2 Replies Latest reply: Oct 24, 2011 1:27 PM by Arshad Noor RSS

    AES/ECB/ISO10126Padding KeyGenerator not available NoSuchAlgorithmException

    894498
      Hi,

      I'm writing a piece of software that encrypts data to be sent to a 3rd party. The 3rd party have given us some example code which produces some data to test their decryption code. They have asked that we replicate this code at our end to be certain that they will receive data that can be correctly decrypted.

      As part of their code they get an instance of javax.crypto.KeyGenerator using the following code...

      KeyGenerator kgen = KeyGenerator.getInstance("AES/ECB/ISO10126Padding");

      When this is incorporated in to our client code this generates the exception...

      java.security.NoSuchAlgorithmException: AES/ECB/ISO10126Padding KeyGenerator not available

      As I understand it this means that there is not an appropriate algorithm within our version of jce.jar (which is part of our JRE version 1.6.0_25) which supports the specified specification. As a test I change the parameter to the call of getInstance() to "AES" which is less specific and the code works perfectly. The problem with that is we obviously generate encrypted data that they can't decrypt.

      Now I done some searching around and I can't find any information on how to extend our encryption provider list to support the algorithm specification "AES/ECB/ISO10126Padding"... that is I know how to add a provider but don't know where to get an appropriate provider from.

      The 3rd party developer says that they installed no extra providers and that this code works within their development environment which he says is JDeveloper 1.5 which I don't have any knowledge of. However we need to make this work in our deployment environment which run under 1.6.

      Can anyone shed any light on why this algorithm is apparently supported in a JDeveloper 1.5 environment but isn't supported under our java 1.6 environment and/or provide some information on how I can support their algorithm specification within our environment?

      I wasn't party to why they chose this algorithm/mode/padding specifically but as I understand it the main reason was that it was one that worked between their test java client and their .net server.

      Just in case it helps shed any light on what's happening at my end I've included a list off providers and services they provide at the end of this post.

      Many thanks,

      Mark

      2011-10-14 11:51:23,493 util.AesKey - provider <SUN>, version <1.6>, info <SUN (DSA key/parameter generation; DSA

      signing; SHA-1, MD5 digests; SecureRandom; X.509 certificates; JKS keystore; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores, JavaPolicy Policy;

      JavaLoginConfig Configuration)>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <SHA1PRNG>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <SHA1withDSA>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <NONEwithDSA>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <DSA>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <MD2>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <MD5>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <SHA>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <SHA-256>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <SHA-384>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <SHA-512>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <DSA>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <DSA>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <DSA>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <X.509>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <JKS>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <CaseExactJKS>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <JavaPolicy>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <JavaLoginConfig>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <PKIX>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <PKIX>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <LDAP>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <Collection>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <com.sun.security.IndexedCollection>
      2011-10-14 11:51:23,493 util.AesKey - provider <SunRsaSign>, version <1.5>, info <Sun RSA signature provider>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <RSA>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <RSA>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <MD2withRSA>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <MD5withRSA>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <SHA1withRSA>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <SHA256withRSA>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <SHA384withRSA>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <SHA512withRSA>
      2011-10-14 11:51:23,493 util.AesKey - provider <SunJSSE>, version <1.6>, info <Sun JSSE provider(PKCS12, SunX509

      key/trust factories, SSLv3, TLSv1)>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <RSA>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <RSA>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <MD2withRSA>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <MD5withRSA>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <SHA1withRSA>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <MD5andSHA1withRSA>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <SunX509>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <NewSunX509>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <SunX509>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <PKIX>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <SSL>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <SSLv3>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <TLS>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <TLSv1>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <Default>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <PKCS12>
      2011-10-14 11:51:23,493 util.AesKey - provider <SunJCE>, version <1.6>, info <SunJCE Provider (implements RSA,

      DES, Triple DES, AES, Blowfish, ARCFOUR, RC2, PBE, Diffie-Hellman, HMAC)>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <RSA>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <DES>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <DESede>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <DESedeWrap>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <PBEWithMD5AndDES>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <PBEWithMD5AndTripleDES>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <PBEWithSHA1AndRC2_40>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <PBEWithSHA1AndDESede>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <Blowfish>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <AES>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <AESWrap>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <RC2>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <ARCFOUR>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <DES>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <DESede>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <Blowfish>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <AES>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <RC2>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <ARCFOUR>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <HmacMD5>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <HmacSHA1>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <HmacSHA256>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <HmacSHA384>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <HmacSHA512>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <DiffieHellman>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <DiffieHellman>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <DiffieHellman>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <DiffieHellman>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <DES>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <DESede>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <PBE>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <PBEWithMD5AndDES>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <PBEWithMD5AndTripleDES>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <PBEWithSHA1AndDESede>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <PBEWithSHA1AndRC2_40>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <Blowfish>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <AES>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <RC2>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <OAEP>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <DiffieHellman>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <DES>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <DESede>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <PBEWithMD5AndDES>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <PBEWithMD5AndTripleDES>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <PBEWithSHA1AndDESede>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <PBEWithSHA1AndRC2_40>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <PBKDF2WithHmacSHA1>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <HmacMD5>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <HmacSHA1>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <HmacSHA256>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <HmacSHA384>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <HmacSHA512>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <HmacPBESHA1>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <SslMacMD5>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <SslMacSHA1>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <JCEKS>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <SunTlsPrf>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <SunTlsRsaPremasterSecret>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <SunTlsMasterSecret>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <SunTlsKeyMaterial>
      2011-10-14 11:51:23,493 util.AesKey - provider <SunJGSS>, version <1.0>, info <Sun (Kerberos v5, SPNEGO)>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <1.2.840.113554.1.2.2>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <1.3.6.1.5.5.2>
      2011-10-14 11:51:23,493 util.AesKey - provider <SunSASL>, version <1.5>, info <Sun SASL provider(implements

