[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-jce] need help on IAIK-JCE 2.6

to whom it may concern,

     i have some problem on implementing my security in the web-based application. i'm using jbuilder4 as my IDE and iaik-jce 2.6 as the API for security implementation. my security implementation is as follows :

(a) generate RSA key pair and saved to files named RSAPublicKey.key and RSAPrivateKey.key respectively
(b) generate RC5 secret key and saved to file named RC5.key
(c) i need to sign the message keyed in by user with SHA/RSA instance (signing by using private key from RSAPrivateKey.key)
(d) the message signed from (a) will be encrypted using RC5 secret key (taken from file RC5.key);
(e) the message from (d) will be encrypted again by using public key (from RSAPublicKey.key) to send out to the receiver.

     i encounter problems while implementing the above steps. error occurs during step (e). i have attached the error messages i got from running the appletviewer in JBuilder4. Then when i proceed to web run (some sort like running the applet in web browser), not even step (a) can be successfully run, which means not even the key pair can be generated.

     therefore, i hope anyone who can help because i need the solution quite eagerly. thank you. below are the source code for the program:

Source code:

import java.io.*;
import java.security.*;
import javax.crypto.*;

import sun.misc.*;
import iaik.security.rsa.*;
import iaik.security.provider.IAIK;

public class Security
  static byte[] sigBytes;
  static Cipher cipher;
  static String input = "hello";

  public static void main (String[] args) throws Exception

    /* step (a) - generate RSA key pair and save to file */

    SecureRandom sr = new SecureRandom();
    byte[] pseudoRandom = new byte[100];

    KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");

    System.out.println("Initializing the RSA key pair generator..");

    System.out.println("Generating RSA key pair..");
    System.out.println("This may take a while..");

    //generate RSA key pair
    KeyPair kp = kpg.generateKeyPair();
    System.out.println("RSA public key:");

    //declare RSA public key
    RSAPublicKey pubKey = (RSAPublicKey)kp.getPublic();

    //save the public key to file for later decoding
    try {
      ObjectOutputStream out = new ObjectOutputStream(
        new FileOutputStream("RSAPublicKey.key"));
    } catch(Exception e) {
      System.out.println("Could not save public key ..");

    byte[] pubkeyBytes = pubKey.getEncoded();
    System.out.println("Public key format is:  " + pubKey.getFormat());
    BASE64Encoder encoder = new BASE64Encoder();
    String base64 = encoder.encode(pubkeyBytes);
    System.out.println("RSA Private Key:");

    //declare RSA private key
    RSAPrivateKey privKey = (RSAPrivateKey)kp.getPrivate();

    //save the private key to file for later decoding
    try {
      ObjectOutputStream out = new ObjectOutputStream(
           new FileOutputStream("RSAPrivateKey.key"));
    } catch(Exception e) {
      System.out.println("Could not save private key..");

    byte[] privKeyBytes = privKey.getEncoded();
    System.out.println("Private key format is : " + privKey.getFormat());
    BASE64Encoder encoder2 = new BASE64Encoder();
    base64 = encoder2.encode(privKeyBytes);

    /* step (b) - generate and save a RC5 key to file */

    System.out.println("Generating a RC5 key..");
    KeyGenerator generator = KeyGenerator.getInstance("RC5");

    generator.init(64, new SecureRandom());
    Key key = generator.generateKey();
    System.out.println("Generating RC5 key.. done");

    try {
      ObjectOutputStream out = new ObjectOutputStream(
           new FileOutputStream("RC5.key"));
      System.out.println("RC5 key is saved to file RC5.key");
    } catch(Exception e) {
      System.out.println("Could not save RC5 key to file RC5.key");

    /* step (c) - sign input data with SHA and RSA */

    Signature dsaSig = Signature.getInstance("SHA/RSA");

    System.out.println("Reading private key from file...");

    try {
      ObjectInputStream in = new ObjectInputStream(
           new FileInputStream("RSAPrivateKey.key"));
      privKey = (RSAPrivateKey)in.readObject();
    } catch (Exception e) {
      System.out.println("could not read the private key from file");

    System.out.println("Signing the message with the private key...");

    byte[] argsBytes = input.getBytes("UTF8");
    sigBytes = dsaSig.sign();

    /*  step (d) - read the RC5 secret key from the keyfile to encrypt message being signed */

    try {
      ObjectInputStream in = new ObjectInputStream(
      new FileInputStream("RC5.key"));
      key = (Key)in.readObject();
    } catch (Exception e) {
      System.out.println("Could not read private key from file RC5.key");

