Re: KeyPairGenerator and Cipher Interoperability

Jan Luehe (Jan.Luehe@Eng)
Mon, 6 Jul 1998 15:00:47 -0700 (PDT)

Date: Mon, 6 Jul 1998 15:00:47 -0700 (PDT)
From: Jan Luehe <Jan.Luehe@Eng>
Subject: Re: KeyPairGenerator and Cipher Interoperability
To: java-security@java.Sun.COM, jeaton@cybersource.com

Jason:

> I am trying to generate a asymetric key via KeyPairGenerator and use
> this
> key in a Cipher. I cannot seem to get the appropriate match of
> algorithms.
>
> What combination of algorithms would work with Jdk1.2b3 and JCE1.2? I
> need
> to use both the public key and the private key in two different Ciphers.

RSA would be a candidate. However, the "SUN" and "SunJCE" providers
do not supply it.

> By the way, I also tried to use the keytool to generate a private key
> and
> use this for Cipher initialization. This failed.

Yes, because "keytool" generates DSA keypairs (by default), which are
not suitable for use with ciphers (because DSA is irreversible).
You can specify different key algorithms using the "keyalg"
option in keytool's "genkey" mode.

> The algorithm used is
> to
> create the private key is not available for use in the Cipher class.
>
> The ONLY algorithm that the Cipher seems to support is
> "DES/CBC/PKCS5Padding".

There are a couple more "Cipher" algorithms supplied by the
"SunJCE" provider:
DES and Triple DES (with the addition of "Blowfish" in the
upcoming JCE1.2beta release) in ECB, CBC, CFB, OFB, and PCBC
modes. The "SunJCE" provider also supplies an implementation
of the PBEWithMD5AndDES cipher algorithm (as defined in PKCS #5).

Other providers may supply additional cipher algorithms.
For example, RSA Data Security's "JSAFE" product (version 2.0)
will be a provider for JCE 1.2 and will supply an implementation of
RSA-based signature and cipher algorithms.

Jan