• Post Reply Bookmark Topic Watch Topic
  • New Topic

Cipher Error Java  RSS feed

 
John Joe
Ranch Hand
Posts: 374
3
Android Eclipse IDE Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Cross post: http://stackoverflow.com/questions/43765491/cryptokierror-0xb3-session-handle-invalid

In Era class, it has a lot of function which will create cipher when the function called. Hence, I decided to use generic object pooling. unwrapKey method is one of the function in Era.

Era
    
unwrapKey method in Era

The code sometimes work fine but sometimes not. I getting this error

What does CryptokiError: 0xb3 session handle invalid mean ?
 
Stephan van Hulst
Saloon Keeper
Posts: 7933
143
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
First of all, I still don't understand why you're pooling ciphers. Even IF you need to use them in your application so much, pooling them will do absolutely nothing because constructing them is not expensive. Initializing them is much more expensive, and you have to do that for every encryption or decryption operation anyway. My advice? Get rid of the pool.

Why is the factory that's supposed to create ciphers named MyThreadFactory? It doesn't create threads, it creates ciphers.

Show us how you create ciphers in the first place.

Maybe best is if you explain to us what you're trying to do with your application in general. Why do you need encryption and what are you trying to encrypt?
 
John Joe
Ranch Hand
Posts: 374
3
Android Eclipse IDE Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Stephan,

MyThreadFactory is used to create the cipher instances. My application is connected to HSM application. Without implement object pooling, the open session count will go very high.
 
John Joe
Ranch Hand
Posts: 374
3
Android Eclipse IDE Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
MyThreadFactory
 
John Joe
Ranch Hand
Posts: 374
3
Android Eclipse IDE Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm using JPOS and my pc act as server and client. My application will connect to HSM. Everytime the method in Era get called, it will create Cipher. The open session count in HSM will go very high. I'm doing research on Object Pooling,which reuse the cipher instead of create a new one and come out with the below result.
Before implement Object Pooling:
When shoot 100 in client side, the open session count more than 700 (create cipher everytime method called)
After implement Object Pooling:
When shoot 100, the open session count not more than 200. Value around 100
This is my code

Generate

Era

MyThreadFactory

Sometimes I will successful receive 100 output at the server side but sometimes I get below result

What does this mean ? Error pointed to this line

 
Stephan van Hulst
Saloon Keeper
Posts: 7933
143
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
There is so much wrong with this code. A lot of the names and actions performed make no sense, there are glaring security holes, and I can't imagine that you have to do all this crypto in the first place if you're working with a library like JPOS.

Take a step back and explain to me what the goal of your application is. I don't want to hear technical details like which libraries you're using or anything like that, I want to know what kind of application it is, who is going to be using it, how, and for what.
 
John Joe
Ranch Hand
Posts: 374
3
Android Eclipse IDE Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Stephan van Hulst wrote:Take a step back and explain to me what the goal of your application is. I don't want to hear technical details like which libraries you're using or anything like that, I want to know what kind of application it is, who is going to be using it, how, and for what.

It used for doing transaction which normally include acquirer.
 
Stephan van Hulst
Saloon Keeper
Posts: 7933
143
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
That's not really giving me a lot of information. What kind of transaction. What's an "acquirer"?

Please answer the questions in my last post.
 
John Joe
Ranch Hand
Posts: 374
3
Android Eclipse IDE Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Stephan van Hulst wrote:That's not really giving me a lot of information. What kind of transaction. What's an "acquirer"?
Please answer the questions in my last post.

This application is used for  transaction like processing credit/debit card using terminal...
 
Stephan van Hulst
Saloon Keeper
Posts: 7933
143
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Then why are you performing all these low level cryptographic operations? I can not imagine that the JPOS doesn't already handle this for you. Did you read their manual?

http://jpos.org/doc/proguide-draft.pdf
 
Stephan van Hulst
Saloon Keeper
Posts: 7933
143
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Just to reiterate how important this is. DO NOT WRITE YOUR OWN CRYPTO, ESPECIALLY WHEN WORKING WITH CREDIT CARDS.

Sorry for all caps, but I can not overstate how important this is. If you're going to hack at this problem with your own ciphers, you ARE going to lose people's money.
 
John Joe
Ranch Hand
Posts: 374
3
Android Eclipse IDE Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm sorry if the question was unclear. I have post a new question https://coderanch.com/t/679619/java/Create-objects-GenericObjectPool#3187586. Please have a look if you are free.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!