aspose file tools*
The moose likes Security and the fly likes How to get key from  decrypted byte[] Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "How to get key from  decrypted byte[]" Watch "How to get key from  decrypted byte[]" New topic
Author

How to get key from decrypted byte[]

Mumtaz Khan
Ranch Hand

Joined: Feb 21, 2008
Posts: 53
Hi,
I am very new to java security. I am trying some encryption and decryption.
I have two key, k1 and k2. I am encrypting k1 using k2 which generates cipher-text. Before encrypting k1,I got the byte[] for k1 using k1.getEncoded(). I then decrypt cipher-text by using k2 which returns me byte[] object. How can I get back the original key k1? Here is the code
getNewKey() is another method thats generates a key. I tried to use unwrap method, but since I am not wrapping the key, its giving exception. I am not able to generate the original key k1 back from byte[] object decryptedTextkey .
Could anyone please tell me how can I get k1 back?

SCJP 5.0 -- 97%
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42276
    
  64
The parameter passed to doFinal should be the data to encrypt (or decrypt), not they key. Or are you trying to encrypt an encryption key?


Ping & DNS - my free Android networking tools app
Henry Wong
author
Sheriff

Joined: Sep 28, 2004
Posts: 18896
    
  40

Also, it really doesn't make sense to encrypt the key with another key. The only reason to encrypt a key is so that you can place it in an unsecured location, but what are you going to do with the new key? The one use to encrypt the first key? Are you going to place that in an secured location? If so, why didn't you just place the first key in the secured location?


Anyway, to answer your question, I don't think you can. You forgot about the algorithm. A key contains the encoding, the algorithm, and in some cases, other stuff. Just having an encoding, without the algorithm, isn't enough to recreate the key.

To instantiate a key, look into the java.security.spec.KeySpec class.

Henry


Books: Java Threads, 3rd Edition, Jini in a Nutshell, and Java Gems (contributor)
Mumtaz Khan
Ranch Hand

Joined: Feb 21, 2008
Posts: 53
My bad, didn't explain the whole problem. I have a message which I am encrypting with k1 and then encrypting k1 with a symmetric key k2 which is shared with another program. After encryption both encrypted message and encrypted key is being passed to another program which has access to k2. so after decrypting "encrypted key" with k2, I am getting byte[] but now how can I get the original message which has been encrypted using k1? To generate the key I am using "blowfish" algorithm. Now can you help me to recover Key k1 from byte[] object?
Ulf: yes I am trying to encrypt encryption key using a symmetric key.
Henry Wong
author
Sheriff

Joined: Sep 28, 2004
Posts: 18896
    
  40


As already mentioned, have you taken a look at the KeySpec class? For symmetric keys, specifically, the SecretKeySpec class?

Henry
Mumtaz Khan
Ranch Hand

Joined: Feb 21, 2008
Posts: 53
Thanks Henry, it worked
 
jQuery in Action, 2nd edition
 
subject: How to get key from decrypted byte[]