Deriving a secret from a master key using JCE/JCA

Can some point me in the right direction?

I'd like to use JCE/JCA to derive a new key from a master secret key, How can I achieve this?

Regards.

The JCA provides standard password-based key derivation functions like PBKDF2 defined in PKCS#5 v2.0 and RFC 2898. This algorithm creates some random material from a master secret (a password) in order to generate a key suitable for a given cipher.

public byte[] deriveKey(String password, byte[] salt, int keyLen) {
    SecretKeyFactory kf = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
    KeySpec specs = new PBEKeySpec(password.toCharArray(), salt, 1024, keyLen);
    SecretKey key = kf.generateSecret(specs);
    return key.getEncoded();
}

public byte[] encrypt(String password, byte[] plaintext) {
    byte[] salt = new byte[64];
    Random rnd = new Random();
    rnd.nextByte(salt);
    byte[] data = deriveKey(password, salt, 192);
    SecretKey desKey = SecretKeyFactory.getInstance("DESede").generateSecret(new DESedeKeySpec(data));
    Cipher cipher = Cipher.getInstance("DESede/CBC/PKCS5Padding");
    cipher.init(Cipher.ENCRYPT_MODE, desKey);
    return cipher.doFinal(plaintext);
}

来源：https://stackoverflow.com/questions/4513433/deriving-a-secret-from-a-master-key-using-jce-jca

标签

java

cryptography

encryption-symmetric

pkcs#5

易学教程内所有资源均来自网络或用户发布的内容，如有违反法律规定的内容欢迎反馈！
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!