[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AW: [iaik-jce] need help on IAIK-JCE 2.6



Hello,

you might be more appropriate to use a standard format like PKCS#7
(concatenation of types SignedData and EnvelopedData) for creating and
sending your signed and encrypted message. See demo.pkcs.PKCS7Stream,
demo.pkcs.TestContentInfo, demo.pkcs.EncryptedContentInfo for samples. If
you want to use the JavaMail API for actually sending your message, look at
IAIK-S/MIME. Your private key should be stored protected (using, e.g., a
keystore, PKCS#8, or PKCS#12 file) (see demos). RSA key serialization does
not work with IAIK-JCE2.61 because of the obfuscation project settings. You
may use keyfactories for reading the public key. If you use PKCS#7 you will
need a certificate (containing the public key), not only a key pair.
For applets you may use our applet edition which can be used in a similar
way to the standard edition except for the issues outlined in
http://jcewww.iaik.at/JCEAppletEdition/usage.htm.

Regards,
Dieter Bratko

-----Ursprüngliche Nachricht-----
Von: iaik-jce-owner@iaik.tu-graz.ac.at
[mailto:iaik-jce-owner@iaik.tu-graz.ac.at]Im Auftrag von Chea Yee Lim
Gesendet: Freitag, 9. Februar 2001 08:27
An: iaik-jce@iaik.tu-graz.ac.at
Betreff: [iaik-jce] need help on IAIK-JCE 2.6


to whom it may concern,

     i have some problem on implementing my security in the web-based
application. i'm using jbuilder4 as my IDE and iaik-jce 2.6 as the API for
security implementation. my security implementation is as follows :

(a) generate RSA key pair and saved to files named RSAPublicKey.key and
RSAPrivateKey.key respectively
(b) generate RC5 secret key and saved to file named RC5.key
(c) i need to sign the message keyed in by user with SHA/RSA instance
(signing by using private key from RSAPrivateKey.key)
(d) the message signed from (a) will be encrypted using RC5 secret key
(taken from file RC5.key);
(e) the message from (d) will be encrypted again by using public key (from
RSAPublicKey.key) to send out to the receiver.

     i encounter problems while implementing the above steps. error occurs
during step (e). i have attached the error messages i got from running the
appletviewer in JBuilder4. Then when i proceed to web run (some sort like
running the applet in web browser), not even step (a) can be successfully
run, which means not even the key pair can be generated.

     therefore, i hope anyone who can help because i need the solution quite
eagerly. thank you. below are the source code for the program:


Source code:

import java.io.*;
import java.security.*;
import javax.crypto.*;

import sun.misc.*;
import iaik.security.rsa.*;
import iaik.security.provider.IAIK;

public class Security
{
  static byte[] sigBytes;
  static Cipher cipher;
  static String input = "hello";

  public static void main (String[] args) throws Exception
  {
    IAIK.addAsProvider(true);



    /* step (a) - generate RSA key pair and save to file */

    SecureRandom sr = new SecureRandom();
    byte[] pseudoRandom = new byte[100];
    sr.nextBytes(pseudoRandom);

    KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");

    System.out.println("Initializing the RSA key pair generator..");
    kpg.initialize(512,sr);

    System.out.println("Generating RSA key pair..");
    System.out.println("This may take a while..");

    //generate RSA key pair
    KeyPair kp = kpg.generateKeyPair();
    System.out.println("RSA public key:");

    //declare RSA public key
    RSAPublicKey pubKey = (RSAPublicKey)kp.getPublic();

    //save the public key to file for later decoding
    try {
      ObjectOutputStream out = new ObjectOutputStream(
        new FileOutputStream("RSAPublicKey.key"));
      out.writeObject(pubKey);
      out.close();
    } catch(Exception e) {
      System.out.println("Could not save public key ..");
      System.out.println(e);
    }

    byte[] pubkeyBytes = pubKey.getEncoded();
    System.out.println("Public key format is:  " + pubKey.getFormat());
    BASE64Encoder encoder = new BASE64Encoder();
    String base64 = encoder.encode(pubkeyBytes);
    System.out.println(base64);
    System.out.println("RSA Private Key:");

