cryptography - How to encode and decode SecretKey in JAVA? - 


keystore ks = keystore.getinstance("jceks"); ks.load(null, null); secretkey skinput = new secretkeyspec("input".getbytes(), "desede"); secretkeyentry skeinput = new keystore.secretkeyentry(skinput); ks.setentry("input_key", skeinput, new keystore.passwordprotection("banana".tochararray())); fileoutputstream fos = new fileoutputstream("my.keystore"); pambks.store(fos, "password".tochararray()); fos.flush(); fos.close();

the code shown above trying encode input secretkey , store keystore. code shown below how retrieve key keystore. not know how decode original value?

fileinputstream fin = new fileinputstream("my.keystore"); keystore ks = keystore.getinstance("jceks"); ks.load(fin, "password".tochararray()); secretkeyentry ske = (secretkeyentry) readks.getentry("input_key", new keystore.passwordprotection("banana".tochararray())); secretkey sk = ske.getsecretkey();

i wasn't sure whether correct way of doing encryption , decryption secretkey, please correct me if i'm wrong.

reading q/a think i've misread question.

you can byte representation of key calling getencoded method on key. after possible use 1 of string constructors revert text. said, should not use string key. note des keys contain parity in last bit, may change result. use strings keys more advisable use hexadecimals. note keys should have enough entropy, , string not provide that.

there several things not entirely correct in code above:

  1. you should not (ever) use "input".getbytes(). first of all, getbytes() uses platform specific default character encoding. if want use des key string, decode decoder of hexadecimals (e.g. in apache commons codec or bouncy castle).

  2. you should use 24 bytes desede keys. "input".getbytes() not return enough bytes.

  3. for des keys pays put key specification through keyfactory if make sure parity bits set. sure key valid.

to amount of key data, use pbkdf2 passwords or use randomly generated keys.

if encrypted key store enough storage encrypted key depends on use case , other security measures.


Comments

Post a Comment

Popular posts from this blog

curl - PHP fsockopen help required -

i trying work on cloudflare api , have found in documentation. unfortunately have no idea how can use in fsockopen or through curl. here example of post request. need know how can make request below data post using curl or fsockopen curl https://www.cloudflare.com/api_json.html -d 'a=cache_lvl' \ -d 'tkn=8afbe6dea02407989af4dd4c97bb6e25' \ -d 'email=sample@example.com' \ -d 'z=example.com' \ -d 'v=agg' here link cloudflare https://www.cloudflare.com/docs/client-api.html#s4.2 try one: $ch = curl_init("https://www.cloudflare.com/api_json.html"); curl_setopt($ch, curlopt_returntransfer,1); curl_setopt($ch, curlopt_followlocation, 1); curl_setopt($ch, curlopt_ssl_verifypeer,false); // handling of -d curl parameter here. $param = array( 'a' => 'cache_lvl', 'tkn' => '8afbe6dea02407989af4dd4c97bb6e25', 'email' => 'sample@example.com', 'z' =...
Read more

HTTP/1.0 407 Proxy Authentication Required PHP -

i working in restricted network/limited access internet. since have use proxy make web service call. here php code calling web service , response . $client = new soapclient("http: //www.xyz.com/abc/wsdls/login.wsdl", array("trace" => 1, "exceptions" => 1, 'proxy_host' => $proxy_host, 'proxy_port' => $proxy_port, 'proxy_login' => $proxy_login, 'proxy_password' => $proxy_password)); response is fatal error: uncaught soapfault exception: [wsdl] soap-error: parsing wsdl: couldn't load ' http://www.xyz.com/abc/wsdls/login.wsdl ' : failed load external entity if copy url error message , paste in browser(with same proxy settings) works. 2nd scenario is, if pass values instead of variables giving me diffarant response $client = new soapclient("http: //www.xyz.com/abc/wsdls/login.wsdl", array("trace" => 1, "exceptions" => 1, 'proxy_host' ...
Read more

c# - Resource not found error -

i have problem accessing method on homecontroller. show code of method : [httpget] public actionresult decriptidentifiantetredirige(string login_crypter, string mdp_crypter) { string loginacrypter = _globalmanager.protegemotdepasse(login_crypter); string mdpacrypter = _globalmanager.protegemotdepasse(mdp_crypter); user userapp = new models.user(login_crypter, mdp_crypter); if (userapp.authentificationvalidee(userapp.userlogin, userapp.password)) { session["name"] = userapp.userlogin; return redirecttoaction("accueil", "home"); } else { return redirecttoaction("validerauthentification", "home"); } } then in routeconfig.cs wrote route : routes.maproute( name: "authentificationapresdecryptage", url: "{controller}/{action}/{login_crypter}/{mdp_crypter}", defaults: new...
Read more