Win a copy of Penetration Testing Basics this week in the Security forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Problem in SecretKeyFactory Generation in Applet

Tariq Sultan
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,
I am facing a problem while using security API in applets. What I am using is Bouncy Castle Crypto API. The exact place wher i get the error is where i create the SecretKeyFactory instance
( I have coloured that plcae below ). This code worked fine in applet with IAIK API but giving problem with Bouncy Castle API.

private byte[] makeEncryptedPrivateKey(PrivateKey priKey, String password){
String alg = "1.2.840.113549.";
String provider = "BC";
PBEKeySpec pbeSpec = null;
SecretKeyFactory keyFact = null;
Cipher cipher = null;
byte[] wrappedKey = null;
byte[] encryptKey = null;
EncryptedPrivateKeyInfo pInfo = null;
try {
byte[] salt = new byte[10];
int iterationCount = 100;
PBEParameterSpec defParams = new PBEParameterSpec(salt, iterationCount);
AlgorithmParameters params = AlgorithmParameters.getInstance(alg, provider);
pbeSpec = new PBEKeySpec(password.toCharArray());
keyFact = SecretKeyFactory.getInstance(alg,provider);
cipher = Cipher.getInstance(alg, provider);
cipher.init(Cipher.WRAP_MODE, keyFact.generateSecret(pbeSpec), params);
wrappedKey = cipher.wrap(priKey);
pInfo = new EncryptedPrivateKeyInfo(params, wrappedKey);
encryptKey = pInfo.getEncoded();
catch (Exception ex) {
return encryptKey;

When execution reaches at this point I receive the following error:
/*******************************************/ JCE cannot authenticate the provider BC java.util.jar.JarException:
http://tariq:8080/examples/TestApplet.jar is not signed by a trusted signer.
at javax.crypto.SunJCE_b.a(DashoA6275)
at javax.crypto.SunJCE_b.a(DashoA6275)
at javax.crypto.SecretKeyFactory.getInstance(DashoA6275)
at com.fourthhs.cs.applets.TestApplet.makeEncryptedPrivateKey(
at com.fourthhs.cs.applets.TestApplet.init(
at Source)
at Source)

It shows as if I dont have the trusted Certs to sign the jar but its not the actual case, the Certs are trusted and verified. Morover, before this
piece of code I have generated an RSA key pair and that was generated successfully.
with the same
Will anybody be kind enough to guide me through this problem.


(Tariq Sultan)
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic