You could use PBE (password-based encryption) to generate a key from a
password and salt, which you store someplace safe. The password can be a
string of any length. There's an example of creating and using keys this way
in the code for PKCS #7 and PKCS #12:
http://lxr.mozilla.org/mozilla/source/security/jss/org/mozilla/jss/pkcs7/EncryptedContentInfo.java#156
Unfortunately there isn't a nice way to extract the value of your key or
create a key from bits.
Also, you'd be better off using a stronger algorithm than DES. Might I suggest
DES3 (triple-DES)? What mode are you using it in: CBC?
Doug Davies wrote:
> Hi, I'm using JSS for https transaction from my server to another server,
> but I'm also using the encryption classes to do some encoding of cookies.
> I'm using the following initialization code to get the SymmetricKey I will
> need in the Cipher initDecrypt and initEncrypt methods:
>
> CryptoManager.initialize("secmod.db", "key3.db", "cert7.db");
>
> cm = CryptoManager.getInstance();
> ct = cm.getInternalCryptoToken();
>
> kg = ct.getKeyGenerator(KeyGenAlgorithm.DES);
> sk = kg.generate();
>
> However, I have two web servers that the user can bounce between and I need
> this key to be the same on both servers so that the cookie can be encrypted
> and decrypted properly (we can't use ssl on this page because of some
> authentication problems with the package we are using, so we are encrypting
> ourselves). So instead of generating the key on the fly, I need someway to
> generate one from a configuration file or even a hard-coded string in my
> Class, but I don't see a constructor or method for doing this.
>
> Any ideas?
>
> doug davies