      client mechanisms for: DIGEST-MD5, GSSAPI, EXTERNAL, PLAIN, CRAM-MD5; server mechanisms for: DIGEST-MD5, GSSAPI, CRAM-MD5)>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <DIGEST-MD5>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <GSSAPI>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <EXTERNAL>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <PLAIN>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <CRAM-MD5>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <CRAM-MD5>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <GSSAPI>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <DIGEST-MD5>
      2011-10-14 11:51:23,493 util.AesKey - provider <XMLDSig>, version <1.0>, info <XMLDSig (DOM XMLSignatureFactory;

      DOM KeyInfoFactory)>
      2011-10-14 11:51:23,493 util.AesKey - service algorithm <http://www.w3.org/2000/09/xmldsig#enveloped-signature>
      2011-10-14 11:51:23,503 util.AesKey - service algorithm <http://www.w3.org/2002/06/xmldsig-filter2>
      2011-10-14 11:51:23,503 util.AesKey - service algorithm <http://www.w3.org/2001/10/xml-exc-c14n#WithComments>
      2011-10-14 11:51:23,503 util.AesKey - service algorithm <http://www.w3.org/2001/10/xml-exc-c14n#>
      2011-10-14 11:51:23,503 util.AesKey - service algorithm <http://www.w3.org/TR/2001/REC-xml-c14n-

      20010315#WithComments>
      2011-10-14 11:51:23,503 util.AesKey - service algorithm <DOM>
      2011-10-14 11:51:23,503 util.AesKey - service algorithm <http://www.w3.org/2000/09/xmldsig#base64>
      2011-10-14 11:51:23,503 util.AesKey - service algorithm <http://www.w3.org/TR/2001/REC-xml-c14n-20010315>
      2011-10-14 11:51:23,503 util.AesKey - service algorithm <http://www.w3.org/TR/1999/REC-xpath-19991116>
      2011-10-14 11:51:23,503 util.AesKey - service algorithm <http://www.w3.org/TR/1999/REC-xslt-19991116>
      2011-10-14 11:51:23,503 util.AesKey - service algorithm <DOM>
      2011-10-14 11:51:23,503 util.AesKey - provider <SunPCSC>, version <1.6>, info <Sun PC/SC provider>
      2011-10-14 11:51:23,503 util.AesKey - service algorithm <PC/SC>
      2011-10-14 11:51:23,503 util.AesKey - provider <SunMSCAPI>, version <1.6>, info <Sun's Microsoft Crypto API

      provider>
      2011-10-14 11:51:23,503 util.AesKey - service algorithm <Windows-PRNG>
      2011-10-14 11:51:23,503 util.AesKey - service algorithm <Windows-MY>
      2011-10-14 11:51:23,503 util.AesKey - service algorithm <Windows-ROOT>
      2011-10-14 11:51:23,503 util.AesKey - service algorithm <SHA1withRSA>
      2011-10-14 11:51:23,503 util.AesKey - service algorithm <SHA256withRSA>
      2011-10-14 11:51:23,503 util.AesKey - service algorithm <SHA384withRSA>
      2011-10-14 11:51:23,503 util.AesKey - service algorithm <SHA512withRSA>
      2011-10-14 11:51:23,503 util.AesKey - service algorithm <MD5withRSA>
      2011-10-14 11:51:23,503 util.AesKey - service algorithm <MD2withRSA>
      2011-10-14 11:51:23,503 util.AesKey - service algorithm <RSA>
      2011-10-14 11:51:23,503 util.AesKey - service algorithm <RSA>
      2011-10-14 11:51:23,503 util.AesKey - service algorithm <RSA/ECB/PKCS1Padding>
        • 1. Re: AES/ECB/ISO10126Padding KeyGenerator not available NoSuchAlgorithmException
          894498
          Bad form to reply to my own question but can anyone confirm the following please...

          Following further reading around the subject can anyone confirm that asking for a key generator using an algorithm in the "algorithm/form/padding" form as in...

          KeyGenerator.getInstance("AES/ECB/ISO10126Padding");

          ...is nonsense and what I should be doing is simply asking for an instance specifying just the algorithm like this...

          KeyGenerator.getInstance("AES");

          Then, when I come to do the actual encryption I ask for the cipher using the "algorithm/form/padding" form like this...

          Cipher cipher = Cipher.getInstance("AES/ECB/ISO10126Padding");

          I'm new to all this and the example code I'd been given did this...

          KeyGenerator.getInstance("AES/ECB/ISO10126Padding");
          ...
          Cipher cipher = Cipher.getInstance("AES");

          ...which according to the javax.crypto documentation doesn't make a lot of sense.

          Many thanks,

          Mark
          • 2. Re: AES/ECB/ISO10126Padding KeyGenerator not available NoSuchAlgorithmException
            Arshad Noor
            Yes, that is correct. Valid parameters for the KeyGenerator class are at http://download.oracle.com/javase/6/docs/technotes/guides/security/StandardNames.html#KeyGenerator.

            Arshad Noor
            StrongAuth, Inc.