key"
Kindly inform me what must be the [-keyalg <keyalg>] used for both KeyStore & initialization of Cipher
NOTE: am using the JDK1.4
Cordially
can u send me the code for the signing.
Rgds,
Anand
Similar Messages
-
NoSuchAlgorithmException : Algorithm DESede not available
Hi,
Could any one tell me why this error comes
The particular method which throws the Exception is
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DESede");
The Exception stackTrace is
java.security.NoSuchAlgorithmException: Algorithm DESede not available
at javax.crypto.SunJCE_b.a(DashoA6275)
at javax.crypto.SecretKeyFactory.getInstance(DashoA6275)
at com.orbitech.armor.syncd.server.ArmorKeyTabFile.ReadKeyTabFile(ArmorK
eyTabFile.java:173)
at com.orbitech.armor.syncd.server.OracleRegistryPlugin.init(OracleRegis
tryPlugin.java:210)
at ArmorSystemServlet.processPrnInfo(ArmorSystemServlet.java:194)
at ArmorSystemServlet.doPost(ArmorSystemServlet.java:137)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:733)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:826)
at com.netscape.server.http.servlet.NSServletRunner.Service(NSServletRun
ner.java:533)
com.orbitech.armor.syncd.server.ArmorException: Error in Reading Keytab file
at com.orbitech.armor.syncd.server.ArmorKeyTabFile.ReadKeyTabFile(ArmorK
eyTabFile.java:212)
at com.orbitech.armor.syncd.server.OracleRegistryPlugin.init(OracleRegis
tryPlugin.java:210)
at ArmorSystemServlet.processPrnInfo(ArmorSystemServlet.java:194)
at ArmorSystemServlet.doPost(ArmorSystemServlet.java:137)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:733)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:826)
at com.netscape.server.http.servlet.NSServletRunner.Service(NSServletRun
ner.java:533)
Im trying to use JCE api's in a servlet running under a iplanet ssl server. Also my classpath setting contains the jce jars as well.
I am able to see very well the SunJCE provider and the algorithm are installed. The code I used too see them is
System.out.println("Cipher algorithms : ");
Object[] o = Security.getAlgorithms("Cipher").toArray();
for (int i=0; i<o.length; i++) {
System.out.println((String) o[ i ]);
Cipher algorithms :
BLOWFISH
DESEDE
PBEWITHMD5ANDTRIPLEDES
DES
PBEWITHMD5ANDDES
System.out.println("MessageDigest algorithms : ");
o = Security.getAlgorithms("MessageDigest").toArray();
for (int i=0; i<o.length; i++) {
System.out.println((String) o[ i ]);
MessageDigest algorithms :
MD5
SHA
System.out.println("Signature algorithms : ");
o = Security.getAlgorithms("Signature").toArray();
for (int i=0; i<o.length; i++) {
System.out.println((String) o[ i ]);
Signature algorithms :
MD2WITHRSA
MD5WITHRSA
SHA1WITHDSA
SHA1WITHRSA
System.out.println("Mac algorithms : ");
o = Security.getAlgorithms("Mac").toArray();
for (int i=0; i<o.length; i++) {
System.out.println((String) o[ i ]);
Mac algorithms :
HMACSHA1
HMACMD5
System.out.println("Keystore algorithms : ");
o = Security.getAlgorithms("Keystore").toArray();
for (int i=0; i<o.length; i++) {
System.out.println((String) o[ i ]);
Keystore algorithms :
PKCS12
JCEKS
JKS
System.out.println("Providers : ");
Provider p[] = Security.getProviders();
for(int i = 0; i<p.length; i++) {
System.out.println( p.getName());
Providers :
SUN
SunJSSE
SunRsaSign
SunJCE
SunJGSS
Thanks in advance
regds........jptry this...it worked for me......
put all four JCE jar files in the ext folder buried deep inside ur program files ...I have it in >> "C:\Program Files\Java\j2re1.4.1_02\lib\ext" folder .Now edit the file "C:\Program Files\Java\j2re1.4.1_02\lib\security\java.security" and add register ur provider by adding the line>> security.provider.2=com.sun.crypto.provider.SunJCE
save the file and rerun the program..the exception should vanish..
Sanjit R
US Software Pvt Ltd
Technopark,
Trivandrum
Kerala
India -
Invalid Key Exception: Unsupported key type: Sun RSA public key, 1024 bits
I am trying to retrieve certificates from Microsoft Keystore and extract its keys using SunMSCAPI in jdk 1.6. It gives me an invalid key exception, when I am trying to wrap the Symmetric key (which was previously used to perform AES encryption on data), using RSA algorithm.
Code snippet:
// RSA 1024 bits Asymmetric encryption of Symmetric AES key
// List the certificates from Microsoft KeyStore using SunMSCAPI.
System.out.println("List of certificates found in Microsoft Personal Keystore:");
KeyStore ks = KeyStore.getInstance("Windows-MY", "SunMSCAPI");
ks.load(null, null) ;
Enumeration en = ks.aliases() ;
PublicKey RSAPubKey = null;
Key RSAPrivKey = null;
int i = 0;
while (en.hasMoreElements()) {
String aliasKey = (String)en.nextElement() ;
X509Certificate c = (X509Certificate) ks.getCertificate(aliasKey) ;
String sss = ks.getCertificateAlias(c);
if(sss.equals("C5151997"))
System.out.println("---> alias : " + sss) ;
i= i + 1;
String str = c.toString();
System.out.println(" Certificate details : " + str ) ;
RSAPubKey = c.getPublicKey();
RSAPrivKey = ks.getKey(aliasKey, null); //"mypassword".toCharArray()
Certificate[] chain = ks.getCertificateChain(aliasKey);
System.out.println("No of certificates found from Personal MS Keystore: " + i);
// Encrypt the generated Symmetric AES Key using RSA cipher
Cipher rsaCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", ks.getProvider().getName());
rsaCipher.init(Cipher.WRAP_MODE, RSAPubKey);
byte[] encryptedSymmKey = rsaCipher.wrap(aeskey);
System.out.println("Encrypted Symmetric Key :" + new String(encryptedSymmKey));
System.out.println("Encrypted Symmetric Key Length in Bytes: " + encryptedSymmKey.length);
// RSA Decryption of Encrypted Symmetric AES key
rsaCipher.init(Cipher.UNWRAP_MODE, RSAPrivKey);
Key decryptedKey = rsaCipher.unwrap(encryptedSymmKey, "AES", Cipher.SECRET_KEY);Output:
List of certificates found in Microsoft Personal Keystore:
---> alias : C5151997
Certificate details : [
Version: V3
Subject: CN=C5151997, O=SAP-AG, C=DE
Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5
Key: Sun RSA public key, 1024 bits
modulus: 171871587533146191561538456391418351861663300588728159334223437391061141885590024223283480319626015611710315581642512941578588886825766256507714725820048129123720143461110410353346492039350478625370269565346566901446816729164309038944197418238814947654954590754593726047828813400082450341775203029183105860831
public exponent: 65537
Validity: [From: Mon Jan 24 18:17:49 IST 2011,
To: Wed Jan 23 18:17:49 IST 2013]
Issuer: CN=SSO_CA, O=SAP-AG, C=DE
SerialNumber: [ 4d12c509 00000005 eb85]
Certificate Extensions: 6
[1]: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 07 E5 83 A1 B2 B7 DF 6B 4B 67 9C 1D 42 C9 0D F4 .......kKg..B...
0010: 35 76 D3 F7 5v..
[2]: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: E4 C4 2C 93 20 AF DA 4C F2 53 68 4A C0 E7 EC 30 ..,. ..L.ShJ...0
0010: 8C 0C 3B 9A ..;.
[3]: ObjectId: 1.3.6.1.4.1.311.21.7 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 30 30 2E 06 26 2B 06 01 04 01 82 37 15 08 82 .00..&+.....7...
0010: D1 E1 73 84 E4 FE 0B 84 FD 8B 15 83 E5 90 1B 83 ..s.............
0020: E6 A1 43 81 62 84 B1 DA 50 9E D3 14 02 01 64 02 ..C.b...P.....d.
0030: 01 1B ..
[4]: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
RFC822Name: [email protected]
[5]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
DigitalSignature
Non_repudiation
Key_Encipherment
Data_Encipherment
[6]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:false
PathLen: undefined
Algorithm: [SHA1withRSA]
Signature:
0000: B3 C5 92 66 8D D7 ED 6D 51 12 63 CC F4 52 18 B9 ...f...mQ.c..R..
0010: B8 A6 78 F7 ED 7D 78 18 DA 71 09 C9 AE C8 49 23 ..x...x..q....I#
0020: F5 32 2F 0F D1 C0 4C 08 2B 6D 3C 11 B9 5F 5B B5 .2/...L.+m<.._[.
0030: 05 D9 CA E6 F9 0A 94 14 E7 C6 7A DB 63 FE E5 EC ..........z.c...
0040: 48 94 8C 0D 77 92 59 DE 34 6E 77 1A 24 FE E3 C1 H...w.Y.4nw.$...
0050: D8 0B 52 6A 7E 22 13 71 D7 F8 AF D1 17 C8 64 4F ..Rj.".q......dO
0060: 83 EA 2D 6A CA 7F C3 84 37 15 FE 99 73 1D 7C D1 ..-j....7...s...
0070: 6D B4 99 09 62 B9 0F 18 33 4C C6 66 7A 9F C0 DB m...b...3L.fz...
No of certificates found from Personal MS Keystore: 1
Exception in thread "main" java.security.InvalidKeyException: Unsupported key type: Sun RSA public key, 1024 bits
modulus: 171871587533146191561538456391418351861663300588728159334223437391061141885590024223283480319626015611710315581642512941578588886825766256507714725820048129123720143461110410353346492039350478625370269565346566901446816729164309038944197418238814947654954590754593726047828813400082450341775203029183105860831
public exponent: 65537
at sun.security.mscapi.RSACipher.init(RSACipher.java:176)
at sun.security.mscapi.RSACipher.engineInit(RSACipher.java:129)
at javax.crypto.Cipher.init(DashoA13*..)
at javax.crypto.Cipher.init(DashoA13*..)
at com.sap.srm.crpto.client.applet.CryptoClass.main(CryptoClass.java:102)
Edited by: sabre150 on 18-Jul-2011 03:47
Added [ code] tags to make code readable.A bit of research indicates that the classes of the keys obtained by
RSAPubKey = c.getPublicKey();
RSAPrivKey = ks.getKey(aliasKey, null); //"mypassword".toCharArray()are sun.security.rsa.RSAPublicKeyImpl and sun.security.*mscapi*.RSAPrivateKey . It seems that for Cipher objects from the SunMSCAPI provider cannot accept RSA public keys of class sun.security.rsa.RSAPublicKeyImpl and that the SunMSCAPI will only accept RSA private keys of class sun.security.mscapi.RSAPrivateKey.
This came up under different guise a couple of years ago. It makes sense since encrypting/wrapping with a public key does not represent a security problem (there is nothing secret in any of the encryption operations) when done outside of MSCAPI so one can use any provider that has the capability BUT the decryption/unwrapping must be done with the SunMSCAPI provider which delegates it to the MSCAPI.
My working test code based on your code implementing this approach is :
// RSA 1024 bits Asymmetric encryption of Symmetric AES key
// List the certificates from Microsoft KeyStore using SunMSCAPI.
System.out.println("List of certificates found in Microsoft Personal Keystore:");
KeyStore ks = KeyStore.getInstance("Windows-MY", "SunMSCAPI");
ks.load(null, null);
Enumeration en = ks.aliases();
PublicKey RSAPubKey = null;
Key RSAPrivKey = null;
int i = 0;
while (en.hasMoreElements())
String aliasKey = (String) en.nextElement();
X509Certificate c = (X509Certificate) ks.getCertificate(aliasKey);
String sss = ks.getCertificateAlias(c);
if (sss.equals("rsa_key")) // The alias for my key - make sure you change it back to your alias
System.out.println("---> alias : " + sss);
i = i + 1;
String str = c.toString();
System.out.println(" Certificate details : " + str);
RSAPubKey = c.getPublicKey();
System.out.println(RSAPubKey.getClass().getName());
RSAPrivKey = ks.getKey(aliasKey, null); //"mypassword".toCharArray()
System.out.println(RSAPrivKey.getClass().getName());
Certificate[] chain = ks.getCertificateChain(aliasKey);
System.out.println(ks.getProvider().getName());
System.out.println("No of certificates found from Personal MS Keystore: " + i);
Cipher rsaCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");//, ks.getProvider().getName()); !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
rsaCipher.init(Cipher.WRAP_MODE, RSAPubKey);
byte[] keyBytes =
1, 2, 3, 4, 5, 6, 7, 8, 2, 3, 4, 5, 6, 7, 8, 9
SecretKey aeskey = new SecretKeySpec(keyBytes, "AES");
byte[] encryptedSymmKey = rsaCipher.wrap(aeskey);
System.out.println("Encrypted Symmetric Key :" + Arrays.toString(encryptedSymmKey));
System.out.println("Encrypted Symmetric Key Length in Bytes: " + encryptedSymmKey.length);
// RSA Decryption of Encrypted Symmetric AES key
Cipher unwrapRsaCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", ks.getProvider().getName()); //!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
unwrapRsaCipher.init(Cipher.UNWRAP_MODE, RSAPrivKey);
Key decryptedKey = unwrapRsaCipher.unwrap(encryptedSymmKey, "AES", Cipher.SECRET_KEY);
System.out.println("Decrypted Symmetric Key :" + Arrays.toString(decryptedKey.getEncoded())); // Matches the 'keyBytes' above -
Simulation using Eclipse plugin for JCOP tools
Dear All,
In search for a simulation environment for java card applet development I tried to use Eclipse plugin for JCOP tools.
The samples which comes with the JCOP tools works fine but when try to debug my applet I receive the error: Wrong Data 6A 80.
Generic JCOP v2.4.1 is selected for Java Card Simulation.
Following is the JCOP Shell screen:
cm- /term "Remote|localhost:8050"
--Opening terminal
/card -a a000000003000000 -c com.ibm.jc.CardManagerresetCard with timeout: 0 (ms)
--Waiting for card...
ATR=3B F8 13 00 00 81 31 FE 45 4A 43 4F 50 76 32 34 ;.....1.EJCOPv24
31 B7 1.
IOCTL().
ATR: T=1, FI=1/DI=3 (93clk/etu), N=0, IFSC=254, BWI=4/CWI=5, Hist="JCOPv241"
=> 00 A4 04 00 08 A0 00 00 00 03 00 00 00 00 ..............
(908058 nsec)
<= 6F 65 84 08 A0 00 00 00 03 00 00 00 A5 59 9F 65 oe...........Y.e
01 FF 9F 6E 06 47 91 92 18 00 00 73 4A 06 07 2A ...n.G.....sJ..*
86 48 86 FC 6B 01 60 0C 06 0A 2A 86 48 86 FC 6B .H..k.`...*.H..k
02 02 01 01 63 09 06 07 2A 86 48 86 FC 6B 03 64 ....c...*.H..k.d
0B 06 09 2A 86 48 86 FC 6B 04 02 15 65 0B 06 09 ...*.H..k...e...
2B 85 10 86 48 64 02 01 03 66 0C 06 0A 2B 06 01 +...Hd...f...+..
04 01 2A 02 6E 01 02 90 00 ..*.n....
Status: No Error
cm> set-key 255/1/DES-ECB/404142434445464748494a4b4c4d4e4f 255/2/DES-ECB/404142434445464748494a4b4c4d4e4f 255/3/DES-ECB/404142434445464748494a4b4c4d4e4f
cm> init-update 255
=> 80 50 00 00 08 B1 04 15 2B 41 3F 62 AB 00 .P......+A?b..
(2668 usec)
<= 00 00 F9 02 71 E3 BB AD BD CD FF 02 00 00 3D 02 ....q.........=.
9C 31 C7 89 AD 44 8E 13 17 15 2E 5A 90 00 .1...D.....Z..
Status: No Error
cm> ext-auth plain
=> 84 82 00 00 10 CE 6C DC D2 8C BE 5E 33 EC 58 D0 ......l....^3.X.
57 3A 52 D2 24 W:R.$
(2288 usec)
<= 90 00 ..
Status: No Error
cm> delete -r a00000006203010c04
=> 80 E4 00 80 0B 4F 09 A0 00 00 00 62 03 01 0C 04 .....O.....b....
00 .
(1084 usec)
<= 6A 88 j.
Status: Reference data not found
jcshell: Error code: 6a88 (Reference data not found)
jcshell: Wrong response APDU: 6A88
Ignoring expected error
cm> upload -d -b 250 "D:\JCOP\eclipse\projects\DigitalTachograph\bin\digitaltachograph\javacard\digitaltachograph.cap"
=> 80 E6 02 00 16 09 A0 00 00 00 62 03 01 0C 04 08 ..........b.....
A0 00 00 00 03 00 00 00 00 00 00 00 ............
(2100 usec)
<= 00 90 00 ...
Status: No Error
=> 80 E8 00 00 FA C4 82 84 42 01 00 25 DE CA FF ED ........B..%....
02 02 04 00 01 09 A0 00 00 00 62 03 01 0C 04 11 ..........b.....
64 69 67 69 74 61 6C 74 61 63 68 6F 67 72 61 70 digitaltachograp
68 02 00 21 00 25 00 21 00 0E 00 29 03 3E 00 CD h..!.%.!...).>..
23 D2 01 BB 04 44 00 00 09 E3 4B E5 00 11 00 05 #....D....K.....
01 A2 04 01 00 04 00 29 04 00 01 07 A0 00 00 00 .......)........
62 00 01 02 01 07 A0 00 00 00 62 01 01 02 01 07 b.........b.....
A0 00 00 00 62 01 02 02 01 07 A0 00 00 00 62 02 ....b.........b.
01 03 00 0E 01 0A A0 00 00 00 62 03 01 0C 04 01 ..........b.....
01 DF 06 00 CD 00 00 00 80 00 00 FF 00 01 00 00 ................
00 01 81 03 13 00 12 07 03 00 00 02 01 03 06 0B ................
8C 81 00 00 00 80 00 0B 00 0B 01 01 00 00 0B F9 ................
00 80 00 11 00 0F 01 01 00 10 0E A9 0D D4 0D F7 ................
0E 07 0E 18 0E 26 0E 35 0E 44 0E 50 0E 72 0E 81 .....&.5.D.P.r..
0E 90 0E 9B 0E F5 11 05 11 1A 11 50 00 80 00 05 ...........P....
00 04 01 04 00 01 13 AF 13 B5 13 BA 14 0C 13 00 ................
(6775 usec)
<= 6A 80 j.
Status: Wrong data
jcshell: Error code: 6a80 (Wrong data)
jcshell: Wrong response APDU: 6A80
Unexpected error; aborting execution
I will be very happy if you can help me. I am desperately in need of a working debugging environment.
Thanks in advance!
Kind regards,
Mehmet* Processes incoming READ_BINARY APDUs. Returns data of the currently
* selected file.
* @param apdu where the offset is carried in header bytes p1 and p2.
* @param le expected length by terminal
* @return length of the response APDU
private short processReadBinary(APDU apdu, boolean protectedApdu, short leUnprotected) {
if (!hasFileSelected()) {
ISOException.throwIt(SW_CONDITIONS_NOT_SATISFIED);
byte[] buffer = apdu.getBuffer();
// retrieve p1p2 from apdu buffer
byte p1 = buffer[OFFSET_P1];
byte p2 = buffer[OFFSET_P2];
short offset = Util.makeShort(p1, p2); // offset encoded in P1/P2, 15 lowest bit
// offset encoded in P1/P2, 15 lowest bit
// check if le != 0 <-- no response expected
if (leUnprotected == 0) {
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
if (selectedFile == null) {
ISOException.throwIt(ISO7816.SW_FILE_NOT_FOUND);
if ((selectedFile.getAccessConditions() & READ_REQUIRES_SM) == READ_REQUIRES_SM) {
if(!protectedApdu)
ISOException.throwIt(ISO7816.SW_SECURITY_STATUS_NOT_SATISFIED);
short fileSize = (short) selectedFile.getFileLength();
// check offset
if (offset >= fileSize) {
ISOException.throwIt(ISO7816.SW_INCORRECT_P1P2);
// check expected length
if ((short) (offset + leUnprotected) > fileSize) {
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
//ISOException.throwIt(SW_TAMAM);
short bufferOffset = 0;
crypto.setEncryptionStatus(isSelectedFileEncrypted());
if (protectedApdu) {
bufferOffset = crypto.getApduBufferOffsetDT(leUnprotected);
if(isSelectedFileEncrypted())
bufferOffset = crypto.getApduBufferOffset(leUnprotected);
apdu.setOutgoing();
Util.arrayCopyNonAtomic(selectedFile.getData(), offset, buffer, bufferOffset, leUnprotected);
return leUnprotected;
* Processes and UPDATE_BINARY apdu. Writes data in the currently selected
* file.
* @param apdu
* carries the offset where to write date in header bytes p1 and
* p2.
private void processUpdateBinary(APDU apdu, boolean protectedApdu) {
if (!hasFileSelected() || isLocked()) {
ISOException.throwIt(ISO7816.SW_COMMAND_NOT_ALLOWED);
if ((selectedFile.getAccessConditions() & DigitalTachograph.UPDATE_ALW) != DigitalTachograph.UPDATE_ALW) {
if ((selectedFile.getAccessConditions() & DigitalTachograph.UPDATE_REQUIRES_SM) != DigitalTachograph.UPDATE_REQUIRES_SM) {
ISOException.throwIt(ISO7816.SW_SECURITY_STATUS_NOT_SATISFIED);
return;
}else if(!protectedApdu){
ISOException.throwIt(ISO7816.SW_SECURITY_STATUS_NOT_SATISFIED);
byte[] buffer = apdu.getBuffer();
byte p1 = buffer[OFFSET_P1];
byte p2 = buffer[OFFSET_P2];
short offset = Util.makeShort(p1, p2);
short readCount = (short) (buffer[ISO7816.OFFSET_LC] & 0xff);
//if (!protectedApdu){
readCount = apdu.setIncomingAndReceive();
while (readCount > 0) {
selectedFile.writeData(offset, buffer, OFFSET_CDATA, readCount);
offset += readCount;
readCount = apdu.receiveBytes(ISO7816.OFFSET_CDATA);
private short processInternalAuthenticate(APDU apdu , boolean protectedApdu) throws CryptoException {
byte[] buffer = apdu.getBuffer();
short lc = (short) (buffer[OFFSET_LC] & 0xFF);
if (lc != (short) (KID_LENGTH * 2)) {
ISOException.throwIt(SW_WRONG_LENGTH);
if (apdu.setIncomingAndReceive() != lc) {
ISOException.throwIt(ISO7816.SW_WRONG_DATA);
// Check if VU.CHR maches the one of the selected certificate on the card
if (Util.arrayCompare(buffer, (short) (OFFSET_CDATA + KID_LENGTH), keyStore.selected_KID, (short) 0, KID_LENGTH) != 0) {
ISOException.throwIt(SW_REFERENCE_DATA_NOT_FOUND);
if (Util.arrayCopyNonAtomic(buffer, OFFSET_CDATA, Rnd1, (short) 0, (short) 8) != (short) 8) { // Receive Rnd1
ISOException.throwIt(ISO7816.SW_WRONG_DATA);
// Hash(PRnd2||K1||Rnd1||VU.CHR)
random.generateData(PRnd2, (short) 0, (short) 90);
random.generateData(K1, (short) 0, (short) 16);
crypto.shaDigest.update(PRnd2, (short) 0, (short) 90); // PRnd2
crypto.shaDigest.update(K1, (short) 0, (short) 16); // PRnd2||K1
crypto.shaDigest.doFinal(buffer, OFFSET_CDATA, lc, digest, (short) 0); //Rnd1||VU.CHR
BigNumber mod = new BigNumber((short) 128);
mod.init(keyStore.Card_PubMod, (short) 0, (short) keyStore.Card_PubMod.length, BigNumber.FORMAT_HEX);
mod.subtract(signed, (short) 0, (short) 128, BigNumber.FORMAT_HEX);
if (mod.compareTo(signed, (short) 0, (short) 128, BigNumber.FORMAT_HEX) == -1) {
mod.toBytes(signed, (short) 0, (short) 128, BigNumber.FORMAT_HEX);
// To be added: if the selected private key is considered corrupted, the processing state returned is '6400' or '6581'.
signed[0] = (byte) 0x6A;
Util.arrayCopyNonAtomic(PRnd2, (short) 0, signed, (short) 1, (short) 90);
Util.arrayCopyNonAtomic(K1, (short) 0, signed, (short) 91, (short) 16);
Util.arrayCopyNonAtomic(digest, (short) 0, signed, (short) 107, (short) 20);
signed[127] = (byte) 0xBC;
if (!keyStore.cardPrivateKey.isInitialized()) {
CryptoException.throwIt(CryptoException.ILLEGAL_VALUE);
try {
crypto.rsaSigner.init(keyStore.cardPrivateKey, Signature.MODE_SIGN);
crypto.rsaSigner.doFinal(signed, (short) 0, (short) 128, signed, (short) 0);
} catch (Exception e) {
ISOException.throwIt(SW_REFERENCE_DATA_NOT_FOUND);
if (!keyStore.selectedPublicKey.isInitialized()) {
CryptoException.throwIt(CryptoException.ILLEGAL_VALUE);
try {
crypto.rsaCipher.init(keyStore.selectedPublicKey, Cipher.MODE_ENCRYPT);
crypto.rsaCipher.doFinal(signed, (short) 0, (short) 128, signed, (short) 0);
} catch (Exception e) {
ISOException.throwIt(SW_REFERENCE_DATA_NOT_FOUND);
apdu.setOutgoing();
Util.arrayCopyNonAtomic(signed, (short) 0, buffer, (short) 0, (short) 128);
return (short) signed.length;
private void processExternalAuthenticate(APDU apdu) {
short equipmentType = 0;
if (keyStore.Selected_Cert != null) {
equipmentType = (short) keyStore.Selected_Cert.CHA[6]; // check equipment type
if (equipmentType != (short) 1 && equipmentType != (short) 2 && equipmentType != (short) 3 && equipmentType != (short) 4 && equipmentType != (short) 6) {
ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); // Instead of 6F00 throw a more meaningfull SW in case CHA is not valid.
if (Util.arrayCompare(keyStore.Selected_Cert.CHA, (short) 0, TACHOGRAPH_AID, (short) 0, (short) 6) != 0) {
ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED);
byte[] buffer = apdu.getBuffer();
byte p1 = (byte) (buffer[OFFSET_P1] & 0xff);
byte p2 = (byte) (buffer[OFFSET_P2] & 0xff);
if (p1 != 0 || p2 != 0) {
ISOException.throwIt(SW_WRONG_P1P2);
short lc = (short) (buffer[OFFSET_LC] & 0xFF);
if (lc != (short) (128)) {
ISOException.throwIt(SW_WRONG_LENGTH);
if (apdu.setIncomingAndReceive() != lc) {
ISOException.throwIt(ISO7816.SW_WRONG_DATA);
Util.arrayCopyNonAtomic(buffer, OFFSET_CDATA, signed, (short) 0, (short) 128); // receive the cryptogram from the VU
// decrypt the encrypted message with the card private key
try {
crypto.rsaCipher.init(keyStore.cardPrivateKey, Cipher.MODE_DECRYPT);
crypto.rsaCipher.doFinal(signed, (short) 0, (short) 128, signed, (short) 0);
} catch (Exception e) {
ISOException.throwIt(SW_REFERENCE_DATA_NOT_FOUND);
// verify the signature with the VU public key
try {
crypto.rsaCipher.init(keyStore.selectedPublicKey, Signature.MODE_VERIFY); // Cipher.MODE_ENCRYPT
crypto.rsaCipher.doFinal(signed, (short) 0, (short) 128, signed, (short) 0);
} catch (Exception e) {
ISOException.throwIt(SW_REFERENCE_DATA_NOT_FOUND);
if (signed[0] != (byte) 0x6A || signed[127] != (byte) 0xBC) {
ISOException.throwIt(Util.makeShort(signed[0], signed[127]));
try {
verifyCardCertificates();
Util.arrayCopyNonAtomic(signed, (short) 1, preDigest, (short) 0, (short) 106); // accumulate preDigest
Util.arrayCopyNonAtomic(Rnd3, (short) 0, preDigest, (short) 106, (short) 8); // accumulate preDigest
Util.arrayCopyNonAtomic(keyStore.Card_Cert.CHR, (short) 0, preDigest, (short) 114, (short) 8); // accumulate preDigest
Util.arrayCopyNonAtomic(signed, (short) 91, K2, (short) 0, (short) 16); // receive K2 value
crypto.shaDigest.update(signed, (short) 1, (short) 106); // PRnd4||K2
crypto.shaDigest.update(Rnd3, (short) 0, (short) 8); // Rnd3
crypto.shaDigest.doFinal(keyStore.Card_Cert.CHR, (short) 0, (short) 8, digest, (short) 0); //||Card.CHR
} catch (Exception e) {
ISOException.throwIt(SW_TAMAM);
if (Util.arrayCompare(signed, (short) 107, digest, (short) 0, (short) 20) != 0) {
ISOException.throwIt(SW_TAMAM);
volatileState[0] |= MUTUAL_AUTHENTICATED;
try {
DTUtil.xor(K1, (short) 0, K2, (short) 0, KaKb, (short) 0, (short) 16);
Util.arrayCopyNonAtomic(Rnd3, (short) 4, SSC, (short) 0, (short) 4); // tail of Rnd3
Util.arrayCopyNonAtomic(Rnd1, (short) 4, SSC, (short) 4, (short) 4); // tail of Rnd1
} catch (Exception e) {
ISOException.throwIt(SW_TAMAM);
try {
keyStore.setKey_Ka(KaKb, (short) 0);
keyStore.setKey_Kb(KaKb, (short) 8);
keyStore.setSecureMessagingKeys(KaKb, (short) 0, KaKb, (short) 0);
} catch (Exception e) {
ISOException.throwIt(SW_TAMAM_DEGIL);
return;
private short returnPreDigest(APDU apdu) {
byte[] buffer = apdu.getBuffer();
apdu.setOutgoing();
Util.arrayCopyNonAtomic(preDigest, (short) 0, buffer, (short) 0, (short) 122);
return (short)preDigest.length;
private short returnDigest(APDU apdu) {
byte[] buffer = apdu.getBuffer();
apdu.setOutgoing();
Util.arrayCopyNonAtomic(digest, (short) 0, buffer, (short) 0, (short) 20);
return (short)digest.length;
private short returnOriginalText(APDU apdu) {
byte[] buffer = apdu.getBuffer();
apdu.setOutgoing();
Util.arrayCopyNonAtomic(signed, (short) 0, buffer, (short) 0, (short) 128);
return (short)signed.length;
private void processVerify(APDU apdu) { // Verify_CHV(Pin_Ws)
byte[] buffer = apdu.getBuffer();
// retrieve the PIN data for validation.
byte byteRead = (byte) (apdu.setIncomingAndReceive());
// the PIN data is read into the APDU buffer
// at the offset ISO7816.OFFSET_CDATA the PIN data length = byteRead
if (pin.check(buffer, ISO7816.OFFSET_CDATA, byteRead) == false) {
ISOException.throwIt(SW_VERIFICATION_FAILED);
return;
private void processPSO(APDU apdu) { // verify certificate
byte[] buffer = apdu.getBuffer();
byte p1 = (byte) (buffer[OFFSET_P1] & 0xff);
byte p2 = (byte) (buffer[OFFSET_P2] & 0xff);
short lc = (short) (buffer[ISO7816.OFFSET_LC] & 0xFF);
if (p1 == (byte) 0x00 && p2 == P2_VERIFYCERT) {
if (lc != TACHO_CERT_LENGTH) {
ISOException.throwIt(SW_WRONG_LENGTH);
if (apdu.setIncomingAndReceive() != lc) {
ISOException.throwIt(ISO7816.SW_WRONG_LENGTH);
try { // copy the certificate to be verified from APDU buffer to cert object
Util.arrayCopyNonAtomic(buffer, OFFSET_CDATA, cert, (short) 0, lc);
} catch (Exception e) {
ISOException.throwIt(SW_TAMAM);
if (Util.arrayCompare(keyStore.selected_KID, (short) 0, keyStore.ERCA_KID, (short) 0, KID_LENGTH) == 0) {
keyStore.VUCA_Cert.verifyCert(cert, keyStore.selectedPublicKey, keyStore.selected_KID);
} else if (Util.arrayCompare(keyStore.selected_KID, (short) 0, keyStore.VUCA_Cert.CHR, (short) 0, KID_LENGTH) == 0) {
keyStore.VU_Cert.verifyCert(cert, keyStore.selectedPublicKey, keyStore.selected_KID);
} else {
ISOException.throwIt(SW_CERT_VERIFICATION_FAILED); // Selected keyId, with MSE, is neither ERCA_KID nor VUCA_KID
} else {
ISOException.throwIt(SW_CERT_VERIFICATION_FAILED);
return;
private short processGetChallenge(APDU apdu, boolean protectedApdu) {
byte[] buffer = apdu.getBuffer();
byte p1 = (byte) (buffer[OFFSET_P1] & 0xff);
byte p2 = (byte) (buffer[OFFSET_P2] & 0xff);
if (p1 != 0 || p2 != 0) {
ISOException.throwIt(SW_WRONG_P1P2);
random.generateData(Rnd3, (short) 0, (short) 8);
short Le = apdu.setOutgoing();
if (Le != (short) 8) {
ISOException.throwIt(SW_WRONG_LENGTH);
Util.arrayCopyNonAtomic(Rnd3, (short) 0, buffer, (short) 0, (short) 8);
return Le;
private void processMSE(APDU apdu) {
byte[] buffer = apdu.getBuffer();
if (buffer[OFFSET_P1] == (byte) 0xC1 && buffer[OFFSET_P2] == P2_DST) {
short lc = (short) (buffer[OFFSET_LC] & 0xFF);
if (lc != (short) (KID_LENGTH + 2)) {
ISOException.throwIt(SW_WRONG_LENGTH);
if (apdu.setIncomingAndReceive() != lc) {
ISOException.throwIt(ISO7816.SW_WRONG_DATA);
if (buffer[OFFSET_CDATA] != (byte) 0x83) {//check the tag of the data
ISOException.throwIt(SW_SECURE_MESSAGING_DATA_OBJECTS_MISSING);
} else if (buffer[OFFSET_CDATA + 1] != (byte) 0x08) {
ISOException.throwIt(SW_INCORRECT_DATA_OBJECT); // check if the key is already selected one
} else if (Util.arrayCompare(buffer, (short) (OFFSET_CDATA + 2), keyStore.selected_KID, (short) 0, KID_LENGTH) != 0) {
if (Util.arrayCompare(buffer, (short) (OFFSET_CDATA + 2), keyStore.ERCA_KID, (short) 0, KID_LENGTH) == 0) {// KID is EUR_KID
keyStore.selected_KID = keyStore.ERCA_KID;
keyStore.selectedPublicKey = keyStore.eurPublicKey;
keyStore.Selected_Cert = null; // ERCA public key is selected
return;
} else if (Util.arrayCompare(buffer, (short) (OFFSET_CDATA + 2), keyStore.VUCA_Cert.CHR, (short) 0, KID_LENGTH) == 0) {// KID is MSCA_KID
keyStore.Selected_Cert = keyStore.VUCA_Cert;
} else if (Util.arrayCompare(buffer, (short) (OFFSET_CDATA + 2), keyStore.VU_Cert.CHR, (short) 0, KID_LENGTH) == 0) { // KID is VU_KID
keyStore.Selected_Cert = keyStore.VU_Cert;
} else {
ISOException.throwIt(SW_REFERENCE_DATA_NOT_FOUND);
}// KID not found
keyStore.selectedPublicKey = keyStore.Selected_Cert.publicKey;
keyStore.selected_KID = keyStore.Selected_Cert.CHR;
} else { // if the KID is already set, just return
return;
} else {
ISOException.throwIt(ISO7816.SW_WRONG_P1P2);
private void processSelectFile(APDU apdu) {
byte[] buffer = apdu.getBuffer();
short lc = (short) (buffer[OFFSET_LC] & 0x00FF);
// retrieve p1p2 from apdu buffer
byte p1 = buffer[OFFSET_P1];
byte p2 = buffer[OFFSET_P2];
short p1p2 = Util.makeShort(p1, p2);
apdu.setIncomingAndReceive();
if (p1 == 4) {
if (lc == (short) TACHO_AID_LENGTH) {
if (Util.arrayCompare(buffer, (short) OFFSET_CDATA, TACHOGRAPH_AID, (short) 0, (short) TACHO_AID_LENGTH) == 0) {
selectedFile = fileSystem.getDT();
fileSystem.selectDT();
volatileState[0] |= FILE_SELECTED;
return;
} else {
ISOException.throwIt(ISO7816.SW_WRONG_DATA);
} else if (lc != 2) {
ISOException.throwIt(SW_WRONG_LENGTH);
short fid = Util.getShort(buffer, OFFSET_CDATA);
if (fileSystem.getFile(fid) != null) {
selectedFile = fileSystem.getDT();
fileSystem.selectDT();
volatileState[0] |= FILE_SELECTED;
return;
} else if (p1 == 2) {
if (lc != 2) {
ISOException.throwIt(SW_WRONG_LENGTH);
short fid = Util.getShort(buffer, OFFSET_CDATA);
if (fileSystem.getFile(fid) != null) {
selectedFile = fileSystem.getFile(fid);
volatileState[0] |= FILE_SELECTED;
return;
} else {
ISOException.throwIt(ISO7816.SW_WRONG_P1P2);
setNoFileSelected();
ISOException.throwIt(ISO7816.SW_FILE_NOT_FOUND);
public static void setNoFileSelected() {
if (hasFileSelected()) {
volatileState[0] ^= FILE_SELECTED;
public static boolean hasFileSelected() {
return (volatileState[0] & FILE_SELECTED) == FILE_SELECTED;
public static boolean hasMutuallyAuthenticated() {
return (volatileState[0] & MUTUAL_AUTHENTICATED) == MUTUAL_AUTHENTICATED;
static boolean isLocked() {
return (persistentState & LOCKED) == LOCKED;
public boolean isSelectedFileEncrypted() {
return ((selectedFile.getAccessConditions() & DigitalTachograph.ENCRYPTED) == DigitalTachograph.ENCRYPTED);
} -
Help!!input pfx,p12 to jks keystore get error "Signature Algorithm mismach"
The following is the question that I met ~ Who can help me to solve the problem?
use j2sdk1.4.02
I'm tring to use keytool to input my company's pfx file to jks format keystore ,
and I'm getting keytool error "Signature Algorithm mismatch" .
I also tried to import the pfx file to Netscape and export to p12 format ,
and still got error "Signature Algorithm mismatch".
When I using following command ..
keytool -list -keystore xxx.p12 -storetype PKCS12
It still throws keytool error "Signature Algorithm mismatch".
And I checked the pfx(p12) file with IE , the Signature Algorithm Name is RSA.
What problem whith the p12 file?
Is keytool can't support RSA Signature Algorithm, or anything else??
Finally,maybe all the problems are that I have wrong idea, and hope someone can instruct me.
Thanks for help..(I'm looking for this question several days.)
Vincent ...(from Taiwan)I'd just purchase and use KeyStore Explorer. $30 for single-user.
It easily converts between pkcs12 and jks formats. I had no problems generating keys/certs in this tool and exporting them to JKS keystores for use with Java as well as into OpenSSL for use with Apache, etc. -
How to add a Cipher Suite using RSA 1024 algorithm to the 'SSL Cipher Suite Order' GPO
Following a VA test the Default Domain GPO has been set to enable the SSL Cipher Suite Order. Following the change Symantec Endpoint Protection Manager doesn't work properly as the the Home, Monitors and Reports pages are blank and an Schannel error is
logged in the SEPM server's event log.
I have spoken to Symantec and I have been told that we need to allow the RSA 1024 bit algorithm but they can't tell me which cipher suite this would be. I have looked in the GPO setting and can't see an RSA 1024 suite but have found some in this article:
http://tools.ietf.org/html/draft-ietf-tls-56-bit-ciphersuites-01
I want to know how to add an additional cipher suite into the setting safely. Am I able to just add the suite into the GPO setting (eg TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA) or do I need to do anything else beforehand?
If anyone has any advice regarding this or cipher suite orders and troubleshooting SSL problems it would be much appreciated,
Thanks
ChrisHi Chris,
Based on my research, RSA_EXPORT1024_DES_CBC_SHA is a previous cipher suite, which is supported, you can enable it use
SSL Cipher Suite Order policy setting under Administrative Templates\Network\SSL Configuration Settings.
More information for you:
TLS/SSL Cryptographic Enhancements
http://technet.microsoft.com/en-us/library/cc766285(v=WS.10).aspx
Best Regards,
Amy -
Cipher vs signature algorithm?
Hello,
What is the difference between a chipher and a signature algorithm? How can SunJSSE provider have an implementation of SHA1withRSA signature algorithm but not have an implementation of RSA cipher? Don't you need to have the cipher to do the signature?
Thanks for any insights.Hi!
I'd like to get the same result when I use the Cipher class or when I use the Signature class.
If I use the code below I get different results. Am I doing something wrong? How can I get the same result using these two classes?
Thank you.
//Encryption by the Cipher Class
byte input[]="hello".getBytes();
MessageDigest md = MessageDigest.getInstance("SHA1");
md.update(input);
byte digest[] = md.digest();
Cipher rsaCipher = Cipher.getInstance("RSA");
rsaCipher.init(Cipher.ENCRYPT_MODE, privateKey);
byte[] encryptedData = rsaCipher.doFinal(digest);
System.out.println("textEncrypted="+Base64Utils.base64Encode(encryptedData));
//Encryption by the Signature Class
Signature signatureAlgorithm = Signature.getInstance("SHA1withRSA");
signatureAlgorithm.initSign(privateKey);
signatureAlgorithm.update(input);
encryptedData = signatureAlgorithm.sign();
System.out.println("textEncrypted2="+Base64Utils.base64Encode(encryptedData)); -
Caesar Cipher Algorithm Wrong ??
public class caesarCipher {
public static void main(String args[]) {
int num1=0,donothing=0;
char[] s1 = {'a','b','c','d','e','f','g','h','i','j','k','l','m','n','o',
'p','q','r','s','t','u','v','w','x','y','z'};
System.out.println("Please enter a caesar cipher shift between 1-26 :");
num1 = SavitchIn.readInt();
do {
System.out.println("ERROR: Please enter a caesar cipher shift between 1-26 :");
num1 = SavitchIn.readInt();
}while(num1>26 && num1<1);
while(num1<27 && num1>0) {
System.out.println("Please enter some plaintext to be encoded");
String s2 = SavitchIn.readLine();
s2=s2.toLowerCase();
int length1 = s2.length();
for (int i=0; i<s2.length(); i++) {
for (int j=0; j<s2.length(); j++) {
if( s2.charAt(i)==s1[j] )
System.out.print( s1[(j+num1)%26] );
else if ( s2.charAt(i)!=s1[j] )
donothing++;
System.out.println();
System.exit(0);
}The program works fine if the user enters abc.. but if anything else is entered e.g fghkl the program prints a blank.
Any ideas where I went wrong on this as I am pulling my hair out trying to work it out :)
Thanks for any help
Se�nI tried 26 instead of s1.length(), thanks for the help
as the idea was correct.No, no, no. Again, use s1.length (not s1.length()). Don't hard-code constants like "26", as then your code is more fragile if you change the actual array size. -
Java.lang.SecurityException: Unsupported keysize or algorithm parameters
Hi I need urgent help, I am getting below exception while loading trusted certificates from the jks keystore files DemoTrust.jks and cacerts using wls server.
java.lang.SecurityException: Unsupported keysize or algorithm parameters
at javax.crypto.Cipher.init(DashoA12275)
at com.certicom.tls.provider.Cipher.init(Unknown Source)
at com.certicom.tls.ciphersuite.SecurityParameters.createWriteCipher(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.changeCipherSpec(Unknown Source)
at com.certicom.tls.record.handshake.ClientStateReceivedCertificate.handle(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:66)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:124)
at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:122)
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:322)
at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:29)
at weblogic.net.http.HttpURLConnection.getHeaderField(HttpURLConnection.java:594)
at java.net.HttpURLConnection.getHeaderFieldDate(HttpURLConnection.java:343)
at java.net.URLConnection.getLastModified(URLConnection.java:429)
at com.cramer.core.framework.serviceimpl.ImageServiceImpl.getURLImage(ImageServiceImpl.java:269)
at com.cramer.core.framework.serviceimpl.ImageServiceImpl.getImages(ImageServiceImpl.java:224)
at com.cramer.core.framework.serviceimpl.ImageServiceImpl.getGraphicsCacheData(ImageServiceImpl.java:634)
at sun.reflect.GeneratedMethodAccessor1067.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at org.apache.axis.providers.java.RPCProvider.invokeMethod(RPCProvider.java:397)
at org.apache.axis.providers.java.RPCProvider.processMessage(RPCProvider.java:186)
at org.apache.axis.providers.java.JavaProvider.invoke(JavaProvider.java:323)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:453)
at org.apache.axis.server.AxisServer.invoke(AxisServer.java:281)
at org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:699)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at org.apache.axis.transport.http.AxisServletBase.service(AxisServletBase.java:327)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:1072)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:465)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:28)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
at com.cramer.core.sso.ApplicationFilter.doFilter(Unknown Source)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
at com.cramer.core.framework.serviceimpl.ClientAddressFilter.doFilter(ClientAddressFilter.java:62)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6987)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3892)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2766)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:224)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:183)
Pls help , Thanks is Advance !!!HI
I tried with replacing the jar with unlimited strength stuff but it didn't work for me , i got "class not found" Exception after that.
but one point i bring in to notice that i come accross this Error when try to loading trusted certificates
<Mar 6, 2012 3:26:22 PM EST> <Notice> <Security> <BEA-090169> <Loading trusted certificates from the jks keystore file /appl/bea/wls81sp5/weblogic81/server/lib/DemoTrust.jks.>
<Mar 6, 2012 3:26:22 PM EST> <Notice> <Security> <BEA-090169> <Loading trusted certificates from the jks keystore file /appl/j2sdk1.4.2_17/jre/lib/security/cacerts.>
java.lang.SecurityException: Unsupported keysize or algorithm parameters
at javax.crypto.Cipher.init(DashoA12275)
at com.certicom.tls.provider.Cipher.init(Unknown Source)
at com.certicom.tls.ciphersuite.SecurityParameters.createWriteCipher(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.changeCipherSpec(Unknown Source)
at com.certicom.tls.record.handshake.ClientStateReceivedCertificate.handle(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:66)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:124)
at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:122)
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:322)
at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:29)
at weblogic.net.http.HttpURLConnection.getHeaderField(HttpURLConnection.java:594)
at java.net.HttpURLConnection.getHeaderFieldDate(HttpURLConnection.java:343)
at java.net.URLConnection.getLastModified(URLConnection.java:429) -
How to decrypt an encrypted text file using Algorithm SHA1withRSA .
I have one encrypted file instance_demo_Encryp.xml and encrypted format is
MIMVwmYGCSqGSIb3DQEHAqCDFcJWMIMVwlECAQExCzAJBgUrDgMCGgUAMIMVvzoG
CSqGSIb3DQEHAaCDFb8qBIMVvyU8P3htbCB2ZXJzaW9uPScxLjAnIGVuY29kaW5n
PSdVVEYtOCcgPz4NCjx4YnJsaTp4YnJsIHhtbG5zOnhicmxpPSdodHRwOi8vd3d3
Lnhicmwub3JnLzIwMDMvaW5zdGFuY2UnIHhtbG5zOmxpbms9J2h0dHA6Ly93d3cu
eGJybC5vcmcvMjAwMy9saW5rYmFzZScgeG1sbnM6eGxpbms9J2h0dHA6Ly93d3cu
dzMub3JnLzE5OTkveGxpbmsnIHhtbG5zOnJlZj0naHR0cDovL3d3dy54YnJsLm9y
Zy8yMDA0L3JlZicgeG1sbnM6eGJybGR0PSdodHRwOi8veGJybC5vcmcvMjAwNS94
I want to decrypt and convert into original xml file.I am using below code but some error occurred javax.crypto.BadPaddingException: Data must start with zero.Please help
import java.io.*;
import java.math.BigInteger;
import java.net.URLEncoder;
import java.util.*;
import java.security.AlgorithmParameters;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.RSAPublicKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import oracle.security.xmlsec.util.Base64;
import sun.misc.*;
//import org.bouncycastle.jce.provider.BouncyCastleProvider;
//import org.bouncycastle.jce.*;
public class EsignWithBC {
public static final String KEY_STORE_PASSWORD = "password";
public static void main(String[] args) {
BASE64Encoder base64Encoder = new BASE64Encoder();
BASE64Decoder base64Decoder = new BASE64Decoder();
String record = null;
char[] passwd = KEY_STORE_PASSWORD.toCharArray();
String inputFileName = "webroot/cerFiles/instance_demo_Encryp.xml";
try {
KeyStore keyStore = KeyStore.getInstance("PKCS12");
FileInputStream fis = new FileInputStream(
"D:\\eclipse_program\\xRnd\\WebRoot\\cerFiles\\AlicePFX.pfx");
keyStore.load(fis, passwd);
fis.close();
Enumeration aliases = keyStore.aliases();
while (aliases.hasMoreElements()) {
System.out.println(aliases.nextElement());
/*FileInputStream fin = new FileInputStream("D:\\eclipse_program\\xRnd\\WebRoot\\cerFiles\\Alice.cer");
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Collection c = cf.generateCertificates(fin);
Iterator i = c.iterator();
while (i.hasNext()) {
Certificate cert = (Certificate)i.next();
System.out.println("***************************************************");
System.out.println(cert.getPublicKey());
System.out.println("***************************************************");
String filename= "D:\\eclipse_program\\xRnd\\WebRoot\\cerFiles\\Alice.cer";
FileInputStream fis1 = new FileInputStream(filename);
DataInputStream dis = new DataInputStream(fis1);
CertificateFactory cf1 = CertificateFactory.getInstance("X.509");
byte[] bytes = new byte[dis.available()];
dis.readFully(bytes);
ByteArrayInputStream bais = new ByteArrayInputStream(bytes);
Key key = null;
while (bais.available() > 0) {
Certificate cert = cf1.generateCertificate(bais);
key = cert.getPublicKey();
System.out.println(cert.toString());
// EsignWithBC obj = new EsignWithBC();
//System.out.println(obj.createUrlFragment("alice's key","password","D:\\eclipse_program\\xRnd\\webroot\\cerFiles\\instance_demo_Encryp.xml"));
FileReader fr = new FileReader(inputFileName);
BufferedReader br = new BufferedReader(fr);
byte text[] = null;
//System.out.println(text.toString());
// Cipher cipher = Cipher.getInstance("SHA1withRSA");
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
Signature sig = Signature.getInstance("SHA1withRSA");
Cipher rsaCipher = Cipher.getInstance("RSA");
String str = null;
byte[] cleartext1 = null;
rsaCipher.init(Cipher.DECRYPT_MODE, key);
System.out.println("********************************");
while ( (record=br.readLine()) != null ) {
text = base64Decoder.decodeBuffer(record);
cleartext1 = rsaCipher.doFinal(text);
//str = new String(cleartext1);
System.out.println(rsaCipher.doFinal(text));
System.out.println("********************************");
} catch (Exception e) {
e.printStackTrace();
}SHA1withRSA is a signature algorithm and not an encryption. If all you have is the signature then you can never get back the original document. The best you can do is to check that the signature is valid but for that you will need the original document and the public key of the person who signed the document.
The code you post is not coherent and though I think can see what you are trying to do I am not willing to make guesses at this stage since it sounds like you are trying to do the impossible. -
Getting Error while decrypt a file using Blowfish algorithm
I am using blowfish algorithm for encrypt and decrypt my file. this is my code for encrypting decrypting .
