What are right values for Algorithm/Mode/Padding for asymmetric encryption?
I generated key pair using RSA, then I created Cipher object with RSA algorithm (no mode and padding) and tried to write data. here is my code:
c = Cipher.getInstance("RSA");
c.init(Cipher.ENCRYPT_MODE, publicRSAkey);
cout =new CipherOutputStream(out, c);
I got no data in file and no any exception. Where a problem can be? Should I set mode and padding, or a problem is in something else?
[483 byte] By [
dmitryra] at [2007-10-3 3:49:57]
No, all caught exceptions have print stack statements. Stream is getting flushed and closed in finally block. I'll add debug to see if Cipher does work.
Edit: tried c.doFinal(..) and it produces some result. So it seems working, probably I need trying JDK 1.5, because I use some beta of 1.6.
Message was edited by:
dmitryr
Using RSA in this manner is probably not a good idea and probably will not do what you want. First, the underlying cipher object does internal buffering; you will not get any output until you write at least a full block size of bytes through the CipherOutputStream, unless you call CipherOutputStream.close(). Second, you are completely at the mercy of the underlying Cipher class' idiosyncrasies. Sun's RSA implementation in com.sun.crypto.provider.RSACipher has two biggies: the update() method always returns a zero length array and you can only encrypt one RSA block per init().
Futhermore, the contract for CIpherOutputStream clearly states "This class adheres strictly to the semantics, especially the failure semantics, of its ancestor classes java.io.OutputStream and java.io.FilterOutputStream. This class has exactly those methods specified in its ancestor classes, and overrides them all. Moreover, this class catches all exceptions that are not thrown by its ancestor classes."
Really. If you mess up the RSA cipher the most likely result is an IllegalBlockSizeException. This is swallowed up the CipherOutputStream class and you never know it was there.
Possibly the BC provider's RSA cipher might be more accomodating
Thank you for clarification. Yes, it seems the first case. if a portion of data to be encrypted is small, then output file is appearing. So generally returning to my question, what's algorithm will be most appropriate for asymmetric encryption of 1-2mb of data? I'm asking for asymmetric, because I want to keep one key on server allowing to anytime encrypt data, and other key on client allowing anytime to decrypt data. So it's sort of design question.
> Thank you for clarification. Yes, it seems the first
> case. if a portion of data to be encrypted is small,
> then output file is appearing. So generally returning
> to my question, what's algorithm will be most
> appropriate for asymmetric encryption of 1-2mb of
> data? I'm asking for asymmetric, because I want to
> keep one key on server allowing to anytime encrypt
> data, and other key on client allowing anytime to
> decrypt data. So it's sort of design question.
Section 13.6 of Practical Cryptography by Ferguson and Schneier published by Wiley ISBN 0-471-22357-3 .
> Thank you mr. Ferguson .Just so that people don't get the idea that I am 'Mr Ferguson' or 'Mr Schneier', I am not and have no association with their book other than to have purchased a copy, to have read most of it and understood some of it.Sabre
