[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-jce] PBE: can the generated secret key be retrieved?

To: "'iaik-jce@iaik.tu-graz.ac.at'" <iaik-jce@iaik.tu-graz.ac.at>
Subject: [iaik-jce] PBE: can the generated secret key be retrieved?
From: "Ruch, Scott" <ScottR@InterWorld.com>
Date: Thu, 8 Feb 2001 15:22:43 -0500
Sender: iaik-jce-owner@iaik.tu-graz.ac.at


Greetings,

I'm trying to evaluate the IAIK PBE implementation
for compatibility with our existing OpenSSL crypto 
lib -based implementation.  I want to compare keys
generated with OpenSSL to those generated with
the IAIK JCE provider.

With the OpenSSL crypto lib, I can create a key 
based on a message digest, a salt and an iteration 
count.  I can then inspect that key (if I wish) 
and use it with the algorithm for which it was 
intended.

In JCE, you create a PBEKeySpec with the password,
but the salt and the iteration count are specified
in the AlgorithmParameterSpec object which is
used to initialize the Cipher object.  From what
I can see, the computed key can never be obtained.

I have to assume this is intentional.  Am I correct?

Thanks,

Scott
--
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-jce/jcethreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-jce

Prev by Date: RE: [iaik-jce] How to use CRL(Certificate Revocation List)
Next by Date: RE: [iaik-jce] How to use CRL(Certificate Revocation List)
Prev by thread: [iaik-jce] Importing a PFX file from IE 5.5
Next by thread: [iaik-jce] How can I import a certificate from IE
Index(es):
- Date
- Thread