Newbie question on existing Private Key

Thread view:

kbutterly - 21 Jun 2006 16:16 GMT

Good morning, all:

I have searched but I can't find an answer to what seems to be a pretty
common occurence.

Here's a quick overview. I have a private key (let's say
"13CEF550A7DDFB343BCE6749A349BEF6"), which i have stored on our LINUX
server to encrypt a userID in a Perl script. I now need to decrypt
that UserID using JAVA. I am using AES encryption.

I found the following code:

//create a key to be used
keyGen =
createObject("java","javax.crypto.KeyGenerator").getInstance("AES");
keyGen.init(128);
myKey = keyGen.generateKey();

//instantiate our crypto object
cipher =
createObject("java","javax.crypto.Cipher").getInstance("AES");

// encrypt the string
cipher.init(cipher.ENCRYPT_MODE, myKey);

This would be great, except I don't need to create the private key,
since I already have one.

When I change cipher.init(cipher.ENCRYPT_MODE, myKey); to
cipher.init(cipher.ENCRYPT_MODE, "13CEF550A7DDFB343BCE6749A349BEF6"); I
get an error that the method init was not found. It seems like init
doesn't like a raw string passed to it. The variable myKey is of type
SecretKeySpec, so that's what init must be expecting.

My ultimate goal was to store the private key in a secured file and
read it into a variable, and then pass this variable to the init
method, but that doesn't look like it will work.

My question is, do I have to create a keystore and put my private key
into it? or is there a way to Cast a string to an appropriate object?

I hope this makes sense; apologies if it doesn't. Any references,
resources, links, war stories would be greatly appreciated!

Thanks,
Kathryn

Reply to this Message

Rogan Dawes - 21 Jun 2006 17:08 GMT

> Good morning, all:
>
[quoted text clipped - 13 lines]
> keyGen.init(128);
> myKey = keyGen.generateKey();

[snip]

> When I change cipher.init(cipher.ENCRYPT_MODE, myKey); to
> cipher.init(cipher.ENCRYPT_MODE, "13CEF550A7DDFB343BCE6749A349BEF6"); I
> get an error that the method init was not found. It seems like init
> doesn't like a raw string passed to it. The variable myKey is of type
> SecretKeySpec, so that's what init must be expecting.

Looking at the JavaDocs for SecretKeySpec, we find a constructor that
looks like:

==== quote ====
Constructor Detail - SecretKeySpec

public SecretKeySpec(byte[] key,
String algorithm)

Constructs a secret key from the given byte array.

This constructor does not check if the given bytes indeed specify a
secret key of the specified algorithm. For example, if the algorithm is
DES, this constructor does not check if key is 8 bytes long, and also
does not check for weak or semi-weak keys. In order for those checks to
be performed, an algorithm-specific key specification class (in this
case: DESKeySpec) should be used.

Parameters:
key - the key material of the secret key.
algorithm - the name of the secret-key algorithm to be associated
with the given key material. See Appendix A in the Java Cryptography
Extension Reference Guide for information about standard algorithm names.

==== quote ====

This suggests that you should try to convert your String representation
of the AES key into a byte array (each pair of hex digits converts to a
single byte), and construct your SecretKeySpec with that array, and a
parameter of "AES" for the algorithm.

Then try to create your cipher and encrypt your data.

Good luck.

Rogan

Reply to this Message

kbutterly - 22 Jun 2006 15:05 GMT

Rogan,

Thanks so much! Your explanation/translation of the Java docs did the
trick. It is working like a charm now!

Thanks again,
Kathryn

Reply to this Message

Newbie question on existing Private Key

Free Magazines