Unable to encrypt a plain text string--HELP!@!#!@#!@#@
I am using a simple keystore with a simple private key. I am able to locate and access the keystore. I can retrieve the private key from the keystore. However, when I try to encrypt the plain text, I get this error.
info from keystore:
PrivateKey [IBMJCE DSA Private Key:
473129333093505883251479168595983767652254804386
] text [weblogic]
java.security.InvalidKeyException
at com.ibm.crypto.provider.DESedeCipher.engineGetKeySize(Unknown Source)
at javax.crypto.Cipher.init(Unknown Source)
I am working within WSAD.The error message is not very specific to the cause of the error.
I used Java keytool to create the keystore and the private key.
Could someone be so kind and point me in the right direction?
Thanks for any words of wisdom.
Russ
[823 byte] By [
rayraa] at [2007-10-2 5:53:20]
You can't use a DSA key for encryption. DSA keys are for signatures only. Look more carefully at the keytool options and find the one that lets you generate RSA keys.
You are absolutely RIGHT!That was my problem.... Thank you!
I am not successful in getting the Cipher to encrypt the information:
My goal is to create a SecretKey using DESede algrothim that must be 1024 in size.
I am not getting this error:
java.security.InvalidKeyException
at com.ibm.crypto.provider.DESedeCipher.engineGetKeySize(Unknown Source)
at javax.crypto.Cipher.init(Unknown Source)
This is my code:
System.out.println("Key ["+pkey.toString()+"] text ["+text+ "]");
System.out.println("Encryption Algorithm [" +pkey.getAlgorithm()+ "]");
Cipher cipher = Cipher.getInstance(pkey.getAlgorithm()+"/CBC/PKCS5Padding");
byte[] mybytes = pkey.getEncoded();
System.out.println("number of bytes ["+mybytes.length +"]");
cipher.init(Cipher.ENCRYPT_MODE, pkey);
cipherText = cipher.doFinal(text.getBytes());
System.out.println("encrypted text [" +cipherText.toString()+ "]");
This is the print statements that leads me to believe I have the key created correctly.
Key [javax.crypto.spec.SecretKeySpec@b069b903] text [weblogic]
Encryption Algorithm [DESede]
This is how I created the key:
SecretKey my3DesKey = new SecretKeySpec("weblogic".getBytes(), "DESede");
Can someone be so gracious to guide me through this?
Thank you so much for taking the time to read my post.
>
> Can someone be so gracious to guide me through this?
>
To start with -
1) There are not enough bytes in "weblogic".getBytes() to form a reasonable DESede key.
2) You are not providing an IV for the CBC mode.
3) You are trying to convert the byte array containing the encrypted byes to a String using cipherText.toString(). This will give a representation of a pseudo pointer to the array and not a representation of the contents of the array. If you must have a String representation then use Base64or HEX encoding.
4) When you convert your text to bytes you do not specify the encoding.
P.S. What has this go to do with DSA or RSA?
Thank you....I started off trying to encrypt something using DESede, but discovered the keytool using DSA as a default.I hope I am using the right forum
Thank you.
I discovered the DESede algorithm needs 24 bytes for a proper encryption. I fixed this issue by padding it with additional characters. I do not know if this is the correct approach but it did generate the SecretKey.
What is the IV for the CBC mode? Is that the size to read or the length I need returned? Sorry, I don't understand what this term means.
I will look at Base64 encoding so I can see the information only. I am relying on the server to decrypt the information I pass to it.
Is there a reference you can provide so I can bone up on this information?
Thank you again for pointing out some things I did not understand.
> Thank you.
>
> I discovered the DESede algorithm needs 24 bytes for
> a proper encryption. I fixed this issue by padding
> it with additional characters.
Not really!
> I do not know if this
> is the correct approach but it did generate the
> SecretKey.
I would either generate 24 random bytes using SecureRandom and save them to a file
OR
I would use DESede as part of PBE (PasswordBasedEncryption).
>
> What is the IV for the CBC mode? Is that the size to
> read or the length I need returned? Sorry, I don't
> understand what this term means.
Read the CBC information in http://www.cacr.math.uwaterloo.ca/hac/
>
> I will look at Base64 encoding so I can see the
> information only. I am relying on the server to
> decrypt the information I pass to it.
Good! I try to use only the encrypted bytes and think I have failed if I have to generate a String from the encrypted bytes.
>
> Is there a reference you can provide so I can bone up
> on this information?
See http://www.cacr.math.uwaterloo.ca/hac/.
