What is the algorithm name for PKCS#5 PBKDF1 in Java?

后端 未结 1 815
梦毁少年i
梦毁少年i 2021-02-11 03:52

I have a couple of questions in using cryptography. I am using AES.

Question 1:

I am trying to Use the SecretKeyFactory cl

1条回答
  •  独厮守ぢ
    2021-02-11 04:35

    Re: Question 1

    Per the Java 6 API docs for SecretKeyFactory,

    Application developers should refer to their provider's documentation to find out which key specifications are supported by the generateSecret and getKeySpec methods. For example, the DES secret-key factory supplied by the "SunJCE" provider supports DESKeySpec as a transparent representation of DES keys, and that provider's secret-key factory for Triple DES keys supports DESedeKeySpec as a transparent representation of Triple DES keys.

    If we look at the SunJCE provider documentation for PKCS, we see...

    PBEWithMD5AndDES: The password-based encryption algorithm as defined in: RSA Laboratories, "PKCS #5: Password-Based Encryption Standard," version 1.5, Nov 1993. Note that this algorithm implies CBC as the cipher mode and PKCS5Padding as the padding scheme and cannot be used with any other cipher modes or padding schemes.

    Re: Question 2

    In the same document, in the section Using Password-Based Encryption, you will find the following sample code. Keep in mind that the sample code uses a static salt, but a secure implementation would use generate a random salt each time the user changes their password.

    PBEKeySpec pbeKeySpec;
    PBEParameterSpec pbeParamSpec;
    SecretKeyFactory keyFac;
    
    // Salt
    byte[] salt = {
        (byte)0xc7, (byte)0x73, (byte)0x21, (byte)0x8c,
        (byte)0x7e, (byte)0xc8, (byte)0xee, (byte)0x99
    };
    
    // Iteration count
    int count = 20;
    
    // Create PBE parameter set
    pbeParamSpec = new PBEParameterSpec(salt, count);
    
    // Prompt user for encryption password.
    // Collect user password as char array (using the
    // "readPasswd" method from above), and convert
    // it into a SecretKey object, using a PBE key
    // factory.
    System.out.print("Enter encryption password:  ");
    System.out.flush();
    pbeKeySpec = new PBEKeySpec(readPasswd(System.in));
    keyFac = SecretKeyFactory.getInstance("PBEWithMD5AndDES");
    SecretKey pbeKey = keyFac.generateSecret(pbeKeySpec);
    
    // Create PBE Cipher
    Cipher pbeCipher = Cipher.getInstance("PBEWithMD5AndDES");
    
    // Initialize PBE Cipher with key and parameters
    pbeCipher.init(Cipher.ENCRYPT_MODE, pbeKey, pbeParamSpec);
    
    // Our cleartext
    byte[] cleartext = "This is another example".getBytes();
    
    // Encrypt the cleartext
    byte[] ciphertext = pbeCipher.doFinal(cleartext);
    

    Other Algorithms

    Again, from the same page. Really, I recommend you read through the whole thing, as it will probably answer other questions you have, as well

    PBEWithAnd or PBEWithAnd: Secret-key factory for use with PKCS #5 password-based encryption, where is a message digest, is a pseudo-random function, and is an encryption algorithm. Examples: PBEWithMD5AndDES (PKCS #5, v 1.5) and PBEWithHmacSHA1AndDESede (PKCS #5, v 2.0). Note: These both use only the low order 8 bits of each password character.

    0 讨论(0)
提交回复
热议问题