Page 1 of 1

How to generate DES key without setting it in advance

Posted: Thu Feb 02, 2017 7:19 pm
by Marcat
I would like to generate DES Key inside my applet and use it to encrypt and decrypt data.
However I don't know how to generate a DESKey if I don't set it by myself.

My code is as belows. In this case, I gor error SW_UNINITIALIZED_KEY. Is there any solution to solve this problem.

Code: Select all

DESKey tdesKey;
Cipher desCipher;
byte[] ENC_RESULT;
//  Set DESKey by myself
//byte[] KeyEnc ={(byte)0x51, (byte)0xF5, (byte)0x64, (byte)0x86, (byte)0xE5,(byte)0x04, (byte)0xD6, (byte)0x28,(byte)0x01, (byte)0x45, (byte)0x2A, (byte)0x13, (byte)0x04,(byte)0xE2, (byte)0x5F, (byte)0x7B};

tdesKey = (DESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_DES, KeyBuilder.LENGTH_DES3_2KEY, true);
//tdesKey.setKey(KeyEnc, (short) 0);
desCipher = Cipher.getInstance(Cipher.ALG_DES_ECB_NOPAD, false);
desCipher.init(tdesKey, Cipher.MODE_ENCRYPT);
desCipher.doFinal(Data, (short) 0, (short) Data.length, ENC_RESULT, (short) 0);

Re: How to generate DES key without setting it in advance

Posted: Thu Feb 02, 2017 8:23 pm
by Tazmania09
Here is a method to generate a random DES key.

Code: Select all

RandomData rand = RandomData.getInstance(RandomData.ALG_SECURE_RANDOM);
short lenBytes = (short) (KeyBuilder.LENGTH_DES3_3KEY/8);
byte[] buffer = JCSystem.makeTransientByteArray(lenBytes, JCSystem.CLEAR_ON_DESELECT);
DESKey key = (DESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_DES, KeyBuilder.LENGTH_DES3_3KEY, false);

rand.generateData(buffer, (short) 0, lenBytes);
key.setKey(buffer, (short) 0);


Re: How to generate DES key without setting it in advance

Posted: Mon Feb 06, 2017 9:14 am
by tay00000
Remember to wipe the buffer once you have called the setKey() or by overwriting data or generating another random to lose the data and prevent accidental leak of key material.

Re: How to generate DES key without setting it in advance

Posted: Tue Feb 07, 2017 2:33 am
by Marcat
tay00000 wrote:Remember to wipe the buffer once you have called the setKey() or by overwriting data or generating another random to lose the data and prevent accidental leak of key material.


Thank you very much for your kind tip. I will pay attention to it.