8 Replies Latest reply: Aug 13, 2010 8:56 AM by 843811 RSS

    key.getEncoded()

    Mohan
      Hi,
      My AES key has some characters like '$' etc. So the normal methods to convert string to byte and byte to string didn't seem to work because they use this set of characters.

           
      public static String strHexVal = "0123456789abcdef";
      So I have started using CharsetEncoder, ByteBuffer and CharBuffer and now I am able to encode and decode this sample string successfully.

                
      ByteBuffer bbuf = encoder.encode(CharBuffer.wrap( "Te$$$st" ));
      
                    CharBuffer cbuf = decoder.decode(bbuf);
      But when I use this code to read an actual key from a JCEKS keystore
                   Key key = store.getKey( "aesfileencryption", getPassword() );
      
                   CharBuffer cbuf = decoder.decode( key.getEncoded() );
      I don't get the correct key.

      What am I missing ?


      Thanks,
      Mohan
        • 1. Re: key.getEncoded()
          843811
          Why do you think you need to decode the getEncoded() bytes using a CharsetEncoder? This makes absolutely no sense at all. The getEncoded() method already gives you the bytes of the key and you don't even need to use that since all you need is the Key object.

          You ignored me in your last thread and I expect you to ignore me once again but go back and read your book.
          • 2. Re: key.getEncoded()
            Mohan
            I could get it to work by
            ByteBuffer.wrap( buf );
            and passing thte ByteBuffer to the following method.

                     CharsetDecoder decoder = charset.newDecoder();
            
                 CharBuffer cbuf = decoder.decode( bbuf );
            • 3. Re: key.getEncoded()
              843811
              YOU DON'T NEED ANY OF THAT. I SAY AGAIN - YOU DON'T NEED ANY OF THAT.

              You just need the Key object caste to a SecretKey.
              • 4. Re: key.getEncoded()
                Mohan
                You weren't ignored. Only one of us can have the last word :-)

                My key has some symbols like '$'. I couldn't get it to print that type of key using the this set of characters 0123456789abcdef.



                Thanks,
                Mohan
                • 5. Re: key.getEncoded()
                  843811
                  Mohan.R wrote:
                  You weren't ignored. Only one of us can have the last word :-)

                  My key has some symbols like '$'. I couldn't get it to print that type of key using the this set of characters 0123456789abcdef.
                  No it doesn't. Your key has bytes that possibly cannot be converted to characters. You don't need to be able to print the key content. You don't need to convert the bytes to a String or characters you just need the Key object. APART FROM MAYBE CASTING IT TO A SecretKey, NO OTHER PROCESSING IS REQUIRED.
                  • 6. Re: key.getEncoded()
                    Mohan
                              public static Cipher getCipher( String key ) throws Exception{
                    
                                     byte[] raw = key.getBytes("UTF8");
                    
                                     SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
                    I think I understand. You are saying that the bytes can be directly used instead of this code.
                    • 7. Re: key.getEncoded()
                      843811
                      If you are getting the key from a key store your getCipher() method should just have a SecretKey as an argument. i.e
                        public static Cipher getCipher( SecretKey key ) throws Exception
                      You never ever ever ever ever need keys as printable characters or Strings.


                      Cryptography is about bytes and one almost never needs a String version of ciphertext or keys. On the very rare occasions that one does then one should use Base64 or Hex or ASCII85 encoding and not character encoding.

                      Edited by: sabre150 on Aug 13, 2010 7:25 PM

                      Looks like I get the last word again. Being ignored by people who don't want to hear that they are doing something fundamentally wrong is just about par for this forum.

                      Bye
                      • 8. Re: key.getEncoded()
                        EJP
                        Standard operating procedure in fact. They also get to patronize you for not understanding the question, and they typically have to be told something at least four times before they 'begin to understand', whereupon they ask you to confirm what you've already said all those times, or tell you what you've been been saying, often incorrectly,just to be sure.

                        As in this case.