security - PBEWithSHAAnd128BitRC4 implementation in java -


i using ibm jre , want implement pbewithshaand128bitrc4 algorothm cipher alorithm should use secretkeyfactory , secretkeyspec ,below secret key supporting algos got provider.getinfo() methode ibmjce provider.

cipher algorithms                  : blowfish, aes, des, tripledes, pbewithmd2anddes,                                         pbewithmd2andtripledes, pbewithmd2andrc2,                                         pbewithmd5anddes, pbewithmd5andtripledes,                                         pbewithmd5andrc2, pbewithsha1anddes                                         pbewithsha1andtripledes, pbewithsha1andrc2                                         pbewithshaand40bitrc2, pbewithshaand128bitrc2                                         pbewithshaand40bitrc4, pbewithshaand128bitrc4                                         pbewithshaand2keytripledes, pbewithshaand3keytripledes                                         mars, rc2, rc4, arcfour                                        rsa, seal key agreement algorithm            : diffiehellman key (pair) generator               : blowfish, diffiehellman, dsa, aes, des, tripledes, hmacmd5,                                        hmacsha1, mars, rc2, rc4, rsa, seal, arcfour algorithm parameter generator      : diffiehellman, dsa algorithm parameter                : blowfish, diffiehellman, aes, des, tripledes, dsa, mars,                                        pbewithmd5anddes, rc2 key factory                        : diffiehellman, dsa, rsa secret key factory                 : blowfish, aes, des, tripledes, mars, rc2, rc4, seal, arcfour                                        pkcs5key, pbkdf1 , pbkdf2(pkcs5derived key).

below code giving java.security.invalidkeyexception: missing password exception.

decrypter(string passphrase) throws exception {         secretkeyfactory factory = secretkeyfactory.getinstance("pbkdf2withhmacsha1");         keyspec spec = new pbekeyspec(passphrase.tochararray(), salt, iterationcount, keystrength);         secretkey tmp = factory.generatesecret(spec);         key = new secretkeyspec(tmp.getencoded(), "rc4");         dcipher = cipher.getinstance("pbewithshaand128bitrc4");     }      public string encrypt(string data) throws exception {         dcipher.init(cipher.encrypt_mode, key);         algorithmparameters params = dcipher.getparameters();         system.out.println("getalgorithm : "+params.getalgorithm());         iv = params.getparameterspec(ivparameterspec.class).getiv();         byte[] utf8encrypteddata = dcipher.dofinal(data.getbytes());         string base64encrypteddata = new sun.misc.base64encoder().encodebuffer(utf8encrypteddata);         system.out.println("iv " + new sun.misc.base64encoder().encodebuffer(iv));         system.out.println("encrypted data " + base64encrypteddata);         return base64encrypteddata;     }      public string decrypt(string base64encrypteddata) throws exception {         dcipher.init(cipher.decrypt_mode, key, new ivparameterspec(iv));         byte[] decrypteddata = new sun.misc.base64decoder().decodebuffer(base64encrypteddata);         byte[] utf8 = dcipher.dofinal(decrypteddata);         return new string(utf8, "utf8");     }

one more question ,which secure algorithm amoung default java provider because can not use thrid party bouncycastleprovider ?

thanks .

secure bit of moving target. secure against , how long. if encrypting transaction data has no value hour later, do. if need keep secure long time, want long key pk systems, longer better. pay price on key generation , types of stream encryptions/decryptions.

the number 1 failure of encryption systems not algorithm itself, implementation of system, how keys either generated or stored. said, blowfish , aes both regarded , when implemented should need. can't recommend http://www.schneier.com/ highly enough. applied cryptography bit dated, 10 years or so, cogent explaination of field geared programmers. , blog wealth of information. go there , search if need more details on algorithms. won't ton of in java implementation, can here on so.


Comments

Post a Comment

Popular posts from this blog

Why does Ruby on Rails generate add a blank line to the end of a file? -

running rails generate controller foo home results in: class foocontroller < application controller def home end end (there's nothing on line in actual file, blank line) is there purpose blank line? it's common use newline indicate end of line, last line. many editors (like vi, use) add in newline silently. consensus text files (especially in unix world) should end in newline, , there have been problems historically if wasn't present. why should text files end newline? the tool used count lines in file "wc" counts newlines in file, without trailing newline show 3 instead of 4. it improves readability of templates used in generator. consider: https://github.com/rails/rails/blob/master/railties/lib/rails/generators/rails/controller/templates/controller.rb to remove trailing newline, template have last line of: end<% end -%> instead of: end <% end -%> that seems less readable me. the discussion below refers ...
Read more

keyboard - Smiles and long press feature in Android -

i've created android keyboard. how add features inserting smilies, , using long keypresses display symbols? to create long-press behavior allows select several options pop-up menu, follow guide (specifically pop-up menu section): http://developer.android.com/guide/topics/ui/menus.html smileys (also known emoticons) combination of keys, understood programs , parsed same way. have do, when clicks smiley face on keyboard, simulate pressing of key combination matching emoticon. example, when clicks smiley, should simulate key presses ':' , ')' :). here's list of emoticons: http://en.wikipedia.org/wiki/list_of_emoticons
Read more

node.js - Bad Request - node js ajax post -

i'm using express 3.0 , node v0.11.0. have button submits form , i'm using ajax post data json object node server. client code is: $('#contact').submit(function(e) { console.log('submit called'); var formdata = json.stringify($('form').serializeobject()); console.log(formdata); $.ajax({ url: "http://localhost:3000/savedata/", type: "post", datatype: 'json', data: {objectdata: formdata}, contenttype: "application/json", complete: function() { console.log('process complete'); }, success: function(data) { console.log('process sucess'); }, error: function() { console.log('process error'); }, }); return false; }); then on server: var express = require('express'); var app = express(); app.set('views', __dirname + '/views'); app.set('view engine', 'jade'); app.use(express.bodyparser());...
Read more