while i am running program i am getting an Exception
Exception in thread "main" javax.crypto.BadPaddingException: Given final block not properly padded
at com.sun.crypto.provider.SunJCE_h.b(DashoA6275)
at com.sun.crypto.provider.SunJCE_h.b(DashoA6275)
at com.sun.crypto.provider.BlowfishCipher.engineDoFinal(DashoA6275)
at javax.crypto.Cipher.doFinal(DashoA12275)
at Blowfishexe.main(Blowfishexe.java:65)
import java.security.*;
import javax.crypto.*;
import javax.crypto.spec.*;
import java.io.*;
import org.bouncycastle.crypto.CryptoException;
import org.bouncycastle.crypto.KeyGenerationParameters;
import org.bouncycastle.crypto.engines.DESedeEngine;
import org.bouncycastle.crypto.generators.DESedeKeyGenerator;
import org.bouncycastle.crypto.modes.CBCBlockCipher;
import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
import org.bouncycastle.crypto.params.DESedeParameters;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.util.encoders.Hex;
public class Blowfishexe {
public static void main(String[] args) throws Exception {
KeyGenerator kgen = KeyGenerator.getInstance("Blowfish");
kgen.init(128);
String keyfile="C:\\Encryption\\BlowfishKey.dat";
SecretKey skey = kgen.generateKey();
byte[] raw = skey.getEncoded();
SecretKeySpec skeySpec = new SecretKeySpec(raw, "Blowfish");
System.out.println("key"+raw);
byte[] keyBytes = skey.getEncoded();
byte[] keyhex = Hex.encode(keyBytes);
BufferedOutputStream keystream =
new BufferedOutputStream(new FileOutputStream(keyfile));
keystream.write(keyhex, 0, keyhex.length);
keystream.flush();
keystream.close();
Cipher cipher = Cipher.getInstance("Blowfish");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
System.out.println("secretKey"+skeySpec);
FileOutputStream fos=new FileOutputStream("C:\\Encryption\\credit11.txt");
BufferedReader br=new BufferedReader(new FileReader("C:\\Encryption\\credit.txt"));
String text=null;
byte[] plainText=null;
byte[] cipherText=null;
while((text=br.readLine())!=null)
System.out.println(text);
plainText = text.getBytes();
cipherText = cipher.doFinal(plainText);
fos.write(cipherText);
br.close();
fos.close();
cipher.init(Cipher.DECRYPT_MODE, skeySpec);
FileOutputStream fos1=new FileOutputStream("C:\\Encryption\\BlowfishOutput.txt");
BufferedReader br1=new BufferedReader(new FileReader("C:\\Encryption\\credit11.txt"));
String text1=null;
/*while((text1=br1.readLine())!=null)
System.out.println("text is"+text1);
plainText=text1.getBytes("UTF8");
cipherText=cipher.doFinal(plainText);
fos1.write(cipherText);
br1.close();
fos1.close();
//byte[] encrypted = cipher.doFinal("This is just an example".getBytes());
//System.out.println("encrypted value"+encrypted);*/
Any one pls tell me how to slove my problem
thanks in advancehi
i got the solution. its working now
but blowfish key ranges from 56 to448
while i am writing the code as
KeyGenerator keyGenerator = KeyGenerator.getInstance("Blowfish");
keyGenerator.init(448);
this code is generating the key upto 448 bits
but coming to encoding or decode section key length is not accepting
cipher.init(Cipher.ENCRYPT_MODE, key);
Exception in thread "main" java.security.InvalidKeyException: Illegal key size or default parameters
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.a(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at javax.crypto.Cipher.init(DashoA12275)
at Blowfish1.main(Blowfish1.java:46)
i am getting this error
what is the solution for this type of exception.
thank you -
Ask again: Where can I find source code for CPRM algorithm?
Hi, everyone.
Where can I find reference implementation or some sample codes for CPRM(content protection for recordable media) algorithm? Can anyone help?
Information about CPRM can be find here,
http://www.4centity.com/
JAVA version is preferred and C/C++ implementation is also OK.
Thanks in advance,
GeoThanks, edsonw buddy!
I only found C2 cipher source code and some other documents dealing with CPRM algorithm. And what I want is total CPRM implementation reference source code (C2 is only a basic module of CPRM algorithm).
So can you provide me some useful information dealing with how to get total CPRM implementation reference source code? Both JAVA and C/C++ will be OK.
Have a wonderful weekend,
George -
Compability problem with Java and Python RSA algorithm implementation
I have client server application. Server is writtein in python, client in java. Client receives messages from server encrypted with RSA (http://stuvel.eu/rsa), and I'm unable to decrypt it. It seems that this is RSA algorithm compatibility problem. I'm using algorithm from java.security package, instatinating Cipher object like this: c = Cipher.getInstance("RSA"); . I noticed that this algorithm produces for input blocks of lengtrh <=117 ouput block of length 128. Server I guess uses the most triviall impelentation of RSA ( (1 byte is encrypted to 1 byte) So i want to make my java algorithm compatibile with this one which server uses. How to do that ? Do i have to instatinate Cipher object in different way ? Or use another library ?
azedor wrote:
First you said it was no good because it could only handle <= 117 byte inputs, now you say it is no good because it produces a 128-byte output. You're not making sense.First i said that this two RSA implementations are not compatibile, and first reason i noticed firstly is that Python imlementation for input of length N produces cryptogram of the same length. Not true. In general, the RSA encryption of any number of bytes less than the length of the modulus will produce a result of length near that of the modulus. When N is less than the length of the modulus, it is rare that N bytes of cleartext produces N bytes of ciphertext.
Java implementation for data block of length <=117 produces alwasy 128 bytes of output.Pretty much correct and very much desirable. This is primarily a function of the PKCS1 padding which is used to solve two basic problems. First, as I alluded to in my first response, it is the nature of the algorithm that leading zeros are not preserved and second when the cleartext is very small (a few bytes) the exponentiation does not roll over and it is easy to decrypt the result. Both these problems are addressed by PKCS1 padding.
>
>
After what sabre150 said i think of giving up idea of translating Python code to Java and considering to use another assymetric cryptography algorithms on both sides. Can you recommend me sth what should be compatibile with Python ?This seems to be at odds with your statement in reply #3 "Also have acces only to client code so i have to change sth in java." ! This statement is why I said "I suspect ... you have dug a deep hole".
In your position I would use the Python bindings for openssl. Once more, Google is your friend. -
Where to store the password data for exiting user in Elgamal Algorithm
hi,
i am doing a project in Intelligent security in java using Elagamal algorithm. The feature of Elgamal is that the password is not stored in database . Then where is the password is stored to check for a existing user .
If i am an existing user then when i type the username and password then it should check or compare and tell that password is right or wrong . so where is the password is stored to compare ?? please give me the coding in java .
i need the coding immediately , of how to get the password and to store and then to compare where the user is correct else message should display "type the correct password".
Given below is my Main window coding plz help me where to include the coding,
This simple extension of the java.awt.Frame class
contains all the elements necessary to act as the
main window of an application.
// LOGIN WINDOW ( FIRST WINDOW ) FOR LOGIN AND EXISTING USER
import java.awt.*;
import java.io.*;
import java.net.*;
import java.util.*;
import java.sql.*;
import java.math.*;
import java.security.*;
import java.io.IOException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
public class Smart extends Frame
public Smart()
// This code is automatically generated by Visual Cafe when you add
// components to the visual environment. It instantiates and initializes
// the components. To modify the code, only use code syntax that matches
// what Visual Cafe can generate, or Visual Cafe may be unable to back
// parse your Java file into its visual environment.
//{{INIT_CONTROLS
setLayout(null);
setBackground(new java.awt.Color(255,247,192));
setSize(1200,900);
// 157,135,178
setVisible(false);
label1.setText("USERID");
add(label1);
label1.setFont(new Font("Dialog", Font.PLAIN, 14));
label1.setBounds(315,180,84,48);
label2.setText("PASSWORD");
add(label2);
label2.setFont(new Font("Dialog", Font.PLAIN, 14));
label2.setBounds(315,260,100,40);
textField1.setBounds(430,180,216,36);
//textField1.setBackground(new java.awt.Color(196,197,233));//textfieldcolor
add(textField1);
textField2.setEchoChar('*');
//textField2.setBackground(new java.awt.Color(196,197,233));
add(textField2);
textField2.setBounds(430,260,213,36);
button1.setLabel("SUBMIT");
add(button1);
button1.setBackground(new java.awt.Color(196,197,233));
button1.setBounds(320,360,120,40);
button2.setLabel("CLEAR");
add(button2);
button2.setBackground(new java.awt.Color(196,197,233));
button2.setBounds(520,360,120,40);
label3.setText("REGISTRATION FORM");
add(label3);
label3.setFont(new Font("Dialog", Font.BOLD, 20));
label3.setBounds(324,54,550,80);
button3.setLabel("NEW USER REGISTRATION");
add(button3);
button3.setBackground(new java.awt.Color(196,197,233));
button3.setBounds(369,450,232,40);
//add(textArea1);
//textArea1.setBounds(0,360,576,52);
setTitle("LOGIN PHASE Application");
/*int mStrength = 16;
SecureRandom mSecureRandom = new SecureRandom();
p = new BigInteger(mStrength, 16, mSecureRandom);*/
//{{INIT_MENUS
//{{REGISTER_LISTENERS
SymWindow aSymWindow = new SymWindow();
this.addWindowListener(aSymWindow);
SymAction lSymAction = new SymAction();
button1.addActionListener(lSymAction);
button2.addActionListener(lSymAction);
button3.addActionListener(lSymAction);
public Smart(String title)
this();
setTitle(title);
* Shows or hides the component depending on the boolean flag b.
* @param b if true, show the component; otherwise, hide the component.
* @see java.awt.Component#isVisible
public void setVisible(boolean b)
if(b)
setLocation(50, 50);
super.setVisible(b);
public static void main(String args[])
try
//Create a new instance of our application's frame, and make it visible.
(new Smart()).setVisible(true);
catch (Throwable t)
System.err.println(t);
t.printStackTrace();
// Ensure the application exits with an error condition.
System.exit(1);
public void addNotify()
// Record the size of the window prior to calling parents addNotify.
