Can't get cryptography working with assymetric key

princec · November 26, 2003, 11:41am

Can anyone explain this:


java.security.NoSuchAlgorithmException: No such algorithm: RSA
      at javax.crypto.SunJCE_b.c(DashoA6275)
      at javax.crypto.SunJCE_b.a(DashoA6275)
      at javax.crypto.Cipher.a(DashoA6275)
      at javax.crypto.Cipher.getInstance(DashoA6275)

When trying to create a Cipher object? The J2SDK1.4.2 docs clearly state that RSA is an algorithm supported by Cipher, but the list of available algorithms actually supported also clearly doesn’t have RSA in it.

I’m really, really annoyed >:(

Cas

cfmdobbie · November 26, 2003, 5:52pm

Quick Google for you:

http://forums.cookienest.com/mobile/thread.php?topic_id=7014&&start=10

[quote]This is just a pointer to the standard names. What algorithms are actually supported depends on the installed providers. You’ll have to download and install a provider that implements a RSA cipher. (Rememeber in 1.4 this provider has to be signed).
[/quote]
FWIW, I’ve had no problems using the Cryptix implementation before, and the latest version seems to support a number of RSA variants.

princec · November 26, 2003, 9:04pm

The docs in this area suffer a serious case of shitness. Thanks Charlie, that’s exactly what I need. I need to trim their jar down a little though!

(This is for credit card details encryption in Alien Flux)

Cas

princec · November 27, 2003, 5:40pm

Criminy! This is just the crappiest bit of programming I’ve had to do in years! Even with the Cryptix stuff it’s still not working!

I only want to do one simple thing - encrypt an instance of a Serializable class and send it somewhere for decryption, such that only I know how to decrypt it. For this I am using RSA public/private ciphers supplied by Cryptix (as, unbelievably, J2RE1.4.2 doesn’t actually include this functionality by default).

And it just doesn’t work!

Has anybody got any suggestions about how to do this? Am I even doing the right thing in the first place?

Cas

blahblahblahh · November 28, 2003, 2:19pm

[quote]Criminy! This is just the crappiest bit of programming I’ve had to do in years! Even with the Cryptix stuff it’s still not working!
[/quote]
If you’re still having trouble next week, mail me. I, ahem, haven’t had internet access (nor even telephones!) for more than two weeks due to a major BT cockup, but am hoping to have something in place by Tuesday. Arrgh.

I’ll have a root round my previous “fun” with encryption/decryption in 1.4.x, but agree entirely that it’s got gaping holes in the docs. I have several times had a lot of excitement discovering that the many different methods relating to installed ciphers do completely pointless or weird and wonderful things, and it’s damned easy to think you’re enabling/loading/installing (different methods for each, with 3 possible interfaces to try each on, with different effects, IIRC!) a cipher, when you’re not. It just looks like you are when you read the source code; you’ve actually called completely the wrong methods.

princec · November 28, 2003, 2:35pm

When I make it work in a bit tonight, not the way I wanted originally at all - I’m now using DES symmetric encryption which means I have to send an unencrypted key over the net anyway - I will post the code here and we can poke holes in the security.

I honestly think that for all the effort I’ve gone to I would have been better off just doing an XOR filter over the data.

Cas

princec · November 28, 2003, 2:50pm

Mmm, now having said that I think I could get it to work the way I originally wanted anyway. I had some success with Cryptix getting RSA to encrypt really small things (<112 bytes or something daft like that) asymmetrically, so I can use RSA to encrypt the secret key and then the DES security is good.

Phew.

Why can’t they just say “You can’t use RSA to encrypt things over X bytes” somewhere? And how come the API doesn’t prevent it? Damn and drat. You get what you pay for I suppose.

Cas

divzero · November 29, 2003, 1:08am

RSA is also very slow.

About the bytes it can encrypt - I found this after googling: “RSA can
encrypt per encryption only the number of bits that equals the lenghh of its key” (http://www.rebol.net/list/list-msgs/32758.html) not sure how authorative that is however.

Will.

princec · November 29, 2003, 9:37am

Yes, that’s entirely correct. What irks me is that you can create a CipherOutputStream with an RSA cipher and instead of following the “principle of least surprise” and doing what you intuitively want it to do - break your data up into chunks of this size - it just barfs if it’s over 111 bytes.

And that’s annoying.

But I think I’ll be using it now in the way it was originally intended, to encrypt a runtime-generated secret key, which will secure my DES encoded credit card data.

This code looks generally so useful I will probably stuff it in the SPGL as generic classes in a while.

Cas