    //declare RSA private key
    RSAPrivateKey privKey = (RSAPrivateKey)kp.getPrivate();

    //save the private key to file for later decoding
    try {
      ObjectOutputStream out = new ObjectOutputStream(
           new FileOutputStream("RSAPrivateKey.key"));
      out.writeObject(privKey);
      out.close();
    } catch(Exception e) {
      System.out.println("Could not save private key..");
      System.out.println(e);
    }

    byte[] privKeyBytes = privKey.getEncoded();
    System.out.println("Private key format is : " + privKey.getFormat());
    BASE64Encoder encoder2 = new BASE64Encoder();
    base64 = encoder2.encode(privKeyBytes);
    System.out.println(base64);



    /* step (b) - generate and save a RC5 key to file */

    System.out.println("Generating a RC5 key..");
    KeyGenerator generator = KeyGenerator.getInstance("RC5");

    generator.init(64, new SecureRandom());
    Key key = generator.generateKey();
    System.out.println("Generating RC5 key.. done");

    try {
      ObjectOutputStream out = new ObjectOutputStream(
           new FileOutputStream("RC5.key"));
      out.writeObject(key);
      out.close();
      System.out.println("RC5 key is saved to file RC5.key");
    } catch(Exception e) {
      System.out.println("Could not save RC5 key to file RC5.key");
      System.out.println(e);
    }



    /* step (c) - sign input data with SHA and RSA */

    Signature dsaSig = Signature.getInstance("SHA/RSA");

    System.out.println("Reading private key from file...");

    try {
      ObjectInputStream in = new ObjectInputStream(
           new FileInputStream("RSAPrivateKey.key"));
      privKey = (RSAPrivateKey)in.readObject();
      in.close();
    } catch (Exception e) {
      System.out.println("could not read the private key from file");
    }

    System.out.println("Signing the message with the private key...");

    dsaSig.initSign(privKey);
    byte[] argsBytes = input.getBytes("UTF8");
    dsaSig.update(argsBytes);
    sigBytes = dsaSig.sign();



    /*  step (d) - read the RC5 secret key from the keyfile to encrypt
message being signed */

    try {
      ObjectInputStream in = new ObjectInputStream(
      new FileInputStream("RC5.key"));
      key = (Key)in.readObject();
      in.close();
    } catch (Exception e) {
      System.out.println("Could not read private key from file RC5.key");
      System.out.println(e);
    }

    // Create a cipher
    cipher = Cipher.getInstance("RC5/ECB/PKCS5Padding");

    // Initialize the cipher to encryption mode
    cipher.init(Cipher.ENCRYPT_MODE, key);
    byte[] outputBytes = cipher.doFinal(sigBytes);



    /* step (e) - read the RSA public key from the keyfile to encrypt
message being encrypted with the
     RC5 key to send out the message to the receiver */

    byte[] outputBytesRSA;

    System.out.println("Reading public key from file...");

    try {
      ObjectInputStream in = new ObjectInputStream(
           new FileInputStream("RSAPublicKey.key"));
      pubKey = (RSAPublicKey)in.readObject();
      in.close();
    } catch (Exception e) {
      System.out.println("could not read the public key from file");
    }

    try {
      cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
      cipher.init(Cipher.ENCRYPT_MODE, pubKey);
      outputBytesRSA = cipher.doFinal(outputBytes);
    } catch (Exception e) {
        System.out.println("Error in RSA Cipher");
        System.out.println(e.toString());
    }
  }
}


Error messages received:

E:\JBuilder4\jdk1.3\bin\javaw -classpath "E:\Documents and Settings\Michelle
Lim Chea
Ye\jbproject\PBIKK2\classes;E:\JBuilder4\lib\jbcl.jar;E:\JBuilder4\lib\dx.ja
r;E:\JBuilder4\lib\beandt.jar;E:\JBuilder4\jdk1.3\demo\jfc\Java2D\Java2Demo.
jar;E:\JBuilder4\jdk1.3\jre\lib\i18n.jar;E:\JBuilder4\jdk1.3\jre\lib\jaws.ja
r;E:\JBuilder4\jdk1.3\jre\lib\rt.jar;E:\JBuilder4\jdk1.3\jre\lib\sunrsasign.
jar;E:\JBuilder4\jdk1.3\lib\dt.jar;E:\JBuilder4\jdk1.3\lib\tools.jar;E:\WINN
T\Profiles\dbratko\IAIK-JCE2.6ev\lib\iaik_jce_full.jar"  pbikk2.Security
***
***
***                    Welcome to the IAIK JCE Library
***
***
***
*** This version of IAIK JCE is licensed for educational and research use
***
*** and evaluation only. Commercial use of this software is prohibited.
***
*** For details please see http://jcewww.iaik.at/legal/license.htm .
***
*** This message does not appear in the registered commercial version.
***
***
***

