 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Java Forum / Security / April 2005Problems with JSafeJCE with J2SE 5
Hi I am using the JSafe library from RSA in order to add some encryption capability to an application. Currently facing problems in running in on JRE 1.5. It runs fine on JRE 1.4.2 Some details about usage of this library ======================================== Cryptoprovider: com.rsa.jsafe.provider.JsafeJCE Transformation: Rijndael/ECB/PKCS5Padding key length: 192 bits Problem details ======================================== When running on JRE 1.5 to encrypt, I get an InvalidKeyException. **But the same code runs fine on JRE 1.4.2 ** The code in question looks like this ------------------------------------- public static String ssm_Encrypt(String p_sInput) throws Exception { Cipher c = Cipher.getInstance("Rijndael/ECB/PKCS5Padding",cryptoProvider); ERR(JRE 1.5)==> c.init(Cipher.ENCRYPT_MODE, secretKey); byte [] l_oEncResult = c.doFinal(p_sInput.getBytes()); String l_sRet = new String(Base64.encode(l_oEncResult)); return l_sRet; } Stack Trace ----------- In the stack trace, there is a reference to some "c.a" where the error is thrown. Here "a" is supposed to be some data member in the Cipher instance "c". When debugging on Eclipse on JRE 1.5, I am not able to see a data member "a" for cipher instance "c" in the data window. But I can see data member "a" for "c" when debugging on JRE 1.4.2. Would anybody know if this is a known issue on running this on JRE 1.5? If so, is there another version of the library without these issues? Thanks in advance Not all key type is accepted for Cipher engine. So, it is important to generate SecretKey from an acceptable provider (with an acceptable key size). Thanks, Selva- > Hi > [quoted text clipped - 38 lines] > > Thanks in advance Hi The same code works on JRE 1.4.2 but fails in JRE 1.5 So it should not be a problem with this code as such. The secret key is a 192 bit key generated according to the java SecretKey interface. Algorithm is AES. One more thing to note: I load the crypto provider before calling my ssm_encrypt() method (In the original post) as follows - =============== Provider cryptoProvider = (Provider)Class.forName("com.rsa.jsafe.provider.JsafeJCE").newInstance(); int result = Security.addProvider(cryptoProvider); =============== On JRE 1.4.2, result returned is 6 On JRE 1.5 (Java 5), result=7. Does this have any bearing?? I have got it working. The problem was due to the US export restrictions that applied to the default JVM install. The default JRE 1.5 install can handle only 128 bit keysizes, due to US export restrictions. I was trying all the time with 192 initially leading to the error. Using trial and error, I noticed that it started working with 128 bits, but not 192 or 256. Some googling turned up the problem. To enable larger key sizes, the "Unlimited strength jurisdiction policy files 5.0" for JCE need to be downloaded and put in %jre_home%/lib/security Cheers Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.