[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-jce] PBE: can the generated secret key be retrieved?


I'm trying to evaluate the IAIK PBE implementation
for compatibility with our existing OpenSSL crypto 
lib -based implementation.  I want to compare keys
generated with OpenSSL to those generated with
the IAIK JCE provider.

With the OpenSSL crypto lib, I can create a key 
based on a message digest, a salt and an iteration 
count.  I can then inspect that key (if I wish) 
and use it with the algorithm for which it was 

In JCE, you create a PBEKeySpec with the password,
but the salt and the iteration count are specified
in the AlgorithmParameterSpec object which is
used to initialize the Cipher object.  From what
I can see, the computed key can never be obtained.

I have to assume this is intentional.  Am I correct?


Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-jce/jcethreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-jce