A
Andy Fish
Hi,
In my java app I want to include a licence key (see previous post for
detailed information on the futility of this approach
and I need to stop
someone tampering with the key so I need to use some combination of message
hash and encryption. ideally the encryption should be asymmetric so that the
encryption key which goes out with the program (to decrypt the licence key )
is not the same as the one that is used to generate the licence key in the
first place.
so I'm looking for some APIs like
String encrypt (String plaintext, String password)
String decrypt (String cyphertext, String password)
String computeHash(String plaintext, [String password])
Obviously I'm not expecting it to be quite this easy but reading the JCE
documentation it's far from obvious to me how to go about this. I see that
there is a DSA algorithm called SHA1withRSA that sounds like it should do
both in one step, but I can't figure out how to use it.
The only JCE tutorial I've seen uses this:
KeyGenerator kg = KeyGenerator.getInstance(...);
Key key = kg.generateKey();
but I need to save the key and use it later. I can't see any mechanism for
generating a key from a passphrase or deserialising an existing key from a
string or byte array.
Can anyone point me at a simple tutorial or example of doing things like
encryption and message hashing using JCE?
As a subsidiary question, I ran some sample code to list all the provider
information and there were 5 separate providers (SUN, SunJSSE, SunRsaSign,
SunJCE, and SunJGSS). can I safely assume these will all be present on any
installation of Sun's java 1.4? - the documentation only mentioned SunJCE.
Andy
In my java app I want to include a licence key (see previous post for
detailed information on the futility of this approach
and I need to stopsomeone tampering with the key so I need to use some combination of message
hash and encryption. ideally the encryption should be asymmetric so that the
encryption key which goes out with the program (to decrypt the licence key )
is not the same as the one that is used to generate the licence key in the
first place.
so I'm looking for some APIs like
String encrypt (String plaintext, String password)
String decrypt (String cyphertext, String password)
String computeHash(String plaintext, [String password])
Obviously I'm not expecting it to be quite this easy but reading the JCE
documentation it's far from obvious to me how to go about this. I see that
there is a DSA algorithm called SHA1withRSA that sounds like it should do
both in one step, but I can't figure out how to use it.
The only JCE tutorial I've seen uses this:
KeyGenerator kg = KeyGenerator.getInstance(...);
Key key = kg.generateKey();
but I need to save the key and use it later. I can't see any mechanism for
generating a key from a passphrase or deserialising an existing key from a
string or byte array.
Can anyone point me at a simple tutorial or example of doing things like
encryption and message hashing using JCE?
As a subsidiary question, I ran some sample code to list all the provider
information and there were 5 separate providers (SUN, SunJSSE, SunRsaSign,
SunJCE, and SunJGSS). can I safely assume these will all be present on any
installation of Sun's java 1.4? - the documentation only mentioned SunJCE.
Andy