I do not want to use external, non-standard libraries for more compatibility.Richard Tookey wrote:There seems to be a bug in SecretKeyFactory for the SunJCE provider and it seems to go back to at least JDK1.6. Using your code using BouncyCastle provider works! At some point I shall research this bug but I don't have time at the moment.
Sorry, but code:always give me error: "Inappropriate key specification". What is wrong?Richard Tookey wrote:Fortunately since SecretKeySpec extends SecretKey there is a very simple work round. Just use -
My listed in my post code only in the test case code - it not real work code!Richard Tookey wrote:Notes -
1) Your exception handling is some of the worst I have ever seen. One cannot just ignore exceptions like that. Any exception in that code is absolutely fatal since the whole encryption code fails but in your code without anyone being any the wiser!
Yes, I know this. But Java SunJCE support in the default 128-bit AES; 256-bit AES encryption only supports as perversion. So, DES is my favorite algorithm, and so, 56-bit encryption enough for most instances for encryption texts - more bit encryption want only the FBI/CIA staffs and criminal persons.Richard Tookey wrote:2) DES is no longer considered secure and AES is preferred.
I need to make encryption/decryption methods uses the user random length passwords. I use PBEKeySpecs with salt (Richard Tookey wrote:3) In the JCE DES expects the key to be exactly 8 bytes with the least significant bit of each byte being an odd parity bit. You can get away with not setting the parity. AES expects the key to be either 16, 24 or 32 bytes exactly.
This code only is test case. But not real.Richard Tookey wrote:4) You have created a PBEKeySpec but nothing in your key generation uses it! Any reason? If you are going to use a password to define a key then you should probably be using some form of PBE and not just using the raw bytes of the password as a key.
Sorry, but I have my own conventions for coding, have it from the old school of C/C++.Richard Tookey wrote:5) Please try to use the Java coding conventions. From the point of view of the forum members and other Java developers it makes your code much more readable.
coppermein pezdosos wrote:
I do not want to use external, non-standard libraries for more compatibility.Richard Tookey wrote:There seems to be a bug in SecretKeyFactory for the SunJCE provider and it seems to go back to at least JDK1.6. Using your code using BouncyCastle provider works! At some point I shall research this bug but I don't have time at the moment.
Sorry, but code:always give me error: "Inappropriate key specification". What is wrong?Richard Tookey wrote:Fortunately since SecretKeySpec extends SecretKey there is a very simple work round. Just use -
My listed in my post code only in the test case code - it not real work code!Richard Tookey wrote:Notes -
1) Your exception handling is some of the worst I have ever seen. One cannot just ignore exceptions like that. Any exception in that code is absolutely fatal since the whole encryption code fails but in your code without anyone being any the wiser!
Yes, I know this. But Java SunJCE support in the default 128-bit AES; 256-bit AES encryption only supports as perversion.Richard Tookey wrote:2) DES is no longer considered secure and AES is preferred.
So, DES is my favorite algorithm, and so, 56-bit encryption enough for most instances for encryption texts - more bit encryption want only the FBI/CIA staffs and criminal persons.I need to make encryption/decryption methods uses the user random length passwords. I use PBEKeySpecs with salt (Richard Tookey wrote:3) In the JCE DES expects the key to be exactly 8 bytes with the least significant bit of each byte being an odd parity bit. You can get away with not setting the parity. AES expects the key to be either 16, 24 or 32 bytes exactly.
This code only is test case. But not real.Richard Tookey wrote:4) You have created a PBEKeySpec but nothing in your key generation uses it! Any reason? If you are going to use a password to define a key then you should probably be using some form of PBE and not just using the raw bytes of the password as a key.
Sorry, but I have my own conventions for coding, have it from the old school of C/C++.Richard Tookey wrote:5) Please try to use the Java coding conventions. From the point of view of the forum members and other Java developers it makes your code much more readable.
A "dutch baby" is not a baby. But this tiny ad is baby sized:
a bit of art, as a gift, the permaculture playing cards
https://gardener-gift.com
|