How to set values

Steve Burnett (burnettS@RSA.COM)
Wed, 7 May 1997 10:11:58 -0700

Message-Id: <c=US%a=_%p=RSA_Data_Securit%l=LOBESTER-970507171158Z-2818@LOBESTER.rsa.com>
From: Steve Burnett <burnettS@RSA.COM>
To: "'JavaSoft crypto questions'" <java-security@web2.javasoft.com>
Subject: How to set values
Date: Wed, 7 May 1997 10:11:58 -0700

I have a scenario, but there are steps where I do not know how to do
certain things using the JDK 1.1 Security layer and JCE. I have already
sent email on a couple of these issues, but I thought it might be a good
idea to present this as an entire package.

I receive a signed, RSA enveloped message. The first thing I do is
recall my private key from storage so I can decrypt the session key.
When I have that, I need to build a key object.

1. How do I set the key object with existing data. The generate method
will set the public and private key objects, and I can call getEncoded
to get the key data out (presumably to store), but how do I build an RSA
(or DSA for that matter) key object from existing data?

After I open the envelope, I have symmetric encryption key data. I
need to build a key object with that data.

2. As with the private key, I do not know how to set a secret key object
with existing data.

If the algorithm the sender used was RC2 (or RC5), I need to build a
Cipher object that performs this algorithm.

3. How do I build a Cipher object to execute an algorithm that uses
parameters? RC2 has effective key bits, RC5 has version, rounds, and
word size.

After decrypting the message (and digesting at the same time) I'm
ready to check the signature. I extract the sender's public key from a
certificate and build a key object.

4. As with the private key, how do I set a public key object with
existing data?

I want to respond to this message. I generate a new session key. And
I want to use RC2 at 128 bits.

5. How do I tell the generateKey method to generate 16 bytes?

Now I need to encrypt the key data using the recipient's public key.
I need the key data, not the encoded key. That is what I will encrypt.

6. How do I get the key data alone out of the key object? Do I have to
get the encoded key and parse it myself?

If the Security and JCE infrastructure can do these things and I just
haven't been able to figure them out, please point me to the
documentation that explains it. If the infrastructure cannont do these
things, I would hope you will add this functionality.

--Steve Burnett
burnetts@rsa.com