Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.

Dismiss

SecretKeySpec for AES key causes assert failure in PK11KeyWrapper.algFromType() in JSS

16 views

Skip to first unread message

Dean

unread,

Jul 18, 2008, 12:35:28 PM7/18/08

If I try to reconstitute an AES key using a SecretKeySpec and it's key
bytes I get an AssertionException thrown from
PK11KeyWrapper.algFromType(SymmetricKey$Type) when the cipher is
initialized with the KeySpec instance.

According to the doc at http://www.mozilla.org/projects/security/pki/jss/provider_notes.html#SecretKeyFactory
SecretKeySpec is supported for AES keys. Am I missing something or is
this just a bug?

I've included the sample program. The initial encrypt and decrypt
work fine but the exception is thrown on the Cipher.init() call when
passed the SecretKeySpec.

import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

import org.mozilla.jss.CryptoManager;

public class SimpleTest2 {

public static void main(String[] args) throws Exception {

CryptoManager.initialize("");
KeyGenerator kg = KeyGenerator.getInstance("AES", "Mozilla-JSS");
kg.init(128);
SecretKey key = kg.generateKey();

Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding", "Mozilla-
JSS");
cipher.init(Cipher.ENCRYPT_MODE, key);

byte[] iv = cipher.getIV();
System.out.println("IV: " + printArray(iv));

byte[] data1 = new byte[cipher.getBlockSize()];

fill(data1);
System.out.println("Plaintext: " + printArray(data1));
byte[] out1 = cipher.doFinal(data1);

System.out.println("Encrypted: " + printArray(out1));

IvParameterSpec ivSpec = new IvParameterSpec(iv);
cipher.init(Cipher.DECRYPT_MODE, key, ivSpec);
byte[] decrypted = cipher.doFinal(out1);

System.out.println("Decrypted: " + printArray(decrypted));

byte[] keyBytes = key.getEncoded();

System.out.println("Key Bytes: " + printArray(keyBytes));
SecretKeySpec sks = new SecretKeySpec(keyBytes, "AES");

cipher.init(Cipher.ENCRYPT_MODE, sks);
out1 = cipher.doFinal(data1);
}

private static void fill(byte[] decrypted) {
for (int i = 0; i < decrypted.length; i++) {
decrypted[i] = (byte) i;
}
}

private static String printArray(byte[] data1) {
StringBuffer result = new StringBuffer();
result.append("[");
for (int i = 0; i < data1.length; i++) {
result.append(data1[i]);
result.append(", ");
}
result.append("]");
return result.toString();
}
}

0 new messages