Message-Id: <3.0.2.32.19970703102915.007bfb60@preemptive.com>
Date: Thu, 03 Jul 1997 10:29:15 -0400
To: java-security@web2.javasoft.com
From: Dave Miller <dmiller@preEmptive.com>
Subject: wrapping/unwrapping session keys
In-Reply-To: <libSDtMail.9707020935.18670.luehe@shorter>
hi -
in a previous message's response from jan luehe, he
states the following:
>> ...or would storage of a serialized key
>> be more ideal? thanks for any help.
>
>This would be an option, but it does not work in all
>cases. One case where this might not work is when you unwrap
>a (wrapped) session key which you received from another party.
>Let's assume the session key was wrapped under your own public
>key. Now you recover the session key using your own private key,
>and use the recovered session key for decrpyting the data that
>came with it. The unwrap operation would probably return the
>session key as a byte array. This is where you would need
>a key instantiation method as mentioned above (provided in JDK1.2).
>
my question is, how do you go about using a public
key to wrap the session key? with signatures, only
a private key is allowed to sign. in a separate message,
i was also told that DSA is a irreversible algorithm.
the only key pairs i've been able to generate so far
have used the DSA algrotihm. is there an algorithm
available for generating key pairs that is reversible
(i.e. can be used for encryption/decryption).
thanks...
dave