Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-5049695

KeyAgreement.generateSecret(String algorithm) doesn't support known algorithms

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: P4 P4
    • None
    • 1.4.2
    • security-libs


      Name: js151677 Date: 05/19/2004


      FULL PRODUCT VERSION :
      java version "1.4.2_04"
      Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.2_04-b05)
      Java HotSpot(TM) Client VM (build 1.4.2_04-b05, mixed mode)

      ADDITIONAL OS VERSION INFORMATION :
      Microsoft Windows XP [Version 5.1.2600]

      A DESCRIPTION OF THE PROBLEM :
      Using a Diffie-Hellman key agreement to generate SecretKeys I found that some algorithms known to the JRE, in particular AES are not supported by the KeyAgreement generateSecret(String algorithm) method. Enumerating providers and services shows that a there is a Key Generator for AES.

      Also there does not appear to be a way to specify the key length for the SecretKey generated by the above method, AES supports at least 128 bit and 256 bit keys according to the java Docs. (It should support 192 bit as well, but that is not documented, and I have not attempted it)

      STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
      Use this code http://www.javaalmanac.com/egs/java.security/ListServices.html to list KeyGenerators. Note the inclusion of AES.

      Use this code http://www.javaalmanac.com/egs/javax.crypto/KeyAgree.html
       but replace the algorithm="DES" with algorithm= "AES" and see that it fails.


      EXPECTED VERSUS ACTUAL BEHAVIOR :
      EXPECTED -
      All known symmetric key generators (as per http://www.javaalmanac.com/egs/javax.crypto/ListKeyGen.html) should be supported.
      ACTUAL -
      Unsupported secret key algorithm: AES

      ERROR MESSAGES/STACK TRACES THAT OCCUR :
      Exception in thread "main" java.security.NoSuchAlgorithmException: Unsupported secret key algorithm: AES
         at com.sun.crypto.provider.DHKeyAgreement.engineGenerateSecret(DashoA6275)
         at javax.crypto.KeyAgreement.generateSecret(DashoA6275)
      ...

      REPRODUCIBILITY :
      This bug can be reproduced always.

      ---------- BEGIN SOURCE ----------
      Found here: http://www.javaalmanac.com/egs/javax.crypto/KeyAgree.html

      replace algorithm="DES" with algorithm="AES"
      ---------- END SOURCE ----------

      CUSTOMER SUBMITTED WORKAROUND :
      use byte [] secret = ka.generateSecret();
      as a seed and explicitly create a "AES" KeyGenerator
      (Incident Review ID: 265224)
      ======================================================================

            valeriep Valerie Peng
            jssunw Jitender S (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved:
              Imported:
              Indexed: