Win a copy of Kotlin in Action this week in the Kotlin forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Problem in SecretKeyFactory Generation in Applet  RSS feed

Tariq Sultan
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,
I am facing a problem while using security API in applets. What I am using is Bouncy Castle Crypto API. The exact place wher i get the error is where i create the SecretKeyFactory instance
( I have coloured that plcae below ). This code worked fine in applet with IAIK API but giving problem with Bouncy Castle API.

private byte[] makeEncryptedPrivateKey(PrivateKey priKey, String password){
String alg = "1.2.840.113549.";
String provider = "BC";
PBEKeySpec pbeSpec = null;
SecretKeyFactory keyFact = null;
Cipher cipher = null;
byte[] wrappedKey = null;
byte[] encryptKey = null;
EncryptedPrivateKeyInfo pInfo = null;
try {
byte[] salt = new byte[10];
int iterationCount = 100;
PBEParameterSpec defParams = new PBEParameterSpec(salt, iterationCount);
AlgorithmParameters params = AlgorithmParameters.getInstance(alg, provider);
pbeSpec = new PBEKeySpec(password.toCharArray());
keyFact = SecretKeyFactory.getInstance(alg,provider);
cipher = Cipher.getInstance(alg, provider);
cipher.init(Cipher.WRAP_MODE, keyFact.generateSecret(pbeSpec), params);
wrappedKey = cipher.wrap(priKey);
pInfo = new EncryptedPrivateKeyInfo(params, wrappedKey);
encryptKey = pInfo.getEncoded();
catch (Exception ex) {
return encryptKey;

When execution reaches at this point I receive the following error:
/*******************************************/ JCE cannot authenticate the provider BC java.util.jar.JarException:
http://tariq:8080/examples/TestApplet.jar is not signed by a trusted signer.
at javax.crypto.SunJCE_b.a(DashoA6275)
at javax.crypto.SunJCE_b.a(DashoA6275)
at javax.crypto.SecretKeyFactory.getInstance(DashoA6275)
at com.fourthhs.cs.applets.TestApplet.makeEncryptedPrivateKey(
at com.fourthhs.cs.applets.TestApplet.init(
at Source)
at Source)

It shows as if I dont have the trusted Certs to sign the jar but its not the actual case, the Certs are trusted and verified. Morover, before this
piece of code I have generated an RSA key pair and that was generated successfully.
with the same
Will anybody be kind enough to guide me through this problem.


(Tariq Sultan)
Consider Paul's rocket mass heater.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!