    // Create a cipher
    cipher = Cipher.getInstance("RC5/ECB/PKCS5Padding");

    // Initialize the cipher to encryption mode
    cipher.init(Cipher.ENCRYPT_MODE, key);
    byte[] outputBytes = cipher.doFinal(sigBytes);

    /* step (e) - read the RSA public key from the keyfile to encrypt message being encrypted with the 
     RC5 key to send out the message to the receiver */

    byte[] outputBytesRSA;

    System.out.println("Reading public key from file...");

    try {
      ObjectInputStream in = new ObjectInputStream(
           new FileInputStream("RSAPublicKey.key"));
      pubKey = (RSAPublicKey)in.readObject();
    } catch (Exception e) {
      System.out.println("could not read the public key from file");

    try {
      cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
      cipher.init(Cipher.ENCRYPT_MODE, pubKey);
      outputBytesRSA = cipher.doFinal(outputBytes);
    } catch (Exception e) {
        System.out.println("Error in RSA Cipher");

Error messages received:

E:\JBuilder4\jdk1.3\bin\javaw -classpath "E:\Documents and Settings\Michelle Lim Chea Ye\jbproject\PBIKK2\classes;E:\JBuilder4\lib\jbcl.jar;E:\JBuilder4\lib\dx.jar;E:\JBuilder4\lib\beandt.jar;E:\JBuilder4\jdk1.3\demo\jfc\Java2D\Java2Demo.jar;E:\JBuilder4\jdk1.3\jre\lib\i18n.jar;E:\JBuilder4\jdk1.3\jre\lib\jaws.jar;E:\JBuilder4\jdk1.3\jre\lib\rt.jar;E:\JBuilder4\jdk1.3\jre\lib\sunrsasign.jar;E:\JBuilder4\jdk1.3\lib\dt.jar;E:\JBuilder4\jdk1.3\lib\tools.jar;E:\WINNT\Profiles\dbratko\IAIK-JCE2.6ev\lib\iaik_jce_full.jar"  pbikk2.Security 
***                                                                       ***
***                    Welcome to the IAIK JCE Library                    ***
***                                                                       ***
*** This version of IAIK JCE is licensed for educational and research use ***
*** and evaluation only. Commercial use of this software is prohibited.   ***
*** For details please see http://jcewww.iaik.at/legal/license.htm .      ***
*** This message does not appear in the registered commercial version.    ***
***                                                                       ***

adding Provider IAIK...

Java version number: 1.3.0
Java compiler: null
Java vendor-specific string: Sun Microsystems Inc.
Java vendor URL: http://java.sun.com/
Java installation directory: E:\JBuilder4\jdk1.3\jre
Java class format version number: 47.0
Java class path: E:\Documents and Settings\Michelle Lim Chea Ye\jbproject\PBIKK2\classes;E:\JBuilder4\lib\jbcl.jar;E:\JBuilder4\lib\dx.jar;E:\JBuilder4\lib\beandt.jar;E:\JBuilder4\jdk1.3\demo\jfc\Java2D\Java2Demo.jar;E:\JBuilder4\jdk1.3\jre\lib\i18n.jar;E:\JBuilder4\jdk1.3\jre\lib\jaws.jar;E:\JBuilder4\jdk1.3\jre\lib\rt.jar;E:\JBuilder4\jdk1.3\jre\lib\sunrsasign.jar;E:\JBuilder4\jdk1.3\lib\dt.jar;E:\JBuilder4\jdk1.3\lib\tools.jar;E:\WINNT\Profiles\dbratko\IAIK-JCE2.6ev\lib\iaik_jce_full.jar
Operating system name: Windows 2000
Operating system architecture: x86
Operating system version: 5.0

Installed security providers providers:

Provider 1: IAIK  version: 2.6
Provider 2: SUN  version: 1.2
Provider 3: SunRsaSign  version: 1.0
Initializing the RSA key pair generator..
Generating RSA key pair..
This may take a while..
RSA public key:
Public key format is:  X.509
RSA Private Key:
Private key format is : PKCS#8
Generating a RC5 key..
Generating RC5 key.. done
RC5 key is saved to file RC5.key
Reading private key from file...
Signing the message with the private key...
Reading public key from file...
Error in RSA Cipher
javax.crypto.BadPaddingException: PKCS#1 requires data at least 11 bytes shorter than the modulus!

Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-jce/jcethreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-jce