0 Replies Latest reply: Apr 18, 2012 10:39 PM by user9503787 RSS

    PBE key for AES

    user9503787
      This was posted on weblogicserver -> Security before. Thought this is a better forum.
      Hi, I would like to use key from PBE for AES encryption. I use this to get the key (jdk142):
      SecureRandom rand = SecureRandom.getInstance("SHA1PRNG");
      byte[] salt = new byte[20];
      rand.nextBytes(salt);
      PBEKeySpec pkeSpec = new PBEKeySpec("theBestSecretKey".toCharArray(), salt, 1000, 128);
      SecretKeyFactory factory = SecretKeyFactory.getInstance("PBEWithMD5AndTripleDES");
      SecretKey  key =  factory.generateSecret(pkeSpec);
      SecretKey secKey = new SecretKeySpec(key.getEncoded(), "AES");
      When I check the bytes of seckey and bytes of "theBestSecretKey", they are the same. Should I get different bytes after the PBE alg? Does it sound right? Do I have to use exact 16 letters string as password? Thanks!