Date: Thu, 5 Mar 1998 10:06:37 -0800 (PST)
From: Jan Luehe <Jan.Luehe@Eng>
Subject: Re: Question: KeyGenerator with Raw Byte
To: java-security@web1.javasoft.com, jessicam@llnl.gov
Jessica:
> Is it possbile to use raw byte to generate a key with the current beta
> release of JDK 1.2 and JCE? Like:
>
> KeyGenerator.generateKey( byte[] key ) {}
>
> This is what we try to do:
>
> 1. Use DH to set up the key agreement
> 2. Use random number to generate a session/traffic key to encrypt the plain
> text using DES.
> 3. Use share secret to encrypt the traffic key.
> 4. Send both the encrypted traffic key and cipher text to the other side to
> decrypt.
>
> I can't seem to get step 3 to work -- take the raw byte from
> KeyAgreement.generateSecret() to generate a key using KeyGenerator. How do
> I take the share secret in raw byte format to generate a key? Am I missing
> something here Or the current release don't provide ways to do this?
I am going to send you some example code that will show you how to do
this in a separate mail (cannot send it to this list because of export
restrictions).
Basically, you create a SecretKeyFactory for DES, and pass the
raw bytes to its "generateSecret" method.
(Note that the KeyPairGenerator class in JDK and the KeyGenerator
class in JCE are intended for the generation of new keys. You use
a KeyFactory or SecretKeyFactory to instantiate a key from existing
key material.)
In the upcoming JCE1.2ea2 release, you will find the "generateSecret"
method of KeyAgreement overloaded as follows:
public final SecretKey generateSecret(String algorithm)
This will allow you to do something like
KeyAgreement ka = ...;
SecretKey k = ka.generateSecret("DES");
i.e., your shared secret will be returned as a SecretKey object of the
specified algorithm. You could then use that SecretKey object to
initialize a Cipher object for encryption (or decryption).
Hope this helps.
Jan