adding Provider IAIK...

Java version number: 1.3.0
Java compiler: null
Java vendor-specific string: Sun Microsystems Inc.
Java vendor URL: http://java.sun.com/
Java installation directory: E:\JBuilder4\jdk1.3\jre
Java class format version number: 47.0
Java class path: E:\Documents and Settings\Michelle Lim Chea
Ye\jbproject\PBIKK2\classes;E:\JBuilder4\lib\jbcl.jar;E:\JBuilder4\lib\dx.ja
r;E:\JBuilder4\lib\beandt.jar;E:\JBuilder4\jdk1.3\demo\jfc\Java2D\Java2Demo.
jar;E:\JBuilder4\jdk1.3\jre\lib\i18n.jar;E:\JBuilder4\jdk1.3\jre\lib\jaws.ja
r;E:\JBuilder4\jdk1.3\jre\lib\rt.jar;E:\JBuilder4\jdk1.3\jre\lib\sunrsasign.
jar;E:\JBuilder4\jdk1.3\lib\dt.jar;E:\JBuilder4\jdk1.3\lib\tools.jar;E:\WINN
T\Profiles\dbratko\IAIK-JCE2.6ev\lib\iaik_jce_full.jar
Operating system name: Windows 2000
Operating system architecture: x86
Operating system version: 5.0

Installed security providers providers:

Provider 1: IAIK  version: 2.6
Provider 2: SUN  version: 1.2
Provider 3: SunRsaSign  version: 1.0
Initializing the RSA key pair generator..
Generating RSA key pair..
This may take a while..
RSA public key:
Public key format is:  X.509
MFowDQYJKoZIhvcNAQEBBQADSQAwRgJBAJ5Ff5ts7c73uFKF2/WKtTg7G1apBeLR1KWdtHLJfqu3
disWpxkxAkDGvEQo5JX0qG68ST7Dcrbwrj4UEpnTaNcCAQU=
RSA Private Key:
Private key format is : PKCS#8
MIIBUQIBADANBgkqhkiG9w0BAQEFAASCATswggE3AgEAAkEAnkV/m2ztzve4UoXb9Yq1ODsbVqkF
4tHUpZ20csl+q7d2KxanGTECQMa8RCjklfSobrxJPsNytvCuPhQSmdNo1wIBBQJAH6d/6+KV9jGL
Q7RfMRu92AvSRIg0YJBdurkkFvUZVYrHHdz8oAeAqCXTLEk7cvvG8orLRCVvpU89lo0HDIa5JQIh
AMphLztQmysS1FsV0vNJFAcaOG38CDChdL5cdRnnaCBdAiEAyDSWfKhwU+U1QVDnyA31vpfN4u4A
E9rvu/Dd1XPJqsMCIFDzrH4gPhE6u1eiVGFQbmk9sCv+aa0NYeW+lT2Pw0AlAiBQFQj+qcaH9UiA
hsMc0mJMPLjBLAAH8Syxk4vu+x13gQIgaumg73U4aKW/q+Dtf883K0+jK7S3sV4PFlXsB7VadsM=
Generating a RC5 key..
Generating RC5 key.. done
RC5 key is saved to file RC5.key
Reading private key from file...
Signing the message with the private key...
Reading public key from file...
Error in RSA Cipher
javax.crypto.BadPaddingException: PKCS#1 requires data at least 11 bytes
shorter than the modulus!



--
Mailinglist-archive at
http://jcewww.iaik.at/mailarchive/iaik-jce/jcethreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content:
UNSUBSCRIBE iaik-jce




smime.p7s