4

I would like to use AES (192 or 256 bits), but am stuck on how to generate a key from a user supplied password.

I have gone through this thread, and am able to run the program in Java 6. However, I need to run the same program in Java 5, and SecretKeyFactory for PBKDF2WithHmacSHA1 is not available in JDK 5.

So, essentially, I need to generate 192 or 256 bits for a SecretKey based on users password, and I would like a secure way to do that in java 5.

Help appreciated!

EDIT #1 Just to avoid getting stuck, I am now using 128 bits from MD5(user-entered-password + fixed-salt) as the key to AES. I know it sucks, and will change it the moment I figure out a good way to generate the key.

Community
  • 1
  • 1
Sripathi Krishnan
  • 30,948
  • 4
  • 76
  • 83
  • It might help if you post the code you have that works in Java6. – Jim Garrison Aug 23 '10 at 14:44
  • @Jim - see accepted answer to this question - http://stackoverflow.com/questions/992019/java-256bit-aes-encryption. The code works perfect in JDK6, but I am out of ideas trying to get it work for JDK 5 – Sripathi Krishnan Aug 23 '10 at 15:28
  • So grab the code from a higher Java version 1.5 and create your own API, or do likewise using Bouncy Castle. Can't be that hard. – Maarten Bodewes Mar 08 '13 at 19:42

1 Answers1

-2

Is there a reason you want PBKDF2WithHmacSHA1?

SecretKeyFactory existed in 1.4.2, so you might look here.

Dean J
  • 39,360
  • 16
  • 67
  • 93
  • 2
    SecretKeyFactory existed in 1.4.2, but it doesn't implement the PBKDF2WithHmacSHA1 algorithm. The link you pasted uses KeyFactory to generate keys, which is not suitable for my purposes. I need to generate a key from a password using some sort of key distribution function -- but I can't find a good way to do it in JDK 5 – Sripathi Krishnan Aug 23 '10 at 19:37