Dimension d = getSize();
super.addNotify();
if (fComponentsAdjusted)
return;
// Adjust components according to the insets
setSize(getInsets().left + getInsets().right + d.width, getInsets().top + getInsets().bottom + d.height);
Component components[] = getComponents();
for (int i = 0; i < components.length; i++)
Point p = components.getLocation();
p.translate(getInsets().left, getInsets().top);
components[i].setLocation(p);
fComponentsAdjusted = true;
// Used for addNotify check.
boolean fComponentsAdjusted = false;
//{{DECLARE_CONTROLS
java.awt.Button button1 = new java.awt.Button();
java.awt.Button button2 = new java.awt.Button();
java.awt.Label label1 = new java.awt.Label();
java.awt.Label label2 = new java.awt.Label();
java.awt.Label label3 = new java.awt.Label();
java.awt.Button button3 = new java.awt.Button();
java.awt.TextField textField1 = new java.awt.TextField();
java.awt.TextField textField2 = new java.awt.TextField();
java.awt.TextArea textArea1 = new java.awt.TextArea();
//BigInteger p;
//{{DECLARE_MENUS
class SymWindow extends java.awt.event.WindowAdapter
public void windowClosing(java.awt.event.WindowEvent event)
Object object = event.getSource();
if (object == Smart.this)
Smart_WindowClosing(event);
void Smart_WindowClosing(java.awt.event.WindowEvent event)
System.exit(0);
class SymAction implements java.awt.event.ActionListener
public void actionPerformed(java.awt.event.ActionEvent event)
Object object = event.getSource();
if (object == button1)
button1_ActionPerformed(event);
else if (object == button2)
button2_ActionPerformed(event);
else if (object == button3)
button3_ActionPerformed(event);
void button1_ActionPerformed(java.awt.event.ActionEvent event)
//try{
String ids = textField1.getText();
String pss = textField2.getText();
byte [] bt = ids.getBytes();
BigInteger id = new BigInteger(bt);
//by samy byte [] bts = pss.getBytes();
//BigInteger ps = new BigInteger(bts);
int mStrength = 16;
SecureRandom mSecureRandom = new SecureRandom();
BigInteger p = new BigInteger(mStrength, 16, mSecureRandom);
System.out.println("p = "+p.toString(16));
BigInteger g = new BigInteger(mStrength - 1, mSecureRandom);
System.out.println("g= "+g.toString(16));
BigInteger x = new BigInteger(mStrength - 1, mSecureRandom);
System.out.println("x="+x.toString(16));
//byte[] bt = id.getBytes();
BigInteger idb = new BigInteger(bt);
//System.out.println("id= "+idb.toString(16));
BigInteger ps = idb.modPow(x, p);
//String pw = new String("pass = "+ps.toByteArray());
System.out.println("ps ="+ps.toString(16));
BigInteger r =null;
BigInteger ONE = BigInteger.valueOf(1L);
BigInteger p_1 = p.subtract(ONE);
SecureRandom sr = new SecureRandom();
do {
r = new BigInteger(p.bitLength(), sr);
} while (r.compareTo(ONE) <= 0 || r.compareTo(p_1) >= 0);
System.out.println("r= "+r.toString(16));
BigInteger c1 =idb.modPow(r,p);
System.out.println("c1= "+c1.toString(16));
long time = System.currentTimeMillis();
System.out.println("TIME ="+time);
BigInteger one = new BigInteger( new Integer(1).toString());
BigInteger T = new BigInteger( new Long(time).toString());
BigInteger t =T.xor(ps);
BigInteger t1 = t.mod(p.subtract(one));
System.out.println("t="+t1.toString(16));
BigInteger M = idb.modPow(t1, p);
System.out.println("M="+M.toString(16));
int rnd = r.intValue();
BigInteger c2 =ps.modPow(r,p).multiply(M).mod(p);
System.out.println("c2 ="+c2.toString(16));
//(bia[0].modPow(a, p).modInverse(p)).multiply(bia[1]).mod(p);
BigInteger val1 = (c1.modPow(x,p).modInverse(p)).multiply(c2).mod(p);
BigInteger val2 = id.modPow(t1,p);
System.out.println(val1.toString(16));
System.out.println(val2.toString(16));
send s=new send();
// }catch( IOException e){
//System.out.println("Exception caught ") ; }
// catch( Exception e){
//System.out.println("Exception caught ") ; }
void button2_ActionPerformed(java.awt.event.ActionEvent event)
textField1.setText("");
textField2.setText("");
void button3_ActionPerformed(java.awt.event.ActionEvent event)
{ Security s1 = null;
try
System.out.println("this is in Smart ");
//Create a new instance of our application's frame, and make it visible.
s1 = new Security();
s1.setVisible(true);
catch (Throwable t)
System.err.println(t);
t.printStackTrace();
//Ensure the application exits with an error condition.
System.exit(1);
//s1.dispose();Hi SaMolPP,
You should try to use the existing ULS logging, following article is for 2010 but should also work in 2013 :
http://geekswithblogs.net/venkatx5/archive/2010/12/09/how-to-use-uls-in-sharepoint-2010-for-custom-code.aspx
No additional lists or databases needed.
Hope this helps -
AES Algorithm error when trying to encrypt using stored Java class.
Dear All,
We have a specific reuirement where in we cannot use DBMS_CRYPTO package to encrypt/decrypt data using AES Algorithm
So I am trying to use a stored Java class and I am getting "AES algorithm not available".
I am using Oracle 10gR2 standard edition.
Below is my code
1. Stored Java class
2. Stored function to access the above Java class.
3. Test anonymus PL/SQL to test above code.
Please help me finding the problem why I am getting "AES algorithm not available" error when I call stored Java class in Oracle.?
**** If I use "DES" algorithm, it works. Also the Java code works well if I execute it as normal Java class from Eclipse.
I verified the java.security file in jre/lib/security and I see that there is provider entry for SunJCE.
The jre version in Oracle is 1.4.2.
I appreciate your help.
Thanks,
Priyanka
Step1: Stored java class to encrypt and decrypt data
CREATE OR REPLACE AND RESOLVE JAVA SOURCE NAMED "EncryptUtil" AS
import java.security.Key;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
public class EncryptUtil
public static String encrypt(String inStr)
String outStr = "Test data 123";
try
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128);
SecretKey skey = kgen.generateKey();
byte[] raw = skey.getEncoded();
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted =
cipher.doFinal(inStr.getBytes());
outStr =new String(encrypted);
catch (Exception e)
outStr = outStr + "exception thrown::" + e.getMessage();
e.printStackTrace();
return outStr;
Step2: Stored function to access above stored java class.
CREATE OR REPLACE FUNCTION SF_ENCRYPTUTIL(
pKey1 VARCHAR2
) RETURN VARCHAR2 AS
LANGUAGE JAVA NAME 'EncryptUtil.encrypt(java.lang.String ) return java.lang.String';
Step3: Test encryption and descryption
DECLARE
outstr VARCHAR2(2000);
BEGIN
DBMS_OUTPUT.PUT_LINE('outstr-->' || SF_ENCRYPTUTIL('12345'));
END;
Below code example using DBMS_CRYPTO. This works, but we do not want to use this.
declare
l_in_val varchar2(2000) := 'Test data 123';
l_mod number := dbms_crypto.ENCRYPT_AES128
+ dbms_crypto.CHAIN_CBC
+ dbms_crypto.PAD_PKCS5;
l_enc raw (2000);
l_enc_key raw (2000);
l_dec raw (2000);
begin
l_enc := dbms_crypto.encrypt
UTL_I18N.STRING_TO_RAW (l_in_val, 'AL32UTF8'),
l_mod,
HEXTORAW('156ae12300ccfbeb48e43aa016febb36'),
HEXTORAW('001122230405060708090a0b0c0d0e0f')
dbms_output.put_line ('Encrypted='||l_enc);
end;
Edited by: user5092433 on Sep 10, 2009 12:26 AMI guess I'd be a bit curious about why you can't use a DBMS_CRYPTO solution that provides identical output. It seems odd to want to have a procedure running inside Oracle and then dictate that it has to be Java and not PL/SQL...
I verified the java.security file in jre/lib/security and I see that there is provider entry for SunJCE.
The jre version in Oracle is 1.4.2.Which java.security file are you talking about? The JVM that is inside the Oracle database does not and can not use configuration files that are outside the database. I suspect when you talk about files and paths that you're looking at a JVM outside the database, which is not the JVM that your Java stored procedure would be using.
Looking at the error, my assumption is that some JAR file needs to be loaded into the internal JVM in order for the AES algorithm to be available. But I'm unfortunately not familiar enough with these classes to say what that would be.
Justin
Maybe you are looking for
-
Problem while sending mail inOIM 11g r2 after usercreation
Hi, By default OIM sends mail to user mail id when the user created. i have tested this scenario using test mail server, it is working fine . when i am trying this scenario using exchange mail server, it is throwing errors. for Exchange just i have c
-
I Don't See a Photo Tab Anywhere - Can't Add or Delete Photos
I want to add (synch) photos to my iPod Touch and I also want to delete some photos from the Touch as well. I am told to connect the iPod to the computer, open iTunes and then select my iPod in the Device menu on the left. I am then told to click on
-
Lightroom and PS serial numbers
I just bought a new laptop. I want to download lightroom and photoshop. All I have records of is the upgrade serial numbers. No record of the original serial numbers. How can I download, or how can I find the original serial numbers? HELP!!
-
Can I slow my trackpad scrolling down?!
I just installed windows on my mac. when I scroll on websites and such, the scrolling is way too fast for me to see what I'm scrolling. I slide both my fingers down a half an inch and it jumps an entire page. If I try slowly scrolling my fingers, the
-
Hi im getting the following error while building a JCAPS513 project that contains http server ext system. com.stc.codegen.framework.model.CodeGenException: could not get configuration data from environment element at com.stc.connector.codegen.co