Home.... | log in.... | Pub my question! | Sign-up....

what happened if I call doFinal() without any input?

Hi,

In partial of my encryption code using PBEWithMD5AndDES, by giving pass phrase, salt and iteration count, the key was generated. I used the following code to generate the output ciphertext[]:

PBEParameterSpec pbeParamSpec = new PBEParameterSpec(salt, iterations);

SecretKeyFactory keyFac = SecretKeyFactory.getInstance("PBEWithMD5AndDES");

SecretKey key = keyFac.generateSecret(new javax.crypto.spec.PBEKeySpec(pass phrase));

Cipher cipher = Cipher.getInstance("PBEWithMD5AndDES");

cipher.init(Cipher.ENCRYPT_MODE, key, pbeParamSpec);

byte ciphertext[] = cipher.doFinal();

I didn't give any input to doFinal() call, and there was no update() call, what does this ciphertext[] exactly represent?

Thanks.

[768 byte] By [LiveByJavaa] at [2007-11-27 7:06:01]

«« How can we ensure header and table columns are aligned.
»» JToolbar position

# 1

> Hi,

> In partial of my encryption code using

> PBEWithMD5AndDES, by giving pass phrase, salt and

> iteration count, the key was generated. I used the

> following code to generate the output ciphertext[]:

> PBEParameterSpec pbeParamSpec = new

> PBEParameterSpec(salt, iterations);

> SecretKeyFactory keyFac =

> SecretKeyFactory.getInstance("PBEWithMD5AndDES");

> SecretKey key = keyFac.generateSecret(new

> javax.crypto.spec.PBEKeySpec(pass phrase));

> Cipher cipher =

> Cipher.getInstance("PBEWithMD5AndDES");

> cipher.init(Cipher.ENCRYPT_MODE, key, pbeParamSpec);

> byte ciphertext[] = cipher.doFinal();

> I didn't give any input to doFinal() call, and there

> was no update() call, what does this ciphertext[]

> exactly represent?

> Thanks.

Junk.

DarumAa at 2007-7-12 18:57:16 >

top of Java-index,Security,Cryptography...

# 2

> JunkHave you tried it or are you just guessing?I suspect it represents an empty byte array (= new byte[0]) actually.

ejpa at 2007-7-12 18:57:16 >

# 3

you are right, it represents the encryption of the empty byte array. thanks.BTW, in this case, if I keep the input same, do the pass phrase and cipher text have a one-to-one relationship?

LiveByJavaa at 2007-7-12 18:57:16 >

# 4

> > Junk

> Have you tried it or are you just guessing?

> I suspect it represents an empty byte array (= new

> byte[0]) actually.

Oh, I just guessed. Sorry, you are right. It will be an encryption of an empty byte array.

By the way, just a further inquiry. What would a person want to do with an encrypted empty byte array? I mean what purpose would it serve? any clues?

Thanks.

DarumAa at 2007-7-12 18:57:16 >

# 5

> By the way, just a further inquiry. What would a> person want to do with an encrypted empty byte array?> I mean what purpose would it serve? any clues?Err... if I was encrypting a byte array of any length it would indicate a zero length byte array!

sabre150a at 2007-7-12 18:57:16 >

# 6

> Err... if I was encrypting a byte array of any length> it would indicate a zero length byte array!elaborate please.

DarumAa at 2007-7-12 18:57:16 >

# 7

> > Err... if I was encrypting a byte array of any> length> > it would indicate a zero length byte array!> > elaborate please.Elaborate on what?

sabre150a at 2007-7-12 18:57:16 >

# 8

> Elaborate on what?Elaborate on this statement: "if I was encrypting a byte array of any length it would indicate a zero length byte array".Sorry, but I just dont get what you mean by the above statement. Please help me understand.Thanks.

DarumAa at 2007-7-12 18:57:17 >

# 9

You have lost me. It is perfectly valid to encrypt a byte array of zero length. Decryption will then produce a byte array of zero length. P.S. How are you related to the OP?

sabre150a at 2007-7-12 18:57:17 >

# 10

> You have lost me. It is perfectly valid to encrypt a

> byte array of zero length. Decryption will then

> produce a byte array of zero length.

> P.S. How are you related to the OP?

Ok. I thought you meant something more complicated. My bad.

I am not related to the OP. I was just trying to understand what you meant by your post.

Thanks for the clarification.

DarumAa at 2007-7-12 18:57:17 >

Java programming resources: FAQs, tutorials, compiler and browser download sites, documentation, books lists, IDEs, etc.

what happened if I call doFinal() without any input?

Security Hot Topic

Security

All Classified