[email protected] wrote:
Hi,I am trying to run the following example code for Mozilla-JSS provider but it always gives:"java.security.InvalidKeyException: Key is not the right type for this algorithm" for init function. The same code runs perfectly fine with Sun default provider.
I took your code snippet and do not see any obvious error. I did a quick test with 1.6.0_07 and the current build of JSS 4.3. what happens when you do the following: java -cp ./jss4.jar org.mozilla.jss.tests.SetupDBs . passwords java -cp ./jss4.jar org.mozilla.jss.tests.JCASymKeyGen . passwordsdoes the above run fine? If no, please create a bug, state what platform, version of java, and version of JSS.
you can look at the source of JCASymKeyGen.java: http://mxr.mozilla.org/security/source/security/jss/org/mozilla/jss/tests/JCASymKeyGen.javaalso in the future it is best to attach a full test program that demonstrates the error.
attached is my test program. -glen
Please let me know if there is anything that needs to be done to make
the code work.
thanks
-P
-----------------------------------------------------------------------------------------------------
CryptoManager manager = CryptoManager.getInstance();
CryptoToken internalToken =
manager.getInternalCryptoToken();
javax.crypto.KeyGenerator kg1 =
javax.crypto.KeyGenerator.getInstance( "AES","Mozilla-JSS" );
kg1.init(128);
SecretKey secretkey1 = kg1.generateKey();
byte[] preSharedKey = secretkey1.getEncoded();
System.out.println("Encoded Key is:" +
StringUtil.bytesToHexString
(preSharedKey));
key = new SecretKeySpec(preSharedKey,"AES");
jss expects key to be declared as SecretKeySpec key;
Cipher enc = Cipher.getInstance( key.getAlgorithm() + "/CBC/PKCS5Padding","Mozilla-JSS"); if(encrypt) System.out.println("Encrypting with: " + key.getAlgorithm()); else System.out.println("Decrypting with: " + key.getAlgorithm()); System.out.println("Key size: " + key.getEncoded().length); System.out.println("Data size: " + data.length); SADebugLogger.info("Encrypting with: " + key.getAlgorithm());SADebugLogger.info("Key size: " + key.getEncoded().length);enc.init(encrypt ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE, key, new IvParameterSpec(iv)); return enc.doFinal(data); -------------------------------------------------------------------------------------------
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.mozilla.jss.CertDatabaseException;
import org.mozilla.jss.CryptoManager;
import org.mozilla.jss.CryptoManager.NotInitializedException;
import org.mozilla.jss.KeyDatabaseException;
import org.mozilla.jss.crypto.AlreadyInitializedException;
import org.mozilla.jss.crypto.CryptoToken;
/**
*
* @author gb
*/
public class testAES {
public static void main(String args[]) throws NoSuchAlgorithmException,
Exception {
boolean encrypt = true;
byte[] data = "this is a quick an dirty test program".getBytes();
SecretKeySpec key;
try {
CryptoManager.initialize(".");
CryptoManager manager = CryptoManager.getInstance();
CryptoToken internalToken = manager.getInternalCryptoToken();
javax.crypto.KeyGenerator kg1 =
javax.crypto.KeyGenerator.getInstance("AES", "Mozilla-JSS");
kg1.init(128);
SecretKey secretkey1 = kg1.generateKey();
byte[] preSharedKey = secretkey1.getEncoded();
key = new SecretKeySpec(preSharedKey, "AES");
Cipher enc = Cipher.getInstance(key.getAlgorithm() +
"/CBC/PKCS5Padding", "Mozilla-JSS");
System.out.println("Encrypting with: " + enc.getAlgorithm());
System.out.println("Key size: " + key.getEncoded().length);
byte[] iv = new byte[key.getEncoded().length];
SecureRandom random = SecureRandom.getInstance("pkcs11prng",
"Mozilla-JSS");
random.nextBytes(iv);
enc.init(encrypt ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE, key,
new IvParameterSpec(iv));
byte[] cipherText = enc.doFinal(data);
AlgorithmParameters ap = enc.getParameters();
enc.init(Cipher.DECRYPT_MODE, key, ap);
System.out.println("Decrypting with: " + enc.getAlgorithm());
byte[] recovered = enc.doFinal(cipherText);
boolean isEqual = true;
for (int i = 0; i < data.length; i++) {
if (data[i] != recovered[i]) {
isEqual = false;
break;
}
}
if (isEqual) {
System.out.println("successful encrypt/decrypt of string: " +
new String(data));
} else {
throw new Exception("encrypt/decrypt failed");
}
} catch (KeyDatabaseException ex) {
Logger.getLogger(testAES.class.getName()).log(Level.SEVERE, null,
ex);
} catch (CertDatabaseException ex) {
Logger.getLogger(testAES.class.getName()).log(Level.SEVERE, null,
ex);
} catch (AlreadyInitializedException ex) {
Logger.getLogger(testAES.class.getName()).log(Level.SEVERE, null,
ex);
} catch (GeneralSecurityException ex) {
Logger.getLogger(testAES.class.getName()).log(Level.SEVERE, null,
ex);
} catch (NotInitializedException ex) {
Logger.getLogger(testAES.class.getName()).log(Level.SEVERE, null,
ex);
}
}
}
smime.p7s
Description: S/MIME Cryptographic Signature
